StarlingX

sysinv gets unreachable after setting invalid geolocation value

Bug #1952008 reported by Rafael Lucas Camargos
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Low
Rafael Lucas Camargos

Bug Description

Brief Description
-----------------
After modifying the system latitude/longitude value including a special character on the input the system gets unusable as sysinv enters a restart loop

Severity
--------
Provide the severity of the defect.
Minor

Steps to Reproduce
------------------
Execute the following command:
system modify --latitude="1°"

Expected Behavior
------------------
Special characters should be rejected

Actual Behavior
----------------
sysinv gets unreachable throwing errors on the logs

Reproducibility
---------------
100%

System Configuration
--------------------
Any

Branch/Pull Time/Commit
-----------------------
2021-11-22

Last Pass
---------
N/A

Timestamp/Logs
--------------
tailf /var/log/sysinv.log
sysinv 2021-10-19 23:17:30.454 106458 INFO oslo_service.service [-] Caught SIGTERM, stopping children
sysinv 2021-10-19 23:17:30.456 106458 INFO oslo.service.wsgi [-] Stopping WSGI server.
sysinv 2021-10-19 23:17:30.456 107794 INFO oslo.service.wsgi [-] Stopping WSGI server.
sysinv 2021-10-19 23:17:30.456 106458 INFO oslo_service.service [-] Waiting on 1 children to exit
sysinv 2021-10-19 23:17:30.466 106458 INFO oslo_service.service [-] Child 107794 exited with status 0
sysinv 2021-10-19 23:17:30.469 106458 INFO oslo_service.service [-] Caught SIGTERM, stopping children
sysinv 2021-10-19 23:17:30.469 106458 INFO oslo.service.wsgi [-] Stopping WSGI server.
sysinv 2021-10-19 23:17:30.470 106458 INFO oslo_service.service [-] Waiting on 1 children to exit
sysinv 2021-10-19 23:17:30.470 107797 INFO oslo.service.wsgi [-] Stopping WSGI server.
sysinv 2021-10-19 23:17:30.476 106458 INFO oslo_service.service [-] Child 107797 exited with status 0
sysinv 2021-10-19 23:17:33.783 286345 WARNING oslo_config.cfg [-] Deprecated: Option "auth_uri" from group "keystone_authtoken" is deprecated for removal (The auth_uri option is deprecated in favor of www_authenticate_uri and will be removed in the S release.). Its value may be silently ignored in the future.
sysinv 2021-10-19 23:17:33.785 286345 WARNING oslo_config.cfg [-] Deprecated: Option "auth_uri" from group "keystone_authtoken" is deprecated. Use option "www_authenticate_uri" from group "keystone_authtoken".
sysinv 2021-10-19 23:17:33.790 286345 WARNING keystonemiddleware.auth_token [-] AuthToken middleware is set with keystone_authtoken.service_token_roles_required set to False. This is backwards compatible but deprecated behaviour. Please set this to True.
sysinv 2021-10-19 23:17:33.794 286345 INFO oslo.service.wsgi [-] sysinv_api listening on 192.168.204.1:6385
sysinv 2021-10-19 23:17:33.795 286345 INFO oslo_service.service [-] Starting 1 workers
sysinv 2021-10-19 23:17:33.809 286345 WARNING keystonemiddleware._common.config [-] The option "user_domain_name" is not known to keystonemiddleware
sysinv 2021-10-19 23:17:33.810 286345 WARNING keystonemiddleware._common.config [-] The option "auth_url" is not known to keystonemiddleware
sysinv 2021-10-19 23:17:33.811 286345 WARNING keystonemiddleware._common.config [-] The option "project_domain_name" is not known to keystonemiddleware
sysinv 2021-10-19 23:17:33.811 286345 WARNING keystonemiddleware._common.config [-] The option "username" is not known to keystonemiddleware
sysinv 2021-10-19 23:17:33.811 286345 WARNING keystonemiddleware._common.config [-] The option "project_name" is not known to keystonemiddleware
sysinv 2021-10-19 23:17:33.812 286345 WARNING keystonemiddleware._common.config [-] The option "password" is not known to keystonemiddleware
sysinv 2021-10-19 23:17:33.812 286345 WARNING keystonemiddleware.auth_token [-] AuthToken middleware is set with keystone_authtoken.service_token_roles_required set to False. This is backwards compatible but deprecated behaviour. Please set this to True.
sysinv 2021-10-19 23:17:33.818 286345 INFO oslo.service.wsgi [-] sysinv_api_pxe listening on 169.254.202.1:6385
sysinv 2021-10-19 23:17:33.819 286345 INFO oslo_service.service [-] Starting 1 workers

