Revision 57f8e60f
Added by Alexis Mousset about 7 years ago
| techniques/system/common/1.0/promises.st | ||
|---|---|---|
|
|
||
|
methods:
|
||
|
safe::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Red Button", "None", "Authorizing Cfengine to restart");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Red Button", "None", "Authorizing agent to restart");
|
||
|
|
||
|
commands:
|
||
|
safe.policy_server::
|
||
| ... | ... | |
|
|
||
|
methods:
|
||
|
danger.policy_server::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Red Button", "None", "Actively stopping CFEngine operations on all clients of this policy server (via cf-runagent)");
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Red Button", "None", "Actively stopping agent operations on all nodes managed by this server");
|
||
|
|
||
|
commands:
|
||
|
danger.policy_server::
|
||
| ... | ... | |
|
# because the first call to the logger may be in audit mode.
|
||
|
"create ncf expected reports" usebundle => _create_current_expected_reports_file;
|
||
|
!logger_rudder_final_resfile_error::
|
||
|
"report about ncf init" usebundle => rudder_common_reports_generic("Common", "ncf_init", "&TRACKINGKEY&", "ncf Initialization", "None", "The ncf initialization");
|
||
|
"report about ncf init" usebundle => rudder_common_reports_generic("Common", "ncf_init", "&TRACKINGKEY&", "ncf Initialization", "None", "Configuration library initialization");
|
||
|
logger_rudder_final_resfile_error::
|
||
|
"report about expected reports" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "ncf Initialization", "None", "Could not generate expected reports");
|
||
|
"report about expected reports" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "ncf Initialization", "None", "Could not generate expected reports file");
|
||
|
|
||
|
}
|
||
|
|
||
| ... | ... | |
|
methods:
|
||
|
pass3.!windows::
|
||
|
|
||
|
"any" usebundle => rudder_common_report("Common", "result_na", "&TRACKINGKEY&", "Process checking", "None", "CFEngine proccesses check is done by the rudder-agent CRON job");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_na", "&TRACKINGKEY&", "Process checking", "None", "Rudder agent proccesses check is done by the rudder-agent cron job");
|
||
|
|
||
|
pass3.windows::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Process checking", "None", "There is an acceptable number of CFEngine processes running on the machine"),
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Process checking", "None", "There is an acceptable number of Rudder agent processes running"),
|
||
|
# Here, I can not use the binaries variable as CFEngine will iterate and output two reports, breaking the reporting.
|
||
|
ifvarclass => "!agent_has_gone_wild.!agent_has_gone_really_wild.!execd_has_gone_wild.!execd_has_gone_really_wild";
|
||
|
|
||
| ... | ... | |
|
methods:
|
||
|
|
||
|
pass3.(rsyslogd.!check_rsyslog_version_present)::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Log system for reports", "None", "The file ${g.rudder_tools}/check-rsyslog-version is missing");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Log system for reports", "None", "The file ${g.rudder_tools}/check-rsyslog-version is missing");
|
||
|
|
||
|
pass3.rsyslog_limit_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Log system for reports", "None", "Could not remove limitation of message in rsyslog");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Log system for reports", "None", "Could not remove message limit in rsyslog");
|
||
|
|
||
|
pass3.rsyslog_limit_repaired::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Log system for reports", "None", "Updated the rsyslog configuration to remove limitation of messages");
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Log system for reports", "None", "Updated the rsyslog configuration to remove message limit");
|
||
|
|
||
|
commands:
|
||
|
rsyslogd.check_rsyslog_version_present::
|
||
| ... | ... | |
|
methods:
|
||
|
|
||
|
binaries_fresh.!binaries_rotten.!binaries_missing::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Binaries update", "None", "The CFEngine binaries in ${sys.workdir}/bin are up to date");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Binaries update", "None", "The agent binaries in ${sys.workdir}/bin are up to date");
|
||
|
|
||
|
binaries_rotten.!binaries_missing::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Binaries update", "None", "The CFEngine binaries have been updated in ${sys.workdir}/bin");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Binaries update", "None", "The agent binaries have been updated in ${sys.workdir}/bin");
|
||
|
|
||
|
binaries_missing::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Binaries update", "None", "An error occurred while updating the CFEngine binaries in ${sys.workdir}/bin");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Binaries update", "None", "An error occurred while updating the agent binaries in ${sys.workdir}/bin");
