OMI server doesn't generate logs for RHEL8.2

[PauCoda]

Hi,

I executed the MS instructions.

• I installed python2,
• added 1270 Port to omiserver.conf
• used OMS extension and DSC installation
• registered VM

I see OMS and OMI is running. But when running sudo /var/opt/omi/log/omiserver.log I'm not getting logs at all. I can't also enable patching for this Virtual Machine in Update Management.

I used this articles and tools: Python2 installation: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agent-linux#python-requirement Linux agent configuration: https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agent-manage#linux-agent-3 OMS extension: https://docs.microsoft.com/en-gb/azure/virtual-machines/extensions/oms-linux?toc=/azure/azure-monitor/toc.json DSC: yum install -y -q wget https://github.com/microsoft/PowerShell-DSC-for-Linux/releases/download/v1.2.1-0/dsc-1.2.1-0.ssl_110.x64.rpm || exit 1

[JumpingYang001]

Hi @PauCoda , /var/opt/omi/log/omiserver.log should be empty by default if no errors.

According to https://msrc-blog.microsoft.com/2021/09/16/additional-guidance-regarding-omi-vulnerabilities-within-azure-vm-management-extensions/,

Azure Automation Update Management | Cloud | Local Elevation of Privilege | OMS Agent for Linux GA v1.13.39or less | OMS Agent forLinux GA v1.13.40-0 | Microsoft has completed the deployment of updates.   VMs that continue to be reported as vulnerable: Manually update using instructions [here](https://docs.microsoft.com/en-us/azure/azure-monitor/agents/agent-linux#upgrade-from-a-previous-release) -- | -- | -- | -- | -- | --

[PauCoda]

Thank you for reply @JumpingYang001 . For /var/opt/microsoft/omsconfig/omsconfig.log I'm getting many errors like:

2021/09/29 17:51:50: ERROR: null(0): EventId=1 Priority=ERROR Job 36EEE86D-5FBC-47C9-9419-0B9E709A3844 :
DSC Engine Error :
         Error Message FindFirstFile Failed.
        Error Code : 1
2021/09/29 17:53:44: ERROR: null(0): EventId=1 Priority=ERROR Job 36EEE86D-5FBC-47C9-9419-0B9E709A3844 :
DSC Engine Error :
         Error Message FindFirstFile Failed.
        Error Code : 1
2021/09/29 17:54:15: ERROR: null(0): EventId=1 Priority=ERROR Job 36EEE86D-5FBC-47C9-9419-0B9E709A3844 :
DSC Engine Error :
         Error Message FindFirstFile Failed.
        Error Code : 1

I see this is related to command /opt/omi/bin/OMSConsistencyInvoker >/dev/null 2>&1. After running cat OMSConsistencyInvoker I got parts:

??????/opt/rh/devtoolset-2/root/usr/lib/gcc/x86_64-CentOS-linux/4.8.2/include?/usr/include/bits?/usr/include??ConsistencyInvoker.c????stddef.h???types.h???stdio.h???libio.h???stdlib.h???string.h????? ?
                                                                                                                                                                                                         @??????1U1[?;?Y;=?B???e?=?!sk??;>Y;=???B???e?=?3Oa.?? @?????#Uust?Y7qM9??v?>?,c"ʄ?Y>:?Y(Z?e="?printf?__off_t?_IO_read_ptr?malloc?_chain?size_t?_shortbuf?strstr?_IO_buf_base?long long unsigned int?pipe?getPythonProvider?long long int?buffer_length?_fileno?_IO_read_end?_flags?__s2_len?_IO_buf_end?_cur_column?_old_offset?fullCommandLength?_IO_marker?stdin?strlen?_IO_write_ptr?_sbuf?short unsigned int?_IO_save_base?_lock?_flags2?_mode?strcat?stdout?fgets?sizetype?_IO_write_end?pythonCommand?_IO_lock_t?_IO_FILE?__s1_len?_pos?ConsistencyInvoker.c?_markers?unsigned char?short int?_unused2?/source/dsc/LCM/dsc/engine/ConsistencyInvoker?_vtable_offset?__stack_chk_fail?buffer?_next?__off64_t?_IO_read_base?memcpy?_IO_save_end?__pad1?__pad2?__pad3?__pad4?__pad5?dscScriptPath?GNU C 4.8.2 20140120 (Red Hat 4.8.2-15) -mtune=generic -march=x86-64 -g -O2 -fPIC -fvisibility=hidden -fno-strict-aliasing -fstack-protector-all?argv?popen?_IO_backup_base?fullCommand?system?argc?realloc?main?_IO_write_base?returnValue?result??

  /usr/lib/../lib64/crti.o?call_gmon_start?ConsistencyInvoker.c?crtstuff.c?__JCR_LIST__?deregister_tm_clones?register_tm_clones?__do_global_dtors_aux?completed.6330?__do_global_dtors_aux_fini_array_entry?frame_dummy?__frame_dummy_init_array_entry?__FRAME_END__?__JCR_END__?__preinit_array_start?__fini_array_end?_GLOBAL_OFFSET_TABLE_?__preinit_array_end?__fini_array_start?__init_array_end?__init_array_start?_DYNAMIC?data_start?getPythonProvider?printf@@GLIBC_2.2.5?__libc_csu_fini?_start?__gmon_start__?_Jv_RegisterClasses?_fini?malloc@@GLIBC_2.2.5?__libc_start_main@@GLIBC_2.2.5?system@@GLIBC_2.2.5?fgets@@GLIBC_2.2.5?_ITM_deregisterTMCloneTable?_IO_stdin_used?strlen@@GLIBC_2.2.5?_ITM_registerTMCloneTable?__data_start?__TMC_END__?strstr@@GLIBC_2.2.5?strcat@@GLIBC_2.2.5?__dso_handle?__libc_csu_init?memcpy@@GLIBC_2.2.5?__bss_start?__stack_chk_fail@@GLIBC_2.4?_end?realloc@@GLIBC_2.2.5?_edata?popen@@GLIBC_2.2.5?main?_init?