Test Activity
-------------
Developer Testing

Workaround
----------
N/A

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to config (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/config/+/819038

Changed in starlingx:
status: New → In Progress
Ghada Khalil (gkhalil)
tags: added: stx.config
Changed in starlingx:
assignee: nobody → Rafael Lucas Camargos (rcamargo)
importance: Undecided → Low
tags: added: stx.6.0
Ghada Khalil (gkhalil)
tags: removed: stx.6.0
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to config (master)

Reviewed: https://review.opendev.org/c/starlingx/config/+/819038
Committed: https://opendev.org/starlingx/config/commit/f096dcf15903a3b962182f5b85d173a0b1523dd2
Submitter: "Zuul (22348)"
Branch: master

commit f096dcf15903a3b962182f5b85d173a0b1523dd2
Author: Rafael Camargos <email address hidden>
Date: Tue Nov 23 21:18:31 2021 -0300

    Add validation of special chars on system values

    Setting a system value with special characters will get sysinv in a
    dirty state and unreachable. E.g.: `system modify -n='º'`. This is
    caused because isystem DB won't accept these special chars.

    This work adds a validation on the PATCH method of the SystemController
    blocking any special character that is not accepted.

    Test Plan:

    PASS: Verify special characters won't be accepted on system values
    PASS: Verify system installation/bootstrap executes properly
    PASS: Verify the system works properly after setting a value with any of
    the accepted characters: 'a-zA-Z0-9!@#$%^&*()_+-=[]{};:'"|,.<>/? '
    PASS: Verify system https_enabled can be properly toggled

    Closes-Bug: 1952008
    Signed-off-by: Rafael Camargos <email address hidden>
    Change-Id: I1844e6af40c7b82f2c5a6e995947b1c166f82e0d

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
Ghada Khalil (gkhalil) wrote :

screening: Adding stx.6.0 since the fix will be available for that release

tags: added: stx.6.0
Revision history for this message
Rafael Lucas Camargos (rcamargo) wrote :

The commit caused problems in the system bootstrap and is being reverted on https://review.opendev.org/c/starlingx/config/+/821769

Changed in starlingx:
status: Fix Released → In Progress
Revision history for this message
Ghada Khalil (gkhalil) wrote :

The bootstrap issue was with Debian only. It doesn't affect the centos env.

Ghada Khalil (gkhalil)
tags: added: stx.7.0
Ghada Khalil (gkhalil)
tags: removed: stx.6.0
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to config (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/config/+/825545

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to config (master)

Reviewed: https://review.opendev.org/c/starlingx/config/+/825545
Committed: https://opendev.org/starlingx/config/commit/d27a98bcb64a622798d87a74aa048bb50a664df8
Submitter: "Zuul (22348)"
Branch: master

commit d27a98bcb64a622798d87a74aa048bb50a664df8
Author: Rafael Camargos <email address hidden>
Date: Tue Nov 23 21:18:31 2021 -0300

    Add validation of special chars on system values

    Setting a system value with special characters will get sysinv in a
    dirty state and unreachable. E.g.: `system modify -n='º'`. This is
    caused because isystem DB won't accept these special chars.

    This work adds a validation on the PATCH method of the SystemController
    blocking any special character on string fields that is not accepted.

    Test Plan:

    PASS: Verify special characters are not accepted as system values
    PASS: Verify system works properly after setting a value with any of the
    accepted characters: 'a-zA-Z0-9!@#$%^&*()_+-=[]{};:'"|,.<>/? '
    PASS: Verify system https_enabled can be properly toggled
    PASS: Verify validation works properly in Python 3 (tested code snippet)
    PASS: Verify validation is bypassed for non-strings objects

    Regression:

    PASS: Verify system install

    Closes-Bug: 1952008
    Signed-off-by: Rafael Camargos <email address hidden>
    Change-Id: If73cc2bfa881df3e46611178759ca2527d83330b

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.