search

redhataccess / foreman-plugin

Container for Foreman Plugin
13 stars 20 forks source link

Error after installing tfm-rubygem-redhat_access #38

Closed mvdboogaard closed 5 years ago

mvdboogaard commented 5 years ago

After installing tfm-rubygem-redhat_access I see the following error in the logfile:

2019-05-13T16:18:21 [W|app|] Could not create role 'Red Hat Access Logs': ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_log_viewer", "logs", :logs, :view_log_viewer]
2019-05-13T16:18:21 [E|app|] Cannot continue because some permissions were not found, please run rake db:seed and retry
2019-05-13T16:18:21 [F|app|] Failed running Dynflow daemon
2019-05-13T16:18:21 [F|app|] <Foreman::PermissionMissingException> ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_log_viewer", "logs", :logs, :view_log_viewer]
    /usr/share/foreman/app/models/role.rb:335:in `permission_records'
    /usr/share/foreman/app/models/role.rb:154:in `add_permissions'
    /usr/share/foreman/app/models/role.rb:207:in `add_permissions!'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:44:in `block in create_plugin_role'
    /usr/share/foreman/app/models/role.rb:86:in `ignore_locking'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:42:in `create_plugin_role'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:37:in `block in process_role'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:35:in `process_role'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:13:in `block (2 levels) in register_role'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activerecord-5.2.1/lib/active_record/connection_adapters/abstract/database_statements.rb:254:in `block in transaction'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activerecord-5.2.1/lib/active_record/connection_adapters/abstract/transaction.rb:239:in `block in within_new_transaction'
    /opt/rh/rh-ruby25/root/usr/share/ruby/monitor.rb:226:in `mon_synchronize'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activerecord-5.2.1/lib/active_record/connection_adapters/abstract/transaction.rb:236:in `within_new_transaction'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activerecord-5.2.1/lib/active_record/connection_adapters/abstract/database_statements.rb:254:in `transaction'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activerecord-5.2.1/lib/active_record/transactions.rb:212:in `transaction'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:12:in `block in register_role'
    /usr/share/foreman/app/models/concerns/foreman/thread_session.rb:100:in `as'
    /usr/share/foreman/app/models/concerns/foreman/thread_session.rb:106:in `as_anonymous_admin'
    /usr/share/foreman/app/services/foreman/plugin/role_lock.rb:11:in `register_role'
    /usr/share/foreman/app/registries/foreman/plugin.rb:285:in `block (2 levels) in role'
    /opt/theforeman/tfm/root/usr/share/gems/gems/audited-4.7.1/lib/audited/auditor.rb:336:in `without_auditing'
    /usr/share/foreman/app/registries/foreman/plugin.rb:284:in `block in role'
    /opt/theforeman/tfm/root/usr/share/gems/gems/audited-4.7.1/lib/audited/auditor.rb:336:in `without_auditing'
    /usr/share/foreman/app/registries/foreman/plugin.rb:283:in `role'
    /opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-2.2.0/lib/redhat_access/engine.rb:126:in `block (2 levels) in <class:Engine>'
    /usr/share/foreman/app/registries/foreman/plugin.rb:74:in `instance_eval'
    /usr/share/foreman/app/registries/foreman/plugin.rb:74:in `register'
    /opt/theforeman/tfm/root/usr/share/gems/gems/redhat_access-2.2.0/lib/redhat_access/engine.rb:59:in `block in <class:Engine>'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:69:in `block in execute_hook'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:62:in `with_execution_control'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:67:in `execute_hook'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:52:in `block in run_load_hooks'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:51:in `each'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/lazy_load_hooks.rb:51:in `run_load_hooks'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/application/finisher.rb:75:in `block in <module:Finisher>'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/initializable.rb:32:in `instance_exec'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/initializable.rb:32:in `run'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/initializable.rb:61:in `block in run_initializers'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:228:in `block in tsort_each'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:350:in `block (2 levels) in each_strongly_connected_component'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:431:in `each_strongly_connected_component_from'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:349:in `block in each_strongly_connected_component'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:347:in `each'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:347:in `call'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:347:in `each_strongly_connected_component'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:226:in `tsort_each'
    /opt/rh/rh-ruby25/root/usr/share/ruby/tsort.rb:205:in `tsort_each'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/initializable.rb:60:in `run_initializers'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/application.rb:361:in `initialize!'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/railtie.rb:190:in `public_send'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/railties-5.2.1/lib/rails/railtie.rb:190:in `method_missing'
    /usr/share/foreman/config/environment.rb:5:in `<top (required)>'
    /opt/rh/rh-ruby25/root/usr/share/rubygems/rubygems/core_ext/kernel_require.rb:59:in `require'
    /opt/rh/rh-ruby25/root/usr/share/rubygems/rubygems/core_ext/kernel_require.rb:59:in `require'
    /opt/theforeman/tfm/root/usr/share/gems/gems/polyglot-0.3.5/lib/polyglot.rb:65:in `require'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:287:in `block in require'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:253:in `load_dependency'
    /opt/theforeman/tfm-ror52/root/usr/share/gems/gems/activesupport-5.2.1/lib/active_support/dependencies.rb:287:in `require'
    /opt/theforeman/tfm/root/usr/share/gems/gems/dynflow-1.2.1/lib/dynflow/rails/daemon.rb:46:in `run'
    /opt/theforeman/tfm/root/usr/share/gems/gems/dynflow-1.2.1/lib/dynflow/rails/daemon.rb:78:in `block (2 levels) in run_background'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/application.rb:265:in `block in start_proc'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/daemonize.rb:84:in `call_as_daemon'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/application.rb:269:in `start_proc'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/application.rb:295:in `start'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:49:in `block (3 levels) in watch'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:49:in `fork'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:49:in `block (2 levels) in watch'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:43:in `each'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:43:in `block in watch'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:42:in `loop'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:42:in `watch'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:66:in `block in start_with_pidfile'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:61:in `fork'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:61:in `start_with_pidfile'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/monitor.rb:92:in `start'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/application_group.rb:141:in `create_monitor'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/application.rb:283:in `start'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/controller.rb:56:in `run'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons.rb:193:in `block in run_proc'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons/cmdline.rb:88:in `catch_exceptions'
    /opt/theforeman/tfm/root/usr/share/gems/gems/daemons-1.2.3/lib/daemons.rb:192:in `run_proc'
    /opt/theforeman/tfm/root/usr/share/gems/gems/dynflow-1.2.1/lib/dynflow/rails/daemon.rb:72:in `block in run_background'
    /opt/theforeman/tfm/root/usr/share/gems/gems/dynflow-1.2.1/lib/dynflow/rails/daemon.rb:71:in `times'
    /opt/theforeman/tfm/root/usr/share/gems/gems/dynflow-1.2.1/lib/dynflow/rails/daemon.rb:71:in `run_background'
    /usr/sbin/dynflowd:71:in `block in <main>'
    /usr/sbin/dynflowd:67:in `chdir'
    /usr/sbin/dynflowd:67:in `<main>'

