Details
-
Bug
-
Status: Closed
-
Normal
-
Resolution: Done
-
None
-
None
-
None
-
None
-
Night's Watch
-
2
-
PR - 2019-05-15, PR - 2019-05-29
-
Needs Assessment
-
Needs Assessment
Description
During a puppet run, on CentOS 7.6 hosts, a warning appears:
Warning: Augeas[sudo/requiretty](provider=augeas): Loading failed for one or more files, see debug for /augeas//error |
output
|
The relevant excerpt from augtool is
$ /opt/puppetlabs/puppet/bin/augtool errors
|
...
|
Error in /etc/sudoers:73.12 (parse_failed) |
Iterated lens matched less than it should
|
Lens: /opt/puppetlabs/puppet/share/augeas/lenses/dist/sudoers.aug:537.10-.70: |
Last matched: /opt/puppetlabs/puppet/share/augeas/lenses/dist/sep.aug:47.18-.40: |
Next (no match): /opt/puppetlabs/puppet/share/augeas/lenses/dist/sudoers.aug:419.23-420.57: |
Line 73, col 12 is `always_query_group_plugin`:
$ nl -b a /etc/sudoers
|
67 # Prior to version 1.8.15, groups listed in sudoers that were not |
68 # found in the system group database were passed to the group |
69 # plugin, if any. Starting with 1.8.15, only groups of the form |
70 # %:group are resolved via the group plugin by default. |
71 # We enable always_query_group_plugin to restore old behavior. |
72 # Disable this option for new behavior. |
73 Defaults always_query_group_plugin |
74 |
This appears to be the same issue described at https://bugzilla.redhat.com/show_bug.cgi?id=1649287 which is patched upstream: https://github.com/hercules-team/augeas/pull/588/files, but not yet released.
It looks like some other patches are applied to the vendored augeas (https://github.com/puppetlabs/puppet-runtime/tree/1838c5c9e29923a0eb1042a8fbbf39ad838006d2/resources/patches/augeas ), but it wasn't obvious how to test my patch by building an AIO RPM locally if I were to submit a PR.
Attachments
Issue Links
- relates to
-
PA-2562 augeas sudoers lens needs updating -- puppet agent now has errors
-
- Resolved
-