|
||
|
|
||
|
android::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Binaries update", "None", "This is an android machine: no CFEngine binaries update needed");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Binaries update", "None", "This is an android machine: no agent binaries update needed");
|
||
|
|
||
|
nova_edition::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_na", "&TRACKINGKEY&", "Binaries update", "None", "This is an CFEngine enterprise system: binaries update are handled differently");
|
||
| ... | ... | |
|
{
|
||
|
methods:
|
||
|
no_update::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update node's policy (CFEngine promises)");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update configuration policy");
|
||
|
|
||
|
rudder_tools_updated_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update Rudder tools last updated file");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update tools (update flag file)");
|
||
|
|
||
|
rudder_tools_update_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update Rudder tools");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update tools");
|
||
|
|
||
|
rudder_ncf_hash_update_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update Rudder ncf update hash file");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update common configuration library (update flag file)");
|
||
|
|
||
|
rudder_ncf_common_update_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update common Rudder ncf instance");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update common configuration library");
|
||
|
|
||
|
rudder_ncf_local_update_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update local Rudder ncf instance");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update local configuration library");
|
||
|
|
||
|
rudder_promises_generated_tmp_file_error::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update node's policy");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_error", "&TRACKINGKEY&", "Update", "None", "Cannot update configuration policy");
|
||
|
|
||
|
# Success report relies on several matching conditions (nodes except root_server)
|
||
|
# On all nodes except root server:
|
||
| ... | ... | |
|
# There must be NO components in repair or error
|
||
|
# Note: we can't use classes new_promises_available and new_tools_available here because they are local to the update_action bundle
|
||
|
!root_server.(rudder_ncf_hash_update_ok|(rudder_ncf_hash_update_repaired.rudder_ncf_common_updated_ok.rudder_ncf_local_updated_ok)).(policy_server|rudder_tools_updated_kept|(rudder_tools_updated_repaired.rudder_tools_updated_ok)).(rudder_promises_generated_tmp_file_kept|(rudder_promises_generated_tmp_file_repaired.config_ok)).!(rudder_promises_generated_tmp_file_error|rudder_tools_updated_error|rudder_tools_updated|rudder_tools_update_error|rudder_ncf_common_updated|rudder_ncf_common_update_error|rudder_ncf_local_updated|rudder_ncf_local_update_error|config|no_update|rudder_ncf_hash_update_error|rudder_ncf_hash_update_repaired)::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Update", "None", "Rudder policy, tools and ncf instance are already up to date. No action required.");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Update", "None", "Policy, tools and configuration library are already up to date. No action required.");
|
||
|
|
||
|
# Success report relies on several matching conditions (root_server only)
|
||
|
# On the root server only:
|
||
| ... | ... | |
|
# - Simple test: rudder_ncf_local_updated_ok
|
||
|
# There must be NO components in repair or error
|
||
|
root_server.rudder_ncf_common_updated_ok.rudder_ncf_local_updated_ok.!(rudder_ncf_common_updated|rudder_ncf_common_update_error|rudder_ncf_local_updated|rudder_ncf_local_update_error)::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Update", "None", "Rudder ncf instance already up to date on this root server. No action required.");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_success", "&TRACKINGKEY&", "Update", "None", "Configuration library already up to date on this root server. No action required.");
|
||
|
|
||
|
rudder_tools_updated::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Rudder tools updated");
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Tools updated");
|
||
|
|
||
|
rudder_ncf_common_updated::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Rudder ncf common instance updated");
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Common configuration library updated");
|
||
|
|
||
|
rudder_ncf_local_updated::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Rudder ncf local instance updated");
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Local configuration library updated");
|
||
|
|
||
|
config::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Node's policy (CFEngine promises) updated");
