search

plus3it / amigen7

Set of tools to provide automation of tasks for creating STIG-partitioned EL7 AMIs
Apache License 2.0
34 stars 27 forks source link

[BUG] ChRootBuild not making /bin or libraries #75

Closed WingsLikeEagles closed 4 years ago

WingsLikeEagles commented 4 years ago

Describe the bug When running the ChrootBuild.sh script the /mnt/ec2-user/bin folder/contents and any associated libraries are not available. This is causing failure for anything trying to execute from the /bin folder in the chroot'd environment. For example, /bin/yum-config-manage fails to run.

Severity

To Reproduce Steps to reproduce the behavior:

  1. Create a new instance based on the RHEL 7.6 AMI (in GovCloud this is Red Hat Enterprise Linux 7.6 (HVM), SSD Volume Type - ami-5a740e3b)
  2. Follow the instructions in "Docs/README_PublicRun.md"
  3. See the errors when you run ./ChrootBuild.sh A. "warning: %post(rh-amazon-rhui-client-3.0.22-1.el7.noarch) scriptlet failed, exit status 127" B. "There are no enabled repos." C. "chroot: failed to run command ‘/bin/yum-config-manager’: No such file or directory" D. List of all the packages not installed "package Red_Hat_Enterprise_Linux-Release_Notes-7-en-US is not installed "package audit is not installed..." and more.

Expected behavior Significantly less errors. Preferably none. All packages to be installed. /mnt/ec2-user/bin to exist as well as required libraries for yum-config-manager to run successfully.

Deviance Description Errors cause failure to create new AMI.

Additional context

Fix Suggestions

ferricoxide commented 4 years ago

Not able to reproduce. The spel project used this project's contents earlier this week to generate new AMIs (see manifests in commit be5343b).

wcgcoder commented 4 years ago

I can confirm this bug on ami-2c74214d (RHEL-7.7_HVM-20190923-x86_64-0-Hourly2-GP2) Also tested on RHEL-7.6_HVM-20190618-x86_64-0-Hourly2-GP2 ami-5a740e3b as well, and gave this a try, too: https://github.com/plus3it/spel/blob/master/spel/scripts/amigen7-build.sh

After running 

./DiskSetup.sh -b /boot -v VolGroup00 -d /dev/xvdf ; 
./MkChrootTree.sh   /dev/xvdf ; 
./MkTabs.sh /dev/xvdf ;

Then run 

[root@ip-xxxxx AMIgen7]# ls -la /mnt/ec2-root/
total 45
drwxr-xr-x.  14 root root  4096 Sep 18 17:09 .
drwxr-xr-x.   3 root root    22 Sep 18 17:08 ..
drwxr-xr-x.   3 root root  1024 Sep 18 17:08 boot
drwxr-xr-x.  19 root root  2960 Sep 18 17:08 dev
drwxr-xr-x.   8 root root  4096 Sep 18 17:09 etc
drwxr-xr-x.   3 root root  4096 Sep 18 17:08 home
drwx------.   2 root root 16384 Sep 18 17:08 lost+found
drwxr-xr-x.   2 root root  4096 Sep 18 17:08 opt
dr-xr-xr-x. 171 root root     0 Sep 18 16:55 proc
drwxr-xr-x.  26 root root   780 Sep 18 17:12 run
dr-xr-xr-x.  13 root root     0 Sep 18 16:55 sys
drwxr-xr-x.   3 root root  4096 Sep 18 17:08 tmp
drwxr-xr-x.   6 root root  4096 Sep 18 17:09 usr
drwxr-xr-x.   7 root root  4096 Sep 18 17:08 var

We're missing /mnt/ec2-root/bin!

lorengordon commented 4 years ago

@wcgcoder ami-2c74214dis the same AMI we use currently in GovCloud to build the spel AMIs. Can guarantee it works fine. Must be some other user config/invocation that is causing the problem.