CAPP ruleset not provided on Bionic
curiositycasualty opened this issue · comments
Ran into this while running a wrapper cookbook on bionic.
According to https://reposcope.com/package/auditd/files the CAPP rules (and others) archive(s) previous available on xenial are no longer included with the auditd package.
Compare the file list for the auditd package on xenial and bionic.
For me, auditd::rules dies with the following on bionic.
Seems like the assumption is that "/usr/share/doc/auditd/examples/capp.rules.gz" exists:
Recipe: auditd::rules
* auditd_builtins[capp] action create[2018-11-02T19:48:21+00:00] INFO: Processing auditd_builtins[capp] action create (auditd::rules line 24)
* execute[installing ruleset capp] action run[2018-11-02T19:48:21+00:00] INFO: Processing execute[installing ruleset capp] action run (/tmp/packer-chef-client/local-mode-cache/cache/cookbooks/auditd/resources/builtins.rb line 35)
[execute] gzip: /usr/share/doc/auditd/examples/capp.rules.gz: No such file or directory
================================================================================
Error executing action `run` on resource 'execute[installing ruleset capp]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
Expected process to exit with [0], but received '1'
---- Begin output of zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules ----
STDOUT:
STDERR: gzip: /usr/share/doc/auditd/examples/capp.rules.gz: No such file or directory
---- End output of zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules ----
Ran zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules returned 1
Resource Declaration:
---------------------
# In /tmp/packer-chef-client/local-mode-cache/cache/cookbooks/auditd/resources/builtins.rb
35: execute "installing ruleset #{new_resource.name}" do
36: command "zcat /usr/share/doc/auditd/examples/#{new_resource.name}.rules.gz > /etc/audit/audit.rules"
37: notifies :restart, 'service[auditd]'
38: end
39: end
Compiled Resource:
------------------
# Declared in /tmp/packer-chef-client/local-mode-cache/cache/cookbooks/auditd/resources/builtins.rb:35:in `block in class_from_file'
execute("installing ruleset capp") do
action [:run]
default_guard_interpreter :execute
command "zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules"
backup 5
declared_type :execute
cookbook_name "auditd"
domain nil
user nil
end
System Info:
------------
chef_version=14.6.47
platform=ubuntu
platform_version=18.04
ruby=ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux]
program_name=/usr/bin/chef-client
executable=/opt/chefdk/bin/chef-client
[2018-11-02T19:48:21+00:00] INFO: Running queued delayed notifications before re-raising exception
================================================================================
Error executing action `create` on resource 'auditd_builtins[capp]'
================================================================================
Mixlib::ShellOut::ShellCommandFailed
------------------------------------
execute[installing ruleset capp] (/tmp/packer-chef-client/local-mode-cache/cache/cookbooks/auditd/resources/builtins.rb line 35) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules ----
STDOUT:
STDERR: gzip: /usr/share/doc/auditd/examples/capp.rules.gz: No such file or directory
---- End output of zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules ----
Ran zcat /usr/share/doc/auditd/examples/capp.rules.gz > /etc/audit/audit.rules returned 1
Resource Declaration:
---------------------
# In /tmp/packer-chef-client/local-mode-cache/cache/cookbooks/auditd/recipes/rules.rb
24: auditd_builtins 'capp'
25: when 'lspp'
Compiled Resource:
------------------
# Declared in /tmp/packer-chef-client/local-mode-cache/cache/cookbooks/auditd/recipes/rules.rb:24:in `from_file'
auditd_builtins("capp") do
action [:create]
default_guard_interpreter :default
declared_type :auditd_builtins
cookbook_name "auditd"
recipe_name "rules"
end
System Info:
------------
chef_version=14.6.47
platform=ubuntu
platform_version=18.04
ruby=ruby 2.5.3p105 (2018-10-18 revision 65156) [x86_64-linux]
program_name=/usr/bin/chef-client
executable=/opt/chefdk/bin/chef-client
Hey There
It looks like this is the first issue you've filed against the chef-cookbooks project. I'm here to offer you a bit of extra help to make sure we can quickly get back to you.
Make sure you've filled out all the fields in our issue template. Make sure you've provided us with the version of chef-client you're running, your operating system and the version of the cookbook. If you're not using the most up to date version of the cookbook then please make sure to update first. Lots of things change between versions even if you're issue isn't listed in the changelog. Finally please give us a detailed description of the issue you're having. The more we know about what you're trying to do, what actually happens, and how you can reproduce the problem, the better.
If you're looking for more immediate troubleshooting help make sure to check out #general on the Chef Community Slack. There's plenty of folks there willing to lend a helping hand. Thanks for the first issue. We hope we can get back to you soon with a solution.
Like shouting into the void.