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Configuration policy updated");
|
||
|
|
||
|
(config|rudder_tools_updated|rudder_ncf_common_updated|rudder_ncf_local_updated|server_ok|executor_ok).!(rudder_promises_generated_tmp_file_error|rudder_tools_updated_error|rudder_tools_update_error|rudder_ncf_common_update_error|rudder_ncf_local_update_error|no_update|rudder_ncf_hash_update_error)::
|
||
|
"any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Update", "None", "Rudder policy, tools or ncf instance were updated or CFEngine service restarted");
|
||
|
"any" usebundle => rudder_common_report("Common", "result_repaired", "&TRACKINGKEY&", "Update", "None", "Policy, tools or configuration library were updated or agent service restarted");
|
||
|
|
||
|
server_ok::
|
||
|
"any" usebundle => rudder_common_report("Common", "log_repaired", "&TRACKINGKEY&", "Update", "None", "Started the server (cf-serverd)");
|
||
| techniques/system/distributePolicy/1.0/propagatePromises.st | ||
|---|---|---|
|
|
||
|
methods:
|
||
|
root_server::
|
||
|
"any" usebundle => rudder_common_reports_generic("DistributePolicy", "configure_ncf_config", "&TRACKINGKEY&", "Configure ncf", "None", "Configure ncf");
|
||
|
"any" usebundle => rudder_common_reports_generic("DistributePolicy", "configure_ncf_config", "&TRACKINGKEY&", "Configure ncf", "None", "Configure configuration library");
|
||
|
|
||
|
!root_server::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Configure ncf", "None", "Configuration of ncf is not necessary on non root servers");
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_na", "&TRACKINGKEY&", "Configure ncf", "None", "Configuration of configuration library is not necessary on non root servers");
|
||
|
|
||
|
# Success if files are updated or not changed (kept or repaired).
|
||
|
# root server have only tools to be updated and others have tools,
|
||
| ... | ... | |
|
pass3.(((root_server.propagate_tools_ok)|(!root_server.propagate_tools_ok.(promises_propagated|empty_promises_to_propagate).(shared_files_propagated|sharedfiles_not_existent).masterfiles_propagated.ncf_local_promises_propagated.ncf_common_promises_propagated.nodeslist_copied)).!(propagate_tools_error|promises_to_propagate_not_copied|sharedfiles_not_copied|could_not_propagate_masterfiles|could_not_propagate_ncf_local_promise|could_not_propagate_ncf_common_promise|could_not_copy_nodeslist))::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Propagate promises", "None", "All files have been propagated");
|
||
|
pass3.promises_to_propagate_not_copied::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate policy files");
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate policy");
|
||
|
|
||
|
pass3.sharedfiles_not_copied::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate shared files");
|
||
| ... | ... | |
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate tools");
|
||
|
|
||
|
pass3.could_not_propagate_ncf_local_promise::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate local ncf promises");
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate local configuration library");
|
||
|
|
||
|
pass3.could_not_propagate_ncf_common_promise::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate common ncf promises");
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate common configuration library");
|
||
|
|
||
|
pass3.could_not_propagate_masterfiles::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Propagate promises", "None", "Cannot propagate masterfiles");
|
||
| ... | ... | |
|
methods:
|
||
|
|
||
|
pass3.(rudder_inventory_processing_repaired.!rudder_inventory_processing_error)::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Send inventories to CMDB", "None", "Incoming inventories were successfully added to Rudder");
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Send inventories to CMDB", "None", "Incoming inventories were successfully sent to the inventory API");
|
||
|
|
||
|
pass3.rudder_inventory_processing_error::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Send inventories to CMDB", "None", "Some inventories failed to add successfully to Rudder");
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_error", "&TRACKINGKEY&", "Send inventories to CMDB", "None", "Some incoming inventories could not be sent to the inventory API");
|
||
|
|
||
|
pass3.((root_server|role_rudder_relay_top|role_rudder_relay_promises_only).!rudder_inventory_processing_repaired.!rudder_inventory_processing_error)::
|
||
|
"any" usebundle => rudder_common_report("DistributePolicy", "result_success", "&TRACKINGKEY&", "Send inventories to CMDB", "None", "No inventory to send");
|
||
| techniques/system/inventory/1.0/fusionAgent.st | ||
|---|---|---|
|
"any" usebundle => rudder_common_report("Inventory", "result_error", "&TRACKINGKEY&", "inventory", "None", "Could not install ocs");
|
||
|
|
||
|
pass3.cant_install_xen::
|
||
|
