charm install hook fails when CIS hardening is enabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Thruk Agent Charm |
Won't Fix
|
Low
|
Unassigned |
Bug Description
It fails due to CIS hardening adds filtering for crontab users.
As a workaround had to add www-data to /etc/cron.allow file.
Log is:
2020-05-18 10:10:30 DEBUG install Reading package lists...
2020-05-18 10:10:30 DEBUG install Building dependency tree...
2020-05-18 10:10:30 DEBUG install Reading state information...
2020-05-18 10:10:31 DEBUG install pwgen is already the newest version (2.08-1).
2020-05-18 10:10:31 DEBUG install apache2-utils is already the newest version (2.4.29-
2020-05-18 10:10:31 DEBUG install thruk is already the newest version (2.24-2ubuntu6).
2020-05-18 10:10:31 DEBUG install 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
2020-05-18 10:10:31 DEBUG install 3 not fully installed or removed.
2020-05-18 10:10:31 DEBUG install After this operation, 0 B of additional disk space will be used.
2020-05-18 10:10:31 DEBUG install Setting up thruk-base (2.24-2ubuntu6) ...
2020-05-18 10:10:31 DEBUG install thruk plugins enabled: business_process conf minemap mobile panorama statusmap
2020-05-18 10:10:31 DEBUG install Configuring apache2 vhost ...
2020-05-18 10:10:31 DEBUG install Module alias already enabled
2020-05-18 10:10:31 DEBUG install Module fcgid already enabled
2020-05-18 10:10:31 DEBUG install Considering dependency authn_core for auth_basic:
2020-05-18 10:10:31 DEBUG install Module authn_core already enabled
2020-05-18 10:10:31 DEBUG install Module auth_basic already enabled
2020-05-18 10:10:31 DEBUG install Module rewrite already enabled
2020-05-18 10:10:31 DEBUG install Thruk have been configured for http://
2020-05-18 10:10:31 DEBUG install The default user is 'thrukadmin' with password 'thrukadmin'. You can usually change that by 'htpasswd /etc/thruk/htpasswd thrukadmin'
2020-05-18 10:10:31 DEBUG install The user www-data cannot use this program (crontab)
2020-05-18 10:10:31 DEBUG install dpkg: error processing package thruk-base (--configure):
2020-05-18 10:10:31 DEBUG install installed thruk-base package post-installation script subprocess returned error exit status 1
2020-05-18 10:10:31 DEBUG install dpkg: dependency problems prevent configuration of thruk:
2020-05-18 10:10:31 DEBUG install thruk depends on thruk-base (= 2.24-2ubuntu6); however:
2020-05-18 10:10:31 DEBUG install Package thruk-base is not configured yet.
2020-05-18 10:10:31 DEBUG install
2020-05-18 10:10:31 DEBUG install dpkg: error processing package thruk (--configure):
2020-05-18 10:10:31 DEBUG install dependency problems - leaving unconfigured
2020-05-18 10:10:31 DEBUG install No apport report written because the error message indicates its a followup error from a previous failure.
2020-05-18 10:10:31 DEBUG install dpkg: dependency problems prevent configuration of thruk-plugin-
2020-05-18 10:10:31 DEBUG install thruk-plugin-
2020-05-18 10:10:31 DEBUG install Package thruk-base is not configured yet.
2020-05-18 10:10:31 DEBUG install
2020-05-18 10:10:31 DEBUG install dpkg: error processing package thruk-plugin-
2020-05-18 10:10:31 DEBUG install dependency problems - leaving unconfigured
2020-05-18 10:10:31 DEBUG install No apport report written because the error message indicates its a followup error from a previous failure.
2020-05-18 10:10:31 DEBUG install Errors were encountered while processing:
2020-05-18 10:10:31 DEBUG install thruk-base
2020-05-18 10:10:31 DEBUG install thruk
2020-05-18 10:10:31 DEBUG install thruk-plugin-
2020-05-18 10:10:33 DEBUG install E: Sub-process /usr/bin/dpkg returned an error code (1)
2020-05-18 10:10:33 DEBUG install Traceback (most recent call last):
2020-05-18 10:10:33 DEBUG install File "/var/lib/
2020-05-18 10:10:33 DEBUG install install()
2020-05-18 10:10:33 DEBUG install File "/var/lib/
2020-05-18 10:10:33 DEBUG install apt_install(
2020-05-18 10:10:33 DEBUG install File "/var/lib/
2020-05-18 10:10:33 DEBUG install _run_apt_
2020-05-18 10:10:33 DEBUG install File "/var/lib/
2020-05-18 10:10:33 DEBUG install retry_message=
2020-05-18 10:10:33 DEBUG install File "/var/lib/
2020-05-18 10:10:33 DEBUG install result = subprocess.
2020-05-18 10:10:33 DEBUG install File "/usr/lib/
2020-05-18 10:10:33 DEBUG install raise CalledProcessEr
2020-05-18 10:10:33 DEBUG install subprocess.
2020-05-18 10:10:33 ERROR juju.worker.
Changed in charm-thruk-agent: | |
importance: | Undecided → Low |
status: | New → Triaged |
Hi @dparv,
The customer is going to be deploying thruk-agent on future sites with CIS hardening, and would ultimately like to not have to do this manually to resolve this.
Would you be able to give us an idea, when we'll see an update to get this moving forward
Thanks,
Arif