Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] shadow.gen_password raises an exception #56721

Closed
madrisan opened this issue Apr 20, 2020 · 5 comments
Closed

[BUG] shadow.gen_password raises an exception #56721

madrisan opened this issue Apr 20, 2020 · 5 comments
Labels
Bug broken, incorrect, or confusing behavior

Comments

@madrisan
Copy link
Contributor

Description
The function shadow.gen_password crash with the error message

PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()

Setup
I think no special configuration is required for this issue.

Steps to Reproduce the behavior

[root@salt-master:/srv (master)]# salt salt-master.local shadow.gen_password 'I_am_password' 
salt-master.local:
    ERROR: PID check failed. RNG must be re-initialized after fork(). Hint: Try Random.atfork()

Expected behavior
Salt should generate an hashed password.

Additional context
No problem found in version 2019.2.0 but a system update has been done meanwhile, so some Debian Python 3 packages can have be changed too.

Versions Report

salt --versions-report ``` Salt Version: Salt: 2019.2.3

Dependency Versions:
cffi: Not Installed
cherrypy: 3.5.0
dateutil: 2.5.3
docker-py: Not Installed
gitdb: 2.0.0
gitpython: 2.1.1
ioflo: Not Installed
Jinja2: 2.9.4
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.4.8
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: 2.6.1
pycryptodome: Not Installed
pygit2: Not Installed
Python: 3.5.3 (default, Sep 27 2018, 17:25:39)
python-gnupg: Not Installed
PyYAML: 3.12
PyZMQ: 16.0.2
RAET: Not Installed
smmap: 2.0.1
timelib: Not Installed
Tornado: 4.4.3
ZMQ: 4.2.1

System Versions:
dist: debian 9.12
locale: UTF-8
machine: x86_64
release: 4.9.0-5-amd64
system: Linux
version: debian 9.12

</details>
@madrisan madrisan added the Bug broken, incorrect, or confusing behavior label Apr 20, 2020
@lukasraska
Copy link
Contributor

This should be fixed by #55635 on 3000. Can you verify it works either on version 3000 or when you apply the change in the PR?

@madrisan
Copy link
Contributor Author

madrisan commented Apr 20, 2020
edited
Loading

I confirm that applying the following patch to Salt 2019.2.3:

 from salt.utils.zeromq import zmq, ZMQDefaultLoop, install_zmq, ZMQ_VERSION_INFO
 import salt.transport.client
 import salt.defaults.exitcodes
+import salt.utils.crypt
 
 from salt.utils.ctx import RequestContext
 
@@ -1527,6 +1528,7 @@
                 process = SignalHandlingMultiprocessingProcess(
                     target=self._target, args=(instance, self.opts, data, self.connected)
                 )
+                process._after_fork_methods.append((salt.utils.crypt.reinit_crypto, [], {}))
         else:
             process = threading.Thread(
                 target=self._target,

and restarting the salt-minion process solves the issue. Thanks!

@madrisan
Copy link
Contributor Author

Should I prepare a PR for this?

@lukasraska
Copy link
Contributor

Thanks for confirmatiom. There is no need to create PR, it's already fixed. AFAIK there won't be any other 2019.2.x version, since the newest one is going to be 3001 and even 2019.2.3 was purely security update. So the best option is to upgrade.

@madrisan
Copy link
Contributor Author

Yep sure. We will plan it soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug broken, incorrect, or confusing behavior
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lukasraska @madrisan