"any" usebundle => rudder_common_report("Inventory", "result_error", "&TRACKINGKEY&", "inventory", "None", "Could not install xen utils on xen systems");
|
||
|
"any" usebundle => rudder_common_report("Inventory", "result_error", "&TRACKINGKEY&", "inventory", "None", "Could not install Xen utils on Xen system");
|
||
|
|
||
|
pass3.xen_installed::
|
||
|
"any" usebundle => rudder_common_report("Inventory", "log_info", "&TRACKINGKEY&", "inventory", "None", "Xen utils installed");
|
||
| ... | ... | |
|
"any" usebundle => rudder_common_report("Inventory", "result_error", "&TRACKINGKEY&", "inventory", "None", "Could not generate the user list");
|
||
|
|
||
|
pass3.cpuid_fail::
|
||
|
"any" usebundle => rudder_common_report("Inventory", "result_error", "&TRACKINGKEY&", "inventory", "None", "Could not generate the cpuid");
|
||
|
"any" usebundle => rudder_common_report("Inventory", "result_error", "&TRACKINGKEY&", "inventory", "None", "Could not generate the CPUID");
|
||
|
|
||
|
pass3.!rudder_inventory_userlist_tool_present::
|
||
|
|
||
|
"any" usebundle => rudder_common_report("Inventory", "log_debug", "&TRACKINGKEY&", "inventory", "None", "The user list generation tool is not present yet. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("Inventory", "log_debug", "&TRACKINGKEY&", "inventory", "None", "User list generation tool is not present yet. Skipping...");
|
||
|
|
||
|
pass3.!rudder_inventory_cpuid_tool_present::
|
||
|
|
||
| techniques/system/server-roles/1.0/alive-check.st | ||
|---|---|---|
|
|
||
|
pass3.root_server::
|
||
|
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check ${app} status", "None", "The ${site_to_check} web application is running"),
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check ${app} status", "None", "The ${site_to_check} web interface is running"),
|
||
|
ifvarclass => "site_ok.!site_down_once_${sitename}";
|
||
|
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check ${app} status", "None", "This is the first time the ${site_to_check} web application failed to respond. Deferring the restart."),
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check ${app} status", "None", "This is the first time the ${site_to_check} web interface failed to respond. Deferring the restart."),
|
||
|
ifvarclass => "site_down_once_${sitename}.!site_alivecheck_restart_jetty_${sitename}";
|
||
|
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check ${app} status", "None", "The ${site_to_check} web application failed to respond for the second time. Restarting jetty NOW !"),
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check ${app} status", "None", "The ${site_to_check} web interface failed to respond for the second time. Restarting jetty NOW!"),
|
||
|
ifvarclass => "site_alivecheck_restart_jetty_${sitename}";
|
||
|
|
||
|
pass3.(policy_server.!root_server)::
|
||
|
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check ${app} status", "None", "The ${site_to_check} web application check do not need to be done on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check ${app} status", "None", "The ${site_to_check} web interface check do not need to be done on relay servers. Skipping.");
|
||
|
|
||
|
commands:
|
||
|
|
||
| techniques/system/server-roles/1.0/component-check.st | ||
|---|---|---|
|
|
||
|
!role_rudder_server_root::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"${root_password_check_ldap}", "None", "Checking LDAP passwords is unnecessary on this machine, skipping..."
|
||
|
"${root_password_check_ldap}", "None", "Checking LDAP passwords is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"${root_password_check_psql}", "None", "Checking SQL passwords is unnecessary on this machine, skipping..."
|
||
|
"${root_password_check_psql}", "None", "Checking SQL passwords is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check rudder-passwords.conf and pgpass files", "None", "Checking the password files is unnecessary on this machine, skipping..."
|
||
| ... | ... | |
|
|
||
|
!(root_server|policy_server)|role_rudder_relay_promises_only::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check allowed networks configuration", "None", "Checking the allowed networks configuration is unnecessary on this machine, skipping..."
|
||
|
"Check allowed networks configuration", "None", "Checking the allowed networks configuration is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check WebDAV credentials", "None", "Checking WebDAV credentials is unnecessary on this machine, skipping..."
|
||
|
"Check WebDAV credentials", "None", "Checking WebDAV credentials is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check apache process", "None", "Checking apache process state is unnecessary on this machine, skipping..."
|
||
|
"Check apache process", "None", "Checking apache process state is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check apache boot script", "None", "Checking apache boot settings is unnecessary on this machine, skipping..."
