New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
foreman: plugin execution times out when DB password can't be found #2421
Comments
Nice finding; adding to my todo list to prepare a PR (until @evgeni volunteer himself, whatever works). About the "foreman plugin executed also on foreman-proxy systems with no foreman": we should split the plugin to |
evgeni
added a commit
to evgeni/sos
that referenced
this issue
Feb 25, 2021
evgeni
added a commit
to evgeni/sos
that referenced
this issue
Feb 25, 2021
Closes: sosreport#2421 Signed-off-by: Evgeni Golov <evgeni@golov.de>
TurboTurtle
pushed a commit
that referenced
this issue
Feb 25, 2021
The candlepin plugin tries to read the PostgreSQL password from /etc/candelpin/candlepin.conf, but will fallback to an empty string if one isn't found. This in turn causes psql to hang indefinitely (or at least until we hit the plugin timeout). Add `--no-password` to the psql command to not prompt for a password if one isn't provided via another source. Related: #2421 Resolves: #2422 Signed-off-by: Evgeni Golov <evgeni@golov.de> Signed-off-by: Jake Hunsaker <jhunsake@redhat.com>
jjansky1
added a commit
to jjansky1/sos
that referenced
this issue
Mar 1, 2021
Resolved: sosreport#2429 Related: sosreport#2422 Closes: sosreport#2421 Signed-off-by: Jan Jansky <jjansky@redhat.com>
jjansky1
added a commit
to jjansky1/sos
that referenced
this issue
Mar 1, 2021
Resolved: sosreport#2429 Related: sosreport#2422 Closes: sosreport#2421 Signed-off-by: Jan Jansky <jjansky@redhat.com>
6 tasks
jjansky1
added a commit
to jjansky1/sos
that referenced
this issue
Mar 16, 2021
Resolved: sosreport#2429 Related: sosreport#2422 Closes: sosreport#2421 Signed-off-by: Jan Jansky <jjansky@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
foreman
plugin tries to read the PostgreSQL password from/etc/foreman/database.yml
and falls back to an empty string if that can't be found for some reason:sos/sos/plugins/foreman.py
Lines 37 to 59 in 00a25de
However, when one tries to execute
psql
without a password, it will just sit there and wait for the user to enter one:This leads to the plugin timing out:
The most trivial fix for this is to pass
--no-password
topsql
, which will "Never issue a password prompt. If the server requires password authentication and a password is not available from other sources such as a .pgpass file, the connection attempt will fail. This option can be useful in batch jobs and scripts where no user is present to enter a password." and that's exactly the case we have here.I am linking the
legacy-3.9
code above, as I am experiencing this on CentOS 7 with sos-3.9-5.el7.centos.2.noarch, but the code inmaster
looks (for that part) identical and should suffer from the same issue.And if you're wondering why we're facing this now, and not since a long time: The plugin works equally on Foreman servers and Foreman proxies (see
packages
definition in the plugin). There is no/etc/foreman/database.yml
on the proxy, so the password can't be read, which was not a problem until recently as we didn't have apsql
binary on the proxy. We have one now, but still no/etc/foreman/database.yml
which leads to the before mentioned password prompt.The text was updated successfully, but these errors were encountered: