Uploaded image for project: 'Puppet Enterprise'
  1. Puppet Enterprise
  2. ENTERPRISE-1143

Default suggestion for rbac_token_maximum_lifetime is formatted incorrectly and causes pe-console-services to crash on restart

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • PE 2017.3.1
    • PE 2018.1.0
    • Console
    • None
    • Chrome
    • Monolithic
    • RHEL 7 (x86_64)
    • Installer and Management
    • Needs Assessment
    • Needs Assessment

    Description

      If you go to the console and bring up puppet_enterprise::profile::console and add the rbac_token_maximum_lifetime parameter, the console will suggest the default value in the form of '10y'.  If you accept this value by clicking on "Add Parameter", then commit the change, the value gets changed to "'10y'".  That's double-quote, singe-quote, 10y, single-quote, double-quote.

      The next time there is a puppet agent run on the server running the puppet console, pe-console-services will fail to start with the following message:

       

      Exception in thread "main" clojure.lang.ExceptionInfo: Input to calculate-expiry does not match schema: [(named (not (instance? org.joda.time.ReadablePeriod nil)) lifetime)] {:type :schema.core/error, :schema [#schema.core.One\{:schema org.joda.time.ReadablePeriod, :optional? false, :name lifetime}], :value [nil], :error [(named (not (instance? org.joda.time.ReadablePeriod nil)) lifetime)]}

       

      The workaround was to edit console-services/conf.d/rbac.conf and change "'10y'" to "10y".  Then the console started fine.  I made sure to go back to puppet_enterprise::profile::console and change "'10y'" to "10y".  Committing that change and running puppet agent worked and presented no new issues.

       

      I was able to reproduce this behavior at will.

      Attachments

        Activity

          People

            Unassigned Unassigned
            rlawson_merrill Richard Lawson
            Votes:
            0 Vote for this issue
            Watchers:
            7 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Zendesk Support