|
||
|
"Check apache boot script", "None", "Checking apache boot settings is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
role_rudder_jetty::
|
||
| ... | ... | |
|
|
||
|
!role_rudder_jetty::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check jetty process", "None", "Checking jetty process state is unnecessary on this machine, skipping..."
|
||
|
"Check jetty process", "None", "Checking jetty process state is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
role_rudder_webapp::
|
||
| ... | ... | |
|
|
||
|
!role_rudder_webapp::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"${root_integrity_check}", "None", "Checking configuration-repository is unnecessary on this machine, skipping..."
|
||
|
"${root_integrity_check}", "None", "Checking configuration-repository is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check rudder status", "None", "Checking rudder webapp status is unnecessary on this machine, skipping..."
|
||
|
"Check rudder status", "None", "Checking rudder web interface status is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
role_rudder_inventory_endpoint::
|
||
| ... | ... | |
|
|
||
|
!role_rudder_inventory_endpoint::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check endpoint status", "None", "Checking rudder inventory endpoint status is unnecessary on this machine, skipping..."
|
||
|
"Check endpoint status", "None", "Checking rudder inventory endpoint status is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
role_rudder_inventory_ldap::
|
||
| ... | ... | |
|
|
||
|
!role_rudder_inventory_ldap::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check slapd process", "None", "Checking slapd process state is unnecessary on this machine, skipping..."
|
||
|
"Check slapd process", "None", "Checking slapd process state is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
role_rudder_reports::
|
||
| ... | ... | |
|
|
||
|
!role_rudder_reports::
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check PostgreSQL configuration", "None", "Checking PostgreSQL configuration is unnecessary on this machine, skipping..."
|
||
|
"Check PostgreSQL configuration", "None", "Checking PostgreSQL configuration is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check postgresql process", "None", "Checking postgresql process state is unnecessary on this machine, skipping..."
|
||
|
"Check postgresql process", "None", "Checking postgresql process state is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
"any" usebundle => rudder_common_report("${technique_name}", "result_na", "&TRACKINGKEY&",
|
||
|
"Check postgresql boot script", "None", "Checking postgresql boot settings is unnecessary on this machine, skipping..."
|
||
|
"Check postgresql boot script", "None", "Checking postgresql boot settings is unnecessary on this machine, skipping."
|
||
|
);
|
||
|
|
||
|
}
|
||
| techniques/system/server-roles/1.0/integrity-check.st | ||
|---|---|---|
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check configuration-repository folder", "None", "The ${g.rudder_configuration_repository} directory is present");
|
||
|
|
||
|
pass3.root_server.(!rudder_integrity_ok|rudder_integrity_failed)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check configuration-repository folder", "None", "EMERGENCY: THE ${g.rudder_configuration_repository} DIRECTORY IS *ABSENT*. THIS ORCHESTRATOR WILL *NOT* OPERATE CORRECTLY.");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check configuration-repository folder", "None", "The required ${g.rudder_configuration_repository} directory is absent, central server will not operate properly");
|
||
|
|
||
|
pass3.(root_server.!rudder_git_lock_repaired.!rudder_git_lock_failed)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "The ${g.rudder_configuration_repository} GIT lock file is not present or not older than 5 minutes");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "The ${g.rudder_configuration_repository} git lock file is not present or not older than 5 minutes");
|
||
|
|
||
|
pass3.(root_server.rudder_git_lock_repaired.!rudder_git_lock_failed)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "WARNING: THE ${g.rudder_configuration_repository} GIT LOCK FILE WAS OLDER THAN 5 MINUTES AND HAS BEEN DELETED");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "The ${g.rudder_configuration_repository} git lock file was older than 5 minutes and has been deleted");
|
||
|
|
||
|
pass3.(root_server.rudder_git_lock_failed)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "TheEMERGENCY: THE ${g.rudder_configuration_repository} GIT LOCK FILE IS OLDER THAN 5 MINUTES AND COULD NOT BE DELETED. THIS ORCHESTRATOR WILL *NOT* OPERATE CORRECTLY.");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "The ${g.rudder_configuration_repository} git lock file is older than 5 minutes and could not be deleted, central server will not operate properly");
|
||
|
|
||
|
pass3.(policy_server.!root_server)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check configuration-repository folder", "None", "Nothing to check about the configuration-repository on relay servers");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "Nothing to check about configuration-repository GIT locking on relay servers");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check configuration-repository GIT lock", "None", "Nothing to check about configuration-repository git locking on relay servers");