RHEL8.2 has only 2.28 version of glibc. We can't update to 2.4 according https://github.com/microsoft/PowerShell-DSC-for-Linux/releases/

Required package | Description | Minimum version -- | -- | -- Glibc | GNU C Library | 2.4 - 31.30

 sudo dnf install glibc
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
Last metadata expiration check: 2:50:13 ago on Wed 29 Sep 2021 03:57:38 PM UTC.
Package glibc-2.28-101.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!

Maybe it's another reason, because I also deployed RHEL7.8 and there is installed DSC 1.1.1-926 and has older glibc-2.17-307.el7.1.x86_64. I don't see this error there. We also get similar file

??????/opt/rh/devtoolset-2/root/usr/lib/gcc/x86_64-CentOS-linux/4.8.2/include?/usr/include/bits?/usr/include??ConsistencyInvoker.c????stddef.h???types.h???stdio.h???libio.h???stdlib.h???string.h????? ?
@??????1U1[?;?Y;=?B???e?=?!sk??;>Y;=???B???e?=?3Oa.??        @?????#Uust?Y7qM9??v?>?,c"ʄ?Y>:?Y(Z?e="?printf?__off_t?_IO_read_ptr?malloc?_chain?size_t?_shortbuf?strstr?_IO_buf_base?long long unsigned int?pipe?getPythonProvider?long long int?buffer_length?_fileno?_IO_read_end?_flags?__s2_len?_IO_buf_end?_cur_column?_old_offset?fullCommandLength?_IO_marker?stdin?strlen?_IO_write_ptr?_sbuf?short unsigned int?_IO_save_base?_lock?_flags2?_mode?strcat?stdout?fgets?sizetype?_IO_write_end?pythonCommand?_IO_lock_t?_IO_FILE?__s1_len?_pos?ConsistencyInvoker.c?_markers?unsigned char?short int?_unused2?/source/dsc/LCM/dsc/engine/ConsistencyInvoker?_vtable_offset?__stack_chk_fail?buffer?_next?__off64_t?_IO_read_base?memcpy?_IO_save_end?__pad1?__pad2?__pad3?__pad4?__pad5?dscScriptPath?GNU C 4.8.2 20140120 (Red Hat 4.8.2-15) -mtune=generic -march=x86-64 -g -O2 -fPIC -fvisibility=hidden -fno-strict-aliasing -fstack-protector-all?argv?popen?_IO_backup_base?fullCommand?system?argc?realloc?main?_IO_write_base?returnValue?result??
@??????????????????????.symtab?.strtab?.shstrtab?.interp?.note.ABI-tag?.note.gnu.build-id?.gnu.hash?.dynsym?.dynstr?.gnu.version?.gnu.version_r?.rela.dyn?.rela.plt?.init?.text?.fini?.rodata?.eh_frame_hdr?.eh_frame?.init_array?.fini_array?.jcr?.dynamic?.got?.got.plt?.data?.bss?.comment?.debug_aranges?.debug_info?.debug_abbrev?.debug_line?.debug_str?.debug_loc?.debug_ranges??????????????????????????????????????
ConsistencyInvoker.c?crtstuff.c?__JCR_LIST__?deregister_tm_clones?register_tm_clones?__do_global_dtors_aux?completed.6330?__do_global_dtors_aux_fini_array_entry?frame_dummy?__frame_dummy_init_array_entry?__FRAME_END__?__JCR_END__?__fini_array_end?__preinit_array_start?__preinit_array_end?__init_array_end?__fini_array_start?_DYNAMIC?__init_array_start?_GLOBAL_OFFSET_TABLE_?__libc_csu_fini?_ITM_deregisterTMCloneTable?data_start?_edata?_fini?strlen@@GLIBC_2.2.5?getPythonProvider?__stack_chk_fail@@GLIBC_2.4?system@@GLIBC_2.2.5?printf@@GLIBC_2.2.5?__libc_start_main@@GLIBC_2.2.5?fgets@@GLIBC_2.2.5?__data_start?memcpy@@GLIBC_2.2.5?__gmon_start__?__dso_handle?_IO_stdin_used?__libc_csu_init?malloc@@GLIBC_2.2.5?_end?_start?realloc@@GLIBC_2.2.5?__bss_start?main?popen@@GLIBC_2.2.5?_Jv_RegisterClasses?strcat@@GLIBC_2.2.5?__TMC_END__?_ITM_registerTMClonerpm -q glibc

[PauCoda]

I also can't enable Update Management for RHEL8.2. I'm getting error: Hybrid runbook worker is not running. Update deployment is disabled in current_mof file: (/etc/opt/omi/conf/omsconfig/configuration/Current.mof).

I don't know why this is happening, I found in logs "OMSAgent is multi-homed and resource is updating workspace .." for RHEL8.2 and RHEL7.8. According MS documentation https://docs.microsoft.com/en-us/azure/automation/troubleshoot/update-agent-issues-linux#multihoming : "Update Management doesn't support multihoming."

But only for RHEL8.2 is not working, for RHEL7.8 works properly. I don't know why there is another workspace. I set only one for OMS extension.

[JumpingYang001]

Hi @PauCoda , omsconfig is in another repo: https://github.com/Microsoft/PowerShell-DSC-for-Linux , it is another product,, I think you can file related issue there, and current repo is only for omi, thanks.

[JumpingYang001]

since omiserver.log is empty by default, I close this issue, thanks.