You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our deployments started failing after the new Chef client release last week; I am currently working on modifying our cloud-init based bootstrap to pin the version of the Chef omnibus installer (unfortunately the cloud-init Chef support doesn't provide any way to do this, so I have to do the installation manually to pin it to a particular version) so I haven't had the time to dive in deep to try to understand what changed in 12.4 to cause it to fail, but the fatal error is in the os-hardening/sysctl.rb recipe, so thought I would give you a "heads up" on this problem...
Here are the most-likely-to-be-relevant info and warnings from the logs of the initial Chef client run:
[2015-06-26T16:01:01+00:00] INFO: Loading cookbooks [publicserver-tlabs@1.1.9, apt@2.7.0, yum@3.6.1, yum-epel@0.6.2, locale@1.0.2, hostsfile@2.4.5, rsyslog@2.0.0, fail2ban@2.2.1, build-essential@2.2.3, mosh@0.4.0, postfix@3.5.0, ubuntu@1.1.8, debian@1.7.2, timezone-ii@0.2.0, apt-periodic@0.2.0, logrotate@1.9.2, cacert@0.2.0, os-hardening@1.2.0, sysctl@0.6.2, ohai@2.0.1, ssh-hardening@1.0.3, chef-client@4.3.0, cron@1.6.1, windows@1.37.0, chef_handler@1.2.0, push-jobs@2.2.0, runit@1.7.2, packagecloud@0.0.19, ssl-vault@1.1.13, chef-vault@1.0.4, sudo@2.7.1, users@1.8.2, etckeeper@1.0.4, git@4.2.2, dmg@2.2.2, bsw_gpg@0.2.3, hostname@0.3.0, bash-CVE-2014-6271@0.1.1, bash-CVE-2014-7169@0.1.0]
[2015-06-26T16:01:01+00:00] WARN: You are overriding windows_package on {:os=>"windows"} with Chef::Resource::WindowsCookbookPackage: used to be Chef::Resource::WindowsPackage. Use override: true if this is what you intended.
[2015-06-26T16:01:01+00:00] WARN: You declared a new resource Chef::Provider::GitClient::Source for resource git_client, but it comes alphabetically after Chef::Provider::GitClient::Package and has the same filters ({:os=>"linux"}), so it will not be used. Use override: true if you want to use it for git_client.
...
================================================================================
Recipe Compile Error in /var/cache/chef/cookbooks/publicserver-tlabs/recipes/default.rb
================================================================================
NoMethodError
-------------
No resource or method named `File' for `Chef::Recipe "sysctl"'
Cookbook Trace:
---------------
/var/cache/chef/cookbooks/os-hardening/recipes/sysctl.rb:46:in `from_file'
/var/cache/chef/cookbooks/os-hardening/recipes/default.rb:30:in `from_file'
/var/cache/chef/cookbooks/publicserver-tlabs/recipes/default.rb:56:in `from_file'[0m
Relevant File Content:
----------------------
/var/cache/chef/cookbooks/os-hardening/recipes/sysctl.rb:
39: rescue
40: log 'WARNING: Could not properly determine the cpu vendor. Fallback to intel cpu.' do
41: level :warn
42: end
43: end
44:
45: # protect sysctl.conf
46>> File '/etc/sysctl.conf' do
47: mode 0440
48: owner 'root'
49: group 'root'
50: end
51:
52: # NSA 2.2.4.1 Set Daemon umask
53: # do config for rhel-family
54: case node['platform_family']
55: when 'rhel', 'fedora'
[2015-06-26T16:01:48+00:00] ERROR: Running exception handlers
[2015-06-26T16:01:48+00:00] ERROR: Exception handlers complete
[0m[2015-06-26T16:01:48+00:00] FATAL: Stacktrace dumped to /var/cache/chef/chef-stacktrace.out
[2015-06-26T16:01:48+00:00] ERROR: No resource or method named `File' for `Chef::Recipe "sysctl"'
[2015-06-26T16:01:48+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)
The text was updated successfully, but these errors were encountered:
Thanks for the pointer to the existing fix - my apologies for opening a duplicate ticket - I should have checked the closed tickets too, but the GitHub issues UI doesn't encourage that as much as it could.
Maybe twitter and/or a blog post would be a useful way to provide notifications about these kinds of things - I noticed that there's now an Ansible os-hardening repository, would love to know when that's ready, but remembering to check every week would be unlikely.
rollbrettler
pushed a commit
to rollbrettler/chef-os-hardening
that referenced
this issue
Sep 16, 2016
Our deployments started failing after the new Chef client release last week; I am currently working on modifying our cloud-init based bootstrap to pin the version of the Chef omnibus installer (unfortunately the cloud-init Chef support doesn't provide any way to do this, so I have to do the installation manually to pin it to a particular version) so I haven't had the time to dive in deep to try to understand what changed in 12.4 to cause it to fail, but the fatal error is in the
os-hardening/sysctl.rb
recipe, so thought I would give you a "heads up" on this problem...Here are the most-likely-to-be-relevant info and warnings from the logs of the initial Chef client run:
The text was updated successfully, but these errors were encountered: