Tâche #34241
Scénario #34240: traitement express MTES
la gestion des acl via l'ead3 ne fonctionne pas
100%
Historique
#1 Mis à jour par Vincent Chavanon il y a presque 2 ans
- Fichier 2022-06-02 17_17_41-.png Voir ajouté
Quand on se connecte à l'ead3 avec le compte eole, sur certains serveurs, on ne peut derouler l'arborescence du serveur en claiquant sur le "+" devant /home, et un carré rouge apparait en bas à gauche (cf. PJ)
le lancant salt-minion en mode debug via la commande /usr/bin/python3 /usr/bin/salt-minion -c /etc/ead3/salt -l debug, ceci remonte :
[INFO ] User eole Executing command ead.acl_find with jid 20220602143409072310 [DEBUG ] Command details {'fun': 'ead.acl_find', 'arg': ['/home', {'__kwarg__': True, 'maxdepth': 1, 'mindepth': 1, 'print': 'name,type'}], 'tgt': 'local', 'jid': '20220602143409072310', 'ret': '', 'tgt_type': 'glob', 'user': 'eole'} [DEBUG ] Subprocess ProcessPayload-Job-20220602143409072310 added [INFO ] User root Executing command saltutil.find_job with jid 20220602143409078740 [DEBUG ] Command details {'fun': 'saltutil.find_job', 'arg': ['20220602143409072310'], 'tgt': 'local', 'jid': '20220602143409078740', 'ret': '', 'tgt_type': 'glob', 'user': 'root'} [DEBUG ] Subprocess ProcessPayload-Job-20220602143409078740 added [DEBUG ] Using importlib_metadata to load entry points [DEBUG ] Using importlib_metadata to load entry points [DEBUG ] LazyLoaded jinja.render [DEBUG ] LazyLoaded yaml.render [DEBUG ] LazyLoaded jinja.render [DEBUG ] LazyLoaded yaml.render [INFO ] Starting a new job 20220602143409072310 with PID 10853 [DEBUG ] Could not LazyLoad direct_call.allow_missing_func: 'direct_call.allow_missing_func' is not available. [INFO ] Starting a new job 20220602143409078740 with PID 10854 [DEBUG ] Could not LazyLoad direct_call.allow_missing_func: 'direct_call.allow_missing_func' is not available. [DEBUG ] LazyLoaded saltutil.find_job [DEBUG ] Minion return retry timer set to 9 seconds (randomized) [INFO ] Returning information for job: 20220602143409078740 [DEBUG ] Initializing new AsyncAuth for ('/var/lib/ead3/etc/salt/pki/minion', 'local', 'tcp://127.0.0.1:4606') [DEBUG ] Connecting the Minion to the Master URI (for the return server): tcp://127.0.0.1:4606 [DEBUG ] Trying to connect to: tcp://127.0.0.1:4606 [DEBUG ] Closing AsyncZeroMQReqChannel instance [DEBUG ] minion return: {'success': True, 'return': {'pid': 10853, 'fun': 'ead.acl_find', 'arg': ['/home', {'__kwarg__': True, 'maxdepth': 1, 'mindepth': 1, 'print': 'name,type'}], 'tgt': 'local', 'jid': '20220602143409072310', 'ret': '', 'tgt_type': 'glob', 'user': 'eole'}, 'retcode': 0, 'jid': '20220602143409078740', 'fun': 'saltutil.find_job', 'fun_args': ['20220602143409072310']} [DEBUG ] Starting new HTTP connection (1): 127.0.0.1 [DEBUG ] http://127.0.0.1:8000 "GET /get//quota/quota/directories HTTP/1.1" 200 36 [DEBUG ] Starting new HTTP connection (1): 127.0.0.1 [DEBUG ] http://127.0.0.1:8000 "GET /get/creole?variable=acl_directories HTTP/1.1" 200 36 [DEBUG ] LazyLoaded ead.acl_find [DEBUG ] LazyLoaded file.find [DEBUG ] Subprocess ProcessPayload-Job-20220602143409078740 cleaned up [DEBUG ] Minion return retry timer set to 8 seconds (randomized) [INFO ] Returning information for job: 20220602143409072310 [DEBUG ] Initializing new AsyncAuth for ('/var/lib/ead3/etc/salt/pki/minion', 'local', 'tcp://127.0.0.1:4606') [DEBUG ] Connecting the Minion to the Master URI (for the return server): tcp://127.0.0.1:4606 [DEBUG ] Trying to connect to: tcp://127.0.0.1:4606 [DEBUG ] Closing AsyncZeroMQReqChannel instance [DEBUG ] minion return: {'success': True, 'return': [['aquota.group', 'f'], ['aquota.user', 'f'], ['backup', 'd'], ['data', 'd'], ['eole', 'd'], ['ftp', 'd'], ['geo-ide-base', 'd'], ['geoide_old.sql', 'f'], ['lost+found', 'd'], ['mail', 'd'], ['nagios', 'd'], ['netlogon', 'd'], ['workgroups', 'd']], 'retcode': 0, 'jid': '20220602143409072310', 'fun': 'ead.acl_find', 'fun_args': ['/home', {'maxdepth': 1, 'mindepth': 1, 'print': 'name,type'}]} [DEBUG ] Subprocess ProcessPayload-Job-20220602143409072310 cleaned up
Si on clique sur le dossier home, on voit bien ses acl.
