I am kinda new to Saltstack so I may need some hand holding, but here it goes.
First some background info:
I am running a salt-master server on a CentOS 6.7 VM.
I am running a salt-minion on an OpenBSD 5.8 machine.
I have accepted the keys from the minion on the master and I am able to test.ping from the master to the minion. So the connection is fine.
I have created a bunch of .sls files for all of the packages I want to install under a directory called OpenBSD.
As an example, here is my bash/init.sls file:
bash:
pkg:
- installed
Very simple, right?
Now I run the command: # salt 'machinename' state.sls OpenBSD/bash
However this is what the salt-server responds with:
Machinename:
----------
ID: bash
Function: pkg.installed
Result: False
Comment: The following packages failed to install/update: bash
Started: 19:03:50.191735
Duration: 1342.497 ms
Changes:
Summary
------------
Succeeded: 0
Failed: 1
------------
What am I doing wrong?
Can you run with the option -ldebug attached to it and see if there is anything useful in the output? Also can you run the following and paste any useful output on the bsd box itself:
salt-call -ldebug state.sls OpenBSD.bash
Related
I'm trying to apply state 'nettools.sls' and I'm receiving
ERROR: Minions returned with non-zero exit code. ran command: salt
'minion*' state.apply nettools
Running on Ubuntu Server 18.04 with XFCE desktop, I've tried having the sls in etc/salt/ and in the home directory
install_network_packages:
pkg.installed:
- pkgs:
- rsync
- lftp
- curl
I receive data failed to compile: no matching sls found for 'nettools' in env 'base'
Salt's states (sls files) go in /srv/salt/ unless you've modified the file_roots option in your master config file.
So if you place your file in /srv/salt/nettools.sls you should be able to run the following command:
salt <minion id> state.apply nettools
About two-month-old sls files are working no more. I've tried to put the minimal example below:
salt 'myserver.internal' state.highstate gave:
myserver.internal:
Data failed to compile:
----------
Requisite declaration dhparam in SLS nginx is not formed as a single key dictionary
----------
Requisite declaration /etc/nginx/sites-available/myapp.conf in SLS nginx is not formed as a single key dictionary
ERROR: Minions returned with non-zero exit code
with the following nginx.sls:
/etc/nginx/sites-available/myapp.conf:
file.managed:
- name: /etc/nginx/sites-available/myapp.conf
- source: salt://nginx-myapp.conf.jinja
- template: jinja
- require:
- dhparam
dhparam:
cmd:
- run
- name: "mkdir -p /etc/nginx/ssl/; openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048"
- unless: ls /etc/nginx/ssl/dhparam.pem
And there are tens of those errors when I run the whole configuration. Am I missing something? Maybe, some crucial dependency not installed/updated/broken? yamllint did not find any problems in my SLS files. Same files worked well on another server two months ago.
Versions:
salt-master 2016.11.6+ds-1
salt-minion 2015.8.8+ds-1
The system is Ubuntu Xenial 16.04.2 LTS on both master and minion.
The problem is the version of the minion. While I added repo key for saltstack, I forgot to add
deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest xenial main
to /etc/apt/sources.list.d/saltstack.list and run apt update before installing salt-minion.
When I corrected that, files started to work again.
I would like to automate a build - for now, during my development, so no security stuff involved.
I have created a script that moves libs to /usr/local/lib and issues ldd command.
These things require sudo.
Running the script from the builder (Qt Creator), I am not prompted to enter my sudo password, and I get the error
sudo: no tty present and no askpass program specified
Sorry, try again.
I have found a few solutions to this but it just did not work... what am I missing ?
Exact code:
in myLib.pro
#temporary to make my life easier
QMAKE_POST_LINK = /home/me/move_libs_script
in move_libs_script:
#!/bin/bash
sudo cp $HOME/myLib/myLib.so.1 /usr/local/lib/
sudo ldconfig
I did as suggested by the answer above: edited visudo and added the script... even added qmake...
sudo visudo
added at the end:
me ALL=NOPASSWD: /home/me/move_libs_script, /usr/bin/qmake-qt4
It saved file: /etc/sudoers.tmp (and doing the command sudo visudo again I saw that my changes were kept so I am not sure what is with the tmp)
Still same errors
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: no tty present and no askpass program specified
Sorry, try again.
sudo: 3 incorrect password attempts
Edit: after asking the question I found a suggested similar question:
https://stackoverflow.com/a/10668693/1217150
So I tried to add a custom step...
Result:
09:50:03: Running build steps for project myLib...
09:50:03: Could not start process "ssh-askpass Sudo Password | sudo -S bash ./move_libs_script"
Error while building project myLib (target: Desktop)
When executing build step 'Custom Process Step'
(if I run from terminal I get asked for password)
New edit: so I thought I can outsmart the system and call a script that calls my script...
myLib.pro
QMAKE_POST_LINK = /home/me/sudo_move_libs_script
sudo_move_libs_script:
#!/bin/bash
ssh-askpass Sudo Password | sudo -S bash $HOME/move_libs_script
got it !!! I will post as answer i guess
New edit as answer to comment:
in mainExe.pro:
QMAKE_POST_LINK = ./link_lib
in link_lib:
#!/bin/sh
LD_LIBRARY_PATH=$HOME/myLib
export LD_LIBRARY_PATH
Result: Executable fails because the lib is not to be found (of course before testing I emoved the copy from /usr/local/lib)
Solution 1:
To run the command I needed with sudo from Qt, and be asked for password
myLib.pro
QMAKE_POST_LINK = /home/me/sudo_move_libs_script
sudo_move_libs_script:
#!/bin/bash
ssh-askpass Sudo Password | sudo -S bash $HOME/move_libs_script
move_libs_script:
#!/bin/bash
cp $HOME/myLib/myLib.so.1 /usr/local/lib/
ldconfig
Solution 2
Avoid using sudo: run a custom executable from Qt Creator (just like I would when project is deployed) - I can execute my program with correct dependency. Unfortunately it does not work for debug.