|
||
|
|
||
|
}
|
||
| techniques/system/server-roles/1.0/logrotate-check.st | ||
|---|---|---|
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check logrotate configuration", "None", "The logrotate configuration is correct");
|
||
|
|
||
|
rudder_logrotate_conf_copied.!cannot_copy_rudder_logrotate_conf::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check logrotate configuration", "None", "The logrotate configuration has been updated");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check logrotate configuration", "None", "The logrotate configuration has been repaired");
|
||
|
|
||
|
cannot_copy_rudder_logrotate_conf::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check logrotate configuration", "None", "The logrotate configuration could not be updated");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check logrotate configuration", "None", "The logrotate configuration could not be repaired");
|
||
|
|
||
|
}
|
||
| techniques/system/server-roles/1.0/metrics-reporting.st | ||
|---|---|---|
|
|
||
|
methods:
|
||
|
run_metrics.pass2.metrics_ok::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Send metrics to rudder-project", "None", "Sending metrics to rudder-project succeeded");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Send metrics to rudder-project", "None", "Sending metrics to rudder-project.org succeeded");
|
||
|
run_metrics.pass2.metrics_error::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Send metrics to rudder-project", "None", "Sending metrics to rudder-project failed");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Send metrics to rudder-project", "None", "Sending metrics to rudder-project.org failed");
|
||
|
!run_metrics::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_na", "&TRACKINGKEY&", "Send metrics to rudder-project", "None", "Sending metrics to rudder-project is not enabled. Skipping.");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_na", "&TRACKINGKEY&", "Send metrics to rudder-project", "None", "Sending metrics to rudder-project.org is not enabled. Skipping.");
|
||
|
|
||
|
commands:
|
||
|
run_metrics.!(metrics_ok|metrics_error)::
|
||
| techniques/system/server-roles/1.0/network-check.st | ||
|---|---|---|
|
methods:
|
||
|
|
||
|
pass3.rudder_networks_ok.!rudder_networks_repaired.!rudder_networks_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "The Rudder allowed networks configuration is OK");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "Allowed networks configuration is correct");
|
||
|
|
||
|
pass3.rudder_networks_repaired.!rudder_networks_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "The Rudder allowed networks configuration has been corrected");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "Allowed networks configuration has been repaired");
|
||
|
|
||
|
pass3.rudder_networks_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "The Rudder allowed networks configuration was NOT edited because of an error");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "Allowed networks configuration could not be edited");
|
||
|
|
||
|
pass3.apache_reloaded.!apache_reload_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "log_info", "&TRACKINGKEY&", "Check allowed networks configuration", "None", "Apache has been reloaded successfully");
|
||
| techniques/system/server-roles/1.0/password-check.st | ||
|---|---|---|
|
methods:
|
||
|
|
||
|
root_server.file_ok.rudder_postgres_pgpass_kept.!(file_repaired|file_error|rudder_postgres_pgpass_repaired|rudder_postgres_pgpass_failed)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "The Rudder passwords file is present and secure");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "Rudder passwords file is present and secure");
|
||
|
|
||
|
root_server.file_repaired.!file_error::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "The Rudder passwords file permissions were fixed");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "Rudder passwords file permissions were fixed");
|
||
|
|
||
|
root_server.file_error::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "EMERGENCY: THE ${g.rudder_base}/etc/rudder-passwords.conf FILE IS *ABSENT*. THIS RUDDER SERVER WILL *NOT* OPERATE CORRECTLY.");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "Rudder passwords file (${g.rudder_base}/etc/rudder-passwords.conf) is absent, server will not operate properly");
|
||
|
|
||
|
root_server.rudder_postgres_pgpass_repaired.!rudder_postgres_pgpass_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "The Postgresql .pgpass file was fixed");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "PostgreSQL .pgpass file was repaired");
|
||
|
|
||
|
root_server.rudder_postgres_pgpass_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "Could not update the .pgpass file");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "Could not repair the PostgreSQL .pgpass file");
|
||
|
|
||
|
|
||
|
|
||
|
policy_server.!root_server::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "The Rudder passwords file does not need to be checked on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check rudder-passwords.conf and pgpass files", "None", "Rudder passwords file does not need to be checked on relay servers. Skipping.");