After restarting foreman the GUI is not available anymore with the same error message. Removing tfm-rubygem-redhat_access will gain access to the GUI again.

RedHat access is never shown in the GUI

mvdboogaard commented 5 years ago

I see also the roles "Red Hat Access Logs", "Access Insights Viewer" and "Access Insights Admin" are not created:

2019-05-14T09:36:43 [W|app|] Creating scope :path_of. Overwriting existing method FactName.path_of.
2019-05-14T09:36:44 [W|app|] Scoped order is ignored, it's forced to be batch order.
2019-05-14T09:36:44 [W|app|] Could not create role 'Red Hat Access Logs': ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_log_viewer", "logs", :logs, :view_log_viewer]
2019-05-14T09:36:44 [W|app|] Scoped order is ignored, it's forced to be batch order.
2019-05-14T09:36:44 [W|app|] Could not create role 'Access Insights Viewer': ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_hosts", "rh_telemetry_api", "rh_telemetry_view", :rh_telemetry_api, :rh_telemetry_view, :view_hosts]
2019-05-14T09:36:45 [W|app|] Scoped order is ignored, it's forced to be batch order.
2019-05-14T09:36:45 [W|app|] Could not create role 'Access Insights Admin': ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_hosts", "rh_telemetry_api", "rh_telemetry_view", "rh_telemetry_configurations", :rh_telemetry_api, :rh_telemetry_view, :rh_telemetry_configurations, :view_hosts]
2019-05-14T09:36:32 [W|app|] Creating scope :path_of. Overwriting existing method Hostgroup.path_of.
2019-05-14T09:36:32 [W|app|] Creating scope :path_of. Overwriting existing method Taxonomy.path_of.
2019-05-14T09:36:32 [W|app|] Creating scope :completer_scope. Overwriting existing method Organization.completer_scope.
2019-05-14T09:36:33 [W|app|] Scoped order is ignored, it's forced to be batch order.
2019-05-14T09:36:34 [W|app|] Creating scope :completer_scope. Overwriting existing method Location.completer_scope.
2019-05-14T09:36:37 [I|app|] Triggering..
2019-05-14T09:36:38 [W|app|] ignoring associations organization_ids, location_ids audit definition for Container, the resource is not audited
2019-05-14T09:36:38 [W|app|] Creating scope :path_of. Overwriting existing method FactName.path_of.
2019-05-14T09:36:39 [W|app|] ignoring associations organization_ids, location_ids audit definition for DockerContainerWizardStates::Preliminary, the resource is not audited
2019-05-14T09:36:39 [W|app|] ignoring associations organization_ids, location_ids audit definition for DockerRegistry, the resource is not audited
2019-05-14T09:36:46 [W|app|] Scoped order is ignored, it's forced to be batch order.
2019-05-14T09:36:46 [W|app|] Could not create role 'Red Hat Access Logs': ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_log_viewer", "logs", :logs, :view_log_viewer]
2019-05-14T09:36:46 [E|app|] Cannot continue because some permissions were not found, please run rake db:seed and retry
2019-05-14T09:36:46 [F|app|] Failed running Dynflow daemon
2019-05-14T09:36:46 [F|app|] <Foreman::PermissionMissingException> ERF73-0602 [Foreman::PermissionMissingException]: some permissions were not found: ["view_log_viewer", "logs", :logs, :view_log_viewer]
ares commented 5 years ago

Did you run foreman-rake db:seed after installing? The permission you mention though should be created after Foreman restart thanks to https://github.com/redhataccess/foreman-plugin/blob/master/redhat-access/lib/redhat_access/engine.rb#L115

Did you do service httpd restart after installing the plugin?

mvdboogaard commented 5 years ago

I did run foreman-rake db:seed and also foreman-rake db:migrate just to be sure. After installation I restarted foreman completely (foreman-maintain restart). I tried it again and it is still not working. Now I only did a foreman-rake db:seed and service httpd restart.

I installed the following packages:

I use the Katello 3.11 repository

mvdboogaard commented 5 years ago

I wil start with an upgrade to Katello 3.12 and Foreman 1.22 which provides tfm-rubygem-redhat_access-2.2.5. As I can see this version must have the fix in it.

mvdboogaard commented 5 years ago

I upgraded Katello and Foreman and installed tfm-rubygem-redhat_access again with foreman-rake db:seed and service httpd restart. But still the same error.

mvdboogaard commented 5 years ago

Problem solved!! The problem was that I had duplicate permissions for RedHat Access. Somehow they weren't removed proparly once. I removed tfm-rubygem-redhat_access and tfm-rubygem-redhat_access_lib. Next I looked up the permissions which are defined in https://github.com/redhataccess/foreman-plugin/blob/91d8d8209108a5c2b953a14c76f9043b88de95de/redhat-access/lib/redhat_access/engine.rb and removed them. As there are duplicate permissions you have to lookup serveral times and remove them (till you get the response nil) Example: irb(main):072:0> Permission.find_by_name('view_cases') => #<Permission id: 270, name: "view_cases", resource_type: nil, created_at: "2019-05-03 07:30:17", updated_at: "2019-05-03 07:30:17"> irb(main):073:0> Permission.find_by_name('view_cases').destroy irb(main):074:0> Permission.find_by_name('view_cases') => nil