search

CESNET / pakiti-server

Pakiti provides a monitoring mechanism to check the patching status of Linux systems.
BSD 2-Clause "Simplified" License
49 stars 35 forks source link

New install returns 500 even with Synchronous feeder #197

Open benjamindonnachie opened 5 months ago

benjamindonnachie commented 5 months ago

Thanks again for all the work that has gone into this project. Very much looking forward to using it across our systems.

New install of pakiti-server master branch (20240513 - web gui reports v3.1.0) on Rocky Linux 9.4 (also tried with Fedora 39) and pakiti-client (also 20240513) gives 500 errors despite feeder set to synchronous mode.

Firstly, gzip added to src/common/Utils.php as below:

           case "application/x-gzip" :
            case "application/gzip" :
                $contents = gzdecode($contents);
                if ($contents === False)
                    throw new Exception("Failed to decompress gzip data");

Config.php:

<?php

final class Config extends DefaultConfig
{
    public static $DB_HOST = "localhost";
    public static $DB_NAME = "pakiti";
    public static $DB_USER = "pakiti";
    public static $DB_PASSWORD = "xxx";

    # Pakiti operational mode
    #   1 - Synchronous mode - process clients reports immediately, useful for small deployments with < 1000 hosts
    #   2 - Asynchronous mode - process clients reports from the queue, needed in the deployments with > 1000 hosts
    public static $FEEDER_MODE = 1;

    public static $BACKUP = false;
    public static $BACKUP_DIR = "/var/lib/pakiti";

    public static $DEBUG = true;
}

Edited pakiti-client to make curl verbose:

# pakiti-client --disable-tls-checks --url http://127.0.0.1/pakiti/feed/
*   Trying ::1:80...
* Connected to localhost (::1) port 80 (#0)
> POST /pakiti/feed/?protocol=5 HTTP/1.1
> Host: localhost
> User-Agent: curl/7.76.1
> Accept: */*
> Content-Length: 43651
> Content-Type: application/x-www-form-urlencoded
> 
} [43651 bytes data]
* Mark bundle as not supporting multiuse
< HTTP/1.1 500 Internal Server Error
< Date: Mon, 13 May 2024 19:09:42 GMT
< Server: Apache/2.4.57 (Rocky Linux)
< X-Powered-By: PHP/8.2.13
< Content-Length: 0
< Connection: close
< Content-Type: text/html; charset=UTF-8
< 
* Closing connection 0
Error: 0 at /usr/bin/pakiti-client line 385.
[root@pakiti log]#

SELinux is permissive:

# sudo getenforce
Permissive

Journald:

May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class Pkg loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/modules/feeder/FeederModule.php:664]: Parsing packages
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/modules/feeder/FeederModule.php:416]: Preparing the report
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class StatsManager loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/managers/DbManager.php:152]: Sql query: select id from Host where hostname='pakiti' and ip='' and re>
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class HostDao loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/managers/HostsManager.php:39]: Getting the host ID
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class HostsManager loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class DefaultManager loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/modules/feeder/FeederModule.php:108]: Report from [reporterHost=localhost, reporterIp=127.0.0.1, clientVersion=5]
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/modules/feeder/FeederModule.php:891]: Computing the hash of the list of the packages
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/modules/feeder/FeederModule.php:874]: Computing the hash of the report header
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Utils.php:54]: Getting attribute [name=report] from the HTTP request
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Utils.php:54]: Getting attribute [name=mode] from the HTTP request
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Utils.php:54]: Getting attribute [name=protocol] from the HTTP request
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class Report loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class Host loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/managers/DbManager.php:152]: Sql query: select attrValue from PakitiAttributes where attrName='dbVersion'
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/managers/DbManager.php:144]: Successfully conected to the database [dbName=pakiti,dbHost=localhost,dbUser=pakiti]
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Loader.php:76]: Class DbManager loaded
May 13 20:30:32 pakiti Pakiti[39571]: (127.0.0.1:57608) Mon, 13 May 24 19:30:32 +0000 [/var/www/pakiti-server/src/common/Pakiti.php:24]: Pakiti initialized

Apache access_log: 127.0.0.1 - - [13/May/2024:20:30:32 +0100] "POST /pakiti/feed/index.php?protocol=5 HTTP/1.1" 500 - "-" "curl/7.76.1"

Populated VDS and downloaded CVEs successfully. Website loads, reports 22,678 CVEs monitored.

Also tried on a CentOS v7.9.2009 box with pakiti-client-3.0.1-1.el7.noarch from epel:

pakiti-client --url='http://pakiti/pakiti/feed/'
HTTP/1.1 100 Continue

HTTP/1.1 500 Internal Server Error
Date: Mon, 13 May 2024 19:51:12 GMT
Server: Apache/2.4.57 (Rocky Linux)
X-Powered-By: PHP/8.2.13
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

pakiti-client: failed to send data using /bin/curl

Similar messages in logs. In the middle of troubleshooting, will pick up again tomorrow.

Thanks.