#2 Mis à jour par Emmanuel GARETTE il y a presque 2 ans
- Statut changé de Nouveau à À valider
- Assigné à mis à Emmanuel GARETTE
- % réalisé changé de 0 à 100
Je viens de backporter en 2.7.1.
#3 Mis à jour par Vincent Chavanon il y a presque 2 ans
- Statut changé de À valider à Résolu
test OK sur des eole 2.7.2 qui rencontraient le soucis
#4 Mis à jour par Philippe Carre il y a presque 2 ans
- Statut changé de Résolu à À valider
Malheureusement , pas tous !
J'ai encore au moins 2 serveurs (Seth 2.7.2), où eole-fichier-actions est à jour (2.7.2-12) et où le pb est tjrs là :
---------------------------------------------------------------------- [INFO ] User ppsrl Executing command ead.acl_find with jid 20220705125433685596 [DEBUG ] Command details {'fun': 'ead.acl_find', 'arg': ['/home', {'__kwarg__': True, 'maxdepth': 1, 'mindepth': 1, 'print': 'name,type'}], 'tgt': 'local', 'jid': '20220705125433685596', 'ret': '', 'tgt_type': 'glob', 'user': 'ppsrl'} [DEBUG ] Subprocess ProcessPayload-Job-20220705125433685596 added [INFO ] User root Executing command saltutil.find_job with jid 20220705125433703075 [DEBUG ] Command details {'fun': 'saltutil.find_job', 'arg': ['20220705125433685596'], 'tgt': 'local', 'jid': '20220705125433703075', 'ret': '', 'tgt_type': 'glob', 'user': 'root'} [DEBUG ] Subprocess ProcessPayload-Job-20220705125433703075 added [DEBUG ] Using importlib_metadata to load entry points [DEBUG ] Using importlib_metadata to load entry points [DEBUG ] LazyLoaded jinja.render [DEBUG ] LazyLoaded yaml.render [DEBUG ] LazyLoaded jinja.render [DEBUG ] LazyLoaded yaml.render [INFO ] Starting a new job 20220705125433685596 with PID 24948 [DEBUG ] Could not LazyLoad direct_call.allow_missing_func: 'direct_call.allow_missing_func' is not available. [INFO ] Starting a new job 20220705125433703075 with PID 24949 [DEBUG ] Could not LazyLoad direct_call.allow_missing_func: 'direct_call.allow_missing_func' is not available. [DEBUG ] LazyLoaded saltutil.find_job [DEBUG ] Minion return retry timer set to 6 seconds (randomized) [INFO ] Returning information for job: 20220705125433703075 [DEBUG ] Initializing new AsyncAuth for ('/var/lib/ead3/etc/salt/pki/minion', 'local', 'tcp://127.0.0.1:4606') [DEBUG ] Connecting the Minion to the Master URI (for the return server): tcp://127.0.0.1:4606 [DEBUG ] Trying to connect to: tcp://127.0.0.1:4606 [DEBUG ] Closing AsyncZeroMQReqChannel instance [DEBUG ] minion return: {'success': True, 'return': {'pid': 24948, 'fun': 'ead.acl_find', 'arg': ['/home', {'__kwarg__': True, 'maxdepth': 1, 'mindepth': 1, 'print': 'name,type'}], 'tgt': 'local', 'jid': '20220705125433685596', 'ret': '', 'tgt_type': 'glob', 'user': 'ppsrl'}, 'retcode': 0, 'jid': '20220705125433703075', 'fun': 'saltutil.find_job', 'fun_args': ['20220705125433685596']} [DEBUG ] Starting new HTTP connection (1): 127.0.0.1 [DEBUG ] http://127.0.0.1:8000 "GET /get/creole?variable=acl_directories HTTP/1.1" 200 36 [DEBUG ] Starting new HTTP connection (1): 127.0.0.1 [DEBUG ] http://127.0.0.1:8000 "GET /get//quota/quota/directories HTTP/1.1" 200 36 [DEBUG ] LazyLoaded ead.acl_find [DEBUG ] LazyLoaded file.find [DEBUG ] Subprocess ProcessPayload-Job-20220705125433703075 cleaned up
Attention , sur ces serveurs seul eole-fichier-actions est à jour (apt install ... sur test-eole, et pas un Maj-Auto) . Est ce qu'il faut mettre à jour d'autres paquets ?
#5 Mis à jour par Philippe Carre il y a environ un an
- Statut changé de À valider à Fermé
- Temps estimé mis à 0.00 h
- Restant à faire (heures) mis à 0.0
Même vérif sur le même serveur (7 mois après!) , le pb est réglé !!
LEs ACL s'affichent correctement , sur tous les dossiers.