|
||
|
|
||
|
}
|
||
|
|
||
| ... | ... | |
|
"${prop_edit}"
|
||
|
edit_line => set_variable_values("root_password_check_ldap.rudder"),
|
||
|
classes => kept_if_else("rudder_web_password_integrity_ok", "rudder_web_password_integrity_changed", "rudder_web_password_integrity_failed"),
|
||
|
comment => "Verifying the Rudder Webapp properties file passwords and users";
|
||
|
comment => "Verifying the Rudder web interface properties file passwords and users";
|
||
|
|
||
|
"${g.rudder_base}/etc/openldap/slapd.conf"
|
||
|
edit_line => update_slapd("root_password_check_ldap.slapd"),
|
||
| ... | ... | |
|
"restart_slapd" usebundle => service_restart("rudder-slapd");
|
||
|
|
||
|
pass3.root_server.rudder_web_password_integrity_ok.!rudder_web_password_integrity_changed.!rudder_web_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "The Rudder Webapp configuration files are OK (checked LDAP password)");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "Web interface configuration files are correct (checked LDAP password)");
|
||
|
|
||
|
pass3.root_server.rudder_web_password_integrity_changed.!rudder_web_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "The Rudder Webapp configuration files were updated with a new LDAP password");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "Web interface configuration files were updated with a new LDAP password");
|
||
|
|
||
|
pass3.root_server.rudder_web_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "The Rudder Webapp configuration files could not be updated to set the LDAP password");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "Web interface configuration files could not be updated to set the LDAP password");
|
||
|
|
||
|
pass3.root_server.rudder_ldap_password_integrity_ok.!rudder_ldap_password_integrity_changed.!rudder_ldap_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP credentials", "None", "The OpenLDAP configuration file is OK (checked rootdn password)");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP credentials", "None", "OpenLDAP configuration file is correct (checked rootdn password)");
|
||
|
|
||
|
pass3.root_server.rudder_ldap_password_integrity_changed.!rudder_ldap_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check LDAP credentials", "None", "The OpenLDAP configuration file was updated with a new rootdn password");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check LDAP credentials", "None", "OpenLDAP configuration file was updated with a new rootdn password");
|
||
|
|
||
|
pass3.root_server.rudder_ldap_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check LDAP credentials", "None", "The OpenLDAP configuration file could not be updated to set the rootdn password");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check LDAP credentials", "None", "OpenLDAP configuration file could not be updated to set the rootdn password");
|
||
|
|
||
|
pass3.root_server.service_restart_rudder_slapd_repaired::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "log_info", "&TRACKINGKEY&", "Check rudder-passwords.conf file", "None", "rudder-slapd has been restarted");
|
||
|
|
||
|
pass3.(policy_server.!root_server)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "The Rudder Webapp configuration files do not need to be checked on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP credentials", "None", "The OpenLDAP configuration file do not need to be checked on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP in rudder-webapp.properties", "None", "Web interface configuration files do not need to be checked on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check LDAP credentials", "None", "OpenLDAP configuration file do not need to be checked on relay servers. Skipping.");
|
||
|
|
||
|
}
|
||
|
|
||
| ... | ... | |
|
"${g.rudder_base}/etc/rudder-web.properties"
|
||
|
edit_line => set_variable_values("root_password_check_psql.rudder"),
|
||
|
classes => kept_if_else("rudder_web_password_integrity_ok", "rudder_web_password_integrity_changed", "rudder_web_password_integrity_failed"),
|
||
|
comment => "Verifying the Rudder Webapp properties file passwords and users";
|
||
|
comment => "Verifying the Rudder web interface properties file passwords and users";
|
||
|
|
||
|
methods:
|
||
|
|
||
|
pass3.root_server.rudder_web_password_integrity_ok.!rudder_web_password_integrity_changed.!rudder_web_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "The Rudder Webapp configuration files are OK (checked SQL password)");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "Web interface configuration files are OK (checked SQL password)");
|
||
|
|
||
|
pass3.root_server.rudder_web_password_integrity_changed.!rudder_web_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "The Rudder Webapp configuration files were updated with a new SQL password");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "Web interface configuration files were updated with a new SQL password");
|
||
|
|
||
|
pass3.root_server.rudder_web_password_integrity_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "The Rudder Webapp configuration files could not be updated to set the SQL password");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "Web interface configuration files could not be updated to set the SQL password");
