punarjitsingh-okta commented 1 year ago

Version:

train-core-3.10.1

Environment:

NAME="Amazon Linux"
VERSION="2"
ID="amzn"
ID_LIKE="centos rhel fedora"
VERSION_ID="2"
PRETTY_NAME="Amazon Linux 2"
HOME_URL="https://amazonlinux.com/"

Scenario:

Trying to run inspec exec profile_name -t ssh://@<host> - it passes and works fine but we get the following issue intermittently:

/usr/share/gems/gems/train-core-3.10.1/lib/train/platforms/detect/scanner.rb:39:in `scan': Sorry, we are unable to detect your platform (Train::PlatformDetectionFailed)
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/platforms/detect.rb:7:in `scan'
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/plugins/base_connection.rb:123:in `platform'
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/extras/command_wrapper.rb:190:in `load'
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/transports/ssh_connection.rb:60:in `initialize'
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/transports/ssh.rb:291:in `new'
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/transports/ssh.rb:291:in `create_new_connection'
    from /usr/share/gems/gems/train-core-3.10.1/lib/train/transports/ssh.rb:86:in `connection'
    from /usr/share/gems/gems/inspec-core-5.18.14/lib/inspec/backend.rb:38:in `create'
    from /usr/share/gems/gems/inspec-core-5.18.14/lib/inspec/runner.rb:87:in `configure_transport'
    from /usr/share/gems/gems/inspec-core-5.18.14/lib/inspec/runner.rb:79:in `initialize'
    from /usr/share/gems/gems/inspec-core-5.18.14/lib/inspec/cli.rb:363:in `new'
    from /usr/share/gems/gems/inspec-core-5.18.14/lib/inspec/cli.rb:363:in `exec'
    from /usr/share/gems/gems/thor-1.2.1/lib/thor/command.rb:27:in `run'
    from /usr/share/gems/gems/thor-1.2.1/lib/thor/invocation.rb:127:in `invoke_command'
    from /usr/share/gems/gems/thor-1.2.1/lib/thor.rb:392:in `dispatch'
    from /usr/share/gems/gems/thor-1.2.1/lib/thor/base.rb:485:in `start'
    from /usr/share/gems/gems/inspec-core-5.18.14/lib/inspec/base_cli.rb:35:in `start'
    .
    .
    .
exit status 1

Steps to Reproduce:

Install - chef inspec or cinc-auditor version 5.18.14 with Ruby 3.0
Spin up an Amazon Linux 2 ec2 instance and configure it to listen for ssh connections.
Run some systemd_service that you can test

Write a new inspec profile similar to:

describe systemd_service('service_name') do
it { should be_installed }
it { should be_enabled }
it { should be_running }
end

Run the profile as inspec exec profile_name -t ssh://@<host>
Repeat a couple of times until you get Sorry, we are unable to detect your platform (Train::PlatformDetectionFailed)

Expected Result:

inspec exec profile_name -t ssh://@<host> should execute the inspec profile tests on the given AL2 host without any issues.

Actual Result:

inspec exec profile_name -t ssh://@<host> for AL2 intermittently throws Sorry, we are unable to detect your platform (Train::PlatformDetectionFailed)

Note:

Our Amazon Linux 2 hosts have long motd before the shell is activated e.g.:

ps@XYZ ~ % ssh n1-zwerff.internal                                                                                     
===============================================================================
            xxxxxxxxxx - xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx - xxxxxxxxxx xxxxxxx
 xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx
 xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx
                         xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxx
===============================================================================
xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx xxx

       __|  __|_  )
       _|  (     /   Amazon Linux 2 AMI
      ___|\___|___|

https://aws.amazon.com/amazon-linux-2/

WIKI: https://aws.amazon.com/amazon-linux-2/

TL;DR
some text some text some text some text some text 
some text some text some text some text 
some text some text some text 
some text some text some text 
some text some text some text 
some text some text some text some text 

====================
some text :
some text some text 
==================== 

==== SELinux status ================================================================================
xxxxxxxxxx status:                 xxxxxxxxxx
xxxxxxxxxx mount:                /sys/fs/xxxxxxxxxx
xxxxxxxxxx root directory:         /etc/xxxxxxxxxx
xxxxxxxxxx policy name:             xxxxxxxxxx
xxxxxxxxxx mode:                   xxxxxxxxxx
xxxxxxxxxx from config file:          xxxxxxxxxx
xxxxxxxxxx status:              xxxxxxxxxx
xxxxxxxxxx status:     xxxxxxxxxx
xxxxxxxxxx version:      xxxxxxxxxx
====================================================================================================
All activities performed on this system will be monitored.
02/15 03:37[ssh_ps@n1-zwerff ~]$

clintoncwolfe commented 1 year ago

For what it's worth, I don't think the contents of the profile matter - if platform detection is failing, then the execution will fail before the profile is even examined, so there is no need to setup a systemd service to reproduce the problem. You can just use the default profile as generated by inspec init profile, which just tests for the existence of /tmp.

This issue has not yet been confirmed.

punarjitsingh-okta commented 1 year ago

Thank you @clintoncwolfe

yes profile doesn't matter. Just wanted to give a complete example.

Some race condition is failing platform detection randomly. Maybe it's the long motd as per https://blog.netnerds.net/2022/03/chef-inspec-unable-to-detect-platform/ - not too sure.

I've written a train plugin as an alternate ssh transport that bypasses train-core's platform detection.

It seems to have solved the issue for me.

thank you again

inspec / train

Intermittent issue for AL2: Sorry, we are unable to detect your platform (Train::PlatformDetectionFailed) #743