search

linux-system-roles / kdump

An ansible role which configures kdump
https://linux-system-roles.github.io/kdump/
MIT License
19 stars 20 forks source link

ssh target, make kdump_ssh_user/kdump_ssh_server optional? #184

Open jelly opened 9 months ago

jelly commented 9 months ago

We have been working on generating an ansible role based on the current kdump configuration in Cockpit and noticed that with an ssh target kdump_ssh_user and kdump_ssh_server while they could be found out from the kdump location.

Without it the role fails.

localhost | SUCCESS | rc=0 >>
skipped, since /root/.ssh/id_rsa existsDid not run command since '/root/.ssh/id_rsa' exists
localhost | SUCCESS => {
    "changed": false,
    "encoding": "base64",
    "source": "/root/.ssh/id_rsa.pub"
}
localhost | FAILED! => {
    "changed": false,
    "msg": "argument 'name' is of type <class 'NoneType'> and we were unable to convert to str: 'None' is not a string and conversion is not allowed"
}

I couldn't find any documentation on kdump_ssh_user and kdump_ssh_server do the exist to copy the ssh key to the configured kdump user in the kdump location so that you could have a special kdump user to write the dump too?

martinpitt commented 9 months ago

Yes please -- currently you have to specify a config like:

- name: set up kdump
  hosts: localhost
  vars:
    kdump_target:
      type: ssh
      location: "admin@10.111.113.2"
    kdump_ssh_server: "10.111.113.2"
    kdump_ssh_user: "admin"
  roles:
    - linux-system-roles.kdump

... and apparently all of the keys location, kdump_ssh_server, kdump_ssh_user are required. These are redundant and can contradict themselves.

jelly commented 9 months ago

We uncovered an issue when we don't provide a username and set the location to example.com but do set kdump_ssh_server and kdump_ssh_user. This would lead to a kdump.conf with

-ssh admin@example.com
+ssh example.com

This breaks kdump.service, as ssh is required to be user@example.com.

martinpitt commented 9 months ago

See https://bugzilla.redhat.com/show_bug.cgi?id=2251216 for the kexec-tools side of this -- but I suspect they don't actually want to accept ssh hostname, and it's just giving a bad error message. I think it'd be preferable in this case to only specify kdump_ssh_{server,user} and not kdump_target.location -- that will both fix the redundancy and also avoid that kexec-tools bug.