In the Run Configuration, place a script "dummy_executable" instead the app executable:
dummy_executable:
#!/bin/sh
LD_LIBRARY_PATH=$HOME/myLib
export LD_LIBRARY_PATH
$HOME/myExec/myExec "$#
This method is great for running the program ... unfortunately gdb fails... I think it tries to debug the shell script ? So it won't work if I try to step through my program.
Choosing Solution 1, because it has advantages: allows me to build and debug the program, which is what I really need, and with the dependencies set I get the library built before running the program - which is perfect.
Thank you Etan Reisner
I recently upgraded the openssl version on AIXX 6.1 server.
The install went fine.
But now I'm unable to start new ssh sessions from puty to the server and I'm getting the error "Connection Refused".
But I have one putty terminal open which is active.
I tried the command startsrc -s sshd and it returns a new pid but I'm not able to start new sessions.
I tried the following command too and it gives the foll error:
root:stud -> $ /usr/sbin/sshd -de
exec(): 0509-036 Cannot load program /usr/sbin/sshd because of the following errors:
0509-150 Dependent module /opt/freeware/lib/libcrypto.a(libcrypto.so.0) could not be loaded.
0509-152 Member libcrypto.so.0 is not found in archive
And sshd is inoperative.
root:stud -> $ lssrc -s sshd
Subsystem Group PID Status
sshd ssh inoperative
How can I resolve this issue.
I'm not sure how it worked the first time. That is odd. The error says you need the lib crypto library. Is it installed? i.e. what does
ls /opt/freeware/lib/libcrypto.a
return? If it exists, you want to try:
ar t /opt/freeware/lib/libcrypto.a
and you should see libcrypto.so.0 inside. My guess is one of those two will not be true and you need to install it. But it might be that libcrypto.so.0 will not load for its own reasons.
Is this the official ssh package for AIX or is it something you got somewhere else? (I just compile mine from the source from scratch but that's not easy sometimes).
I am testing out OpenMPI, provided and compiled by another user, (I am using soft link to his directories for all bin, include, etc - all the mandatory directories) but I ran into this weird thing:
First of all, if I ran mpirun with -n setting <= 10, I can run this below. testrunmpi.py simply prints out "run." from each core.
# I am in serverA.
bash-3.2$ /home/karl/bin/mpirun -n 10 ./testrunmpi.py
run.
run.
run.
run.
run.
run.
run.
run.
run.
run.
However, when I tried running -n more than 10, I will run into this:
bash-3.2$ /home/karl/bin/mpirun -n 24 ./testrunmpi.py
karl#serverB's password: Could not chdir to home directory /home/karl: No such file or directory
bash: /home/karl/bin/orted: No such file or directory
--------------------------------------------------------------------------
A daemon (pid 19203) died unexpectedly with status 127 while attempting
to launch so we are aborting.
There may be more information reported by the environment (see above).
This may be because the daemon was unable to find all the needed shared
libraries on the remote node. You may set your LD_LIBRARY_PATH to have the
location of the shared libraries on the remote nodes and this will
automatically be forwarded to the remote nodes.
--------------------------------------------------------------------------
--------------------------------------------------------------------------
mpirun noticed that the job aborted, but has no info as to the process
that caused that situation.
--------------------------------------------------------------------------
bash-3.2$
bash-3.2$
Permission denied, please try again.
karl#serverB's password:
Permission denied, please try again.
karl#serverB's password:
I see that the work is dispatched to serverB, while I was on serverA. I don't have any account on serverB. But if I invoke mpirun -n <= 10, the work will be on serverA.
This is strange, so I checked out /home/karl/etc/openmpi-default-hostfile, and tried set the following:
serverA slots=24 max_slots=24
serverB slots=0 max_slots=32
But the problem persists and still gives out the same error message above. What must I do in order to have my program run on serverA only?
The default hostfile in Open MPI is system-wide, i.e. its location is determined while the library is being built and installed and there is no user-specific version of it. The actual location can be obtained by running the ompi_info command like this:
$ ompi_info --param orte orte | grep orte_default_hostfile
MCA orte: parameter "orte_default_hostfile" (current value: <LOOK HERE>, data source: default value)
You can override the list of hosts in several different ways. First, you can provide your own hostfile via the -hostfile option to mpirun. If so, you don't have to put hosts with zero slots inside it - simply omit machines that you have no access to. For example:
localhost slots=10 max_slots=10
serverA slots=24 max_slots=24
You can also change the path to the default hostfile by setting the orte_default_hostfile MCA parameter:
$ mpirun --mca orte_default_hostfile /path/to/your/hostfile -n 10 executable
Instead of passing each time the --mca option, you can set the value in an exported environment variable called OMPI_MCA_orte_default_hostfile. This could be set in your shell's dot-rc file, e.g. in .bashrc if using Bash.
You can also specify the list of nodes directly via the -H (or -host) option.