|
||
|
|
||
|
pass3.root_server.!psql_cant_connect::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL credentials", "None", "The Rudder PostgreSQL user account's password is correct and works");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL credentials", "None", "PostgreSQL user account's password is correct and works");
|
||
|
|
||
|
pass3.root_server.postgres_updated::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check SQL credentials", "None", "The Rudder PostgreSQL user account's password has been changed");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check SQL credentials", "None", "PostgreSQL user account's password has been changed");
|
||
|
|
||
|
pass3.root_server.postgres_update_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check SQL credentials", "None", "The Rudder PostgreSQL user account's password could not be changed!");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check SQL credentials", "None", "PostgreSQL user account's password could not be changed!");
|
||
|
|
||
|
pass3.(policy_server.!root_server)::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "The Rudder Webapp configuration files do not need to be checked on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL credentials", "None", "The Rudder PostgreSQL user account's do not need to be checked on relay servers. Skipping...");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL in rudder-webapp.properties", "None", "Web interface configuration files do not need to be checked on relay servers. Skipping.");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check SQL credentials", "None", "PostgreSQL user account's do not need to be checked on relay servers. Skipping.");
|
||
|
|
||
|
commands:
|
||
|
|
||
| ... | ... | |
|
methods:
|
||
|
|
||
|
pass3.!dav_cant_connect::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check WebDAV credentials", "None", "The Rudder WebDAV user and password are OK");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check WebDAV credentials", "None", "Apache WebDAV user and password are OK");
|
||
|
|
||
|
pass3.rudder_apache_davpassword_changed.!rudder_apache_davpassword_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check WebDAV credentials", "None", "The Rudder WebDAV user and password were updated");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check WebDAV credentials", "None", "Apache WebDAV user and password were updated");
|
||
|
|
||
|
pass3.rudder_apache_davpassword_failed::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check WebDAV credentials", "None", "The Rudder WebDAV user and password could not be updated");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check WebDAV credentials", "None", "Apache WebDAV user and password could not be updated");
|
||
|
|
||
|
commands:
|
||
|
|
||
| techniques/system/server-roles/1.0/postgres-check.st | ||
|---|---|---|
|
|
||
|
# Report about the configuration file editing
|
||
|
pass3.SuSE.psql_conf_ok.!psql_conf_updated.!psql_conf_update_error::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "The SuSE specific postgresql configuration is present");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "The SuSE specific PostgreSQL configuration is present");
|
||
|
|
||
|
pass3.SuSE.psql_conf_updated.!psql_conf_update_error::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "The SuSE specific postgresql configuration has been added");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_repaired", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "The SuSE specific PostgreSQL configuration has been added");
|
||
|
|
||
|
pass3.SuSE.psql_conf_update_error::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "The SuSE specific postgresql configuration could not be added");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "The SuSE specific PostgreSQL configuration could not be added");
|
||
|
|
||
|
# Reports about Postgres restart status
|
||
|
pass3.SuSE.service_restart_postgresql_repaired::
|
||
| ... | ... | |
|
"any" usebundle => rudder_common_report("server-roles", "result_error", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "PostgreSQL restart has failed! Rudder is most certainly broken...");
|
||
|
|
||
|
pass3.!SuSE::
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "There is no need of specific postgresql configuration on this system");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "result_success", "&TRACKINGKEY&", "Check PostgreSQL configuration", "None", "There is no need of specific PostgreSQL configuration on this system");
|
||
|
|
||
|
}
|
||
| techniques/system/server-roles/1.0/technique-reload.st | ||
|---|---|---|
|
|
||
|
pass3.root_technique_reload_rest_call_failed::
|
||
|
|
||
|
"any" usebundle => rudder_common_report("server-roles", "log_warn", "&TRACKINGKEY&", "Check Technique library reloading file", "None", "The Technique library failed to reload. Will try again next time");
|
||
|
"any" usebundle => rudder_common_report("server-roles", "log_warn", "&TRACKINGKEY&", "Check Technique library reloading file", "None", "The Technique library failed to reload. Will try again next time.");
|
||
|
|
||
|
commands:
|
||
|
|
||
Also available in: Unified diff
Fixes #10632: Improve readability of system techniques reports