NoAuthHandlerFound: No handler was ready to authenticate. (S3)

[TJM]

When using the S3 backend, we got the following error:

--- Start running command BKP at 05:37:34.976 ---

Duplicity 0.6 series is being deprecated:
See http://www.nongnu.org/duplicity/

Traceback (most recent call last):
  File "/bin/duplicity", line 1509, in <module>
    with_tempdir(main)
  File "/bin/duplicity", line 1503, in with_tempdir
    fn()
  File "/bin/duplicity", line 1336, in main
    action = commandline.ProcessCommandLine(sys.argv[1:])
  File "/usr/lib64/python2.7/site-packages/duplicity/commandline.py", line 1062, in ProcessCommandLine
    backup, local_pathname = set_backend(args[0], args[1])
  File "/usr/lib64/python2.7/site-packages/duplicity/commandline.py", line 955, in set_backend
    globals.backend = backend.get_backend(bend)
  File "/usr/lib64/python2.7/site-packages/duplicity/backend.py", line 163, in get_backend
    return _backends[pu.scheme](pu)
  File "/usr/lib64/python2.7/site-packages/duplicity/backends/_boto_single.py", line 163, in __init__
    self.resetConnection()
  File "/usr/lib64/python2.7/site-packages/duplicity/backends/_boto_single.py", line 185, in resetConnection
    self.conn = get_connection(self.scheme, self.parsed_url, self.storage_uri)
  File "/usr/lib64/python2.7/site-packages/duplicity/backends/_boto_single.py", line 101, in get_connection
    is_secure=(not globals.s3_unencrypted_connection))
  File "/usr/lib/python2.7/site-packages/boto/storage_uri.py", line 117, in connect
    **connection_args)
  File "/usr/lib/python2.7/site-packages/boto/s3/connection.py", line 191, in __init__
    validate_certs=validate_certs, profile_name=profile_name)
  File "/usr/lib/python2.7/site-packages/boto/connection.py", line 569, in __init__
    host, config, self.provider, self._required_auth_capability())
  File "/usr/lib/python2.7/site-packages/boto/auth.py", line 989, in get_auth_handler
    'Check your credentials' % (len(names), str(names)))
NoAuthHandlerFound: No handler was ready to authenticate. 1 handlers were checked. ['HmacAuthV1Handler'] Check your credentials

It turns out to be related to a duply upgrade, somewhere between 1.9.1 and 1.11.1 per this bug: https://sourceforge.net/p/ftplicity/bugs/90/

My current workaround was to set:

duplicity::duply_package_ensure: 1.9.1-1.el7

in my hiera, which forced puppet to downgrade the package, but I have to assume there is a proper way to fix this? (and that it has already been fixed for everyone else 🍼 .

It appears that we need to set some new "environment variables" (AWS_....)

NOTE: we had an issue which was blocking our epel package upgrades getting into pulp, so we were a bit behind on receiving this upgrade.

~tommy

[call]

I also ran into this issue and worked around it by installing v. 1.9.1 via the sourceforge archive provider example, as shown in the readme. FWIW, I was only able to successfully connect to my s3 bucket using the s3+http://[bucketname] URI scheme.

[TJM]

Yes. in 1.10 duply removed all the code that made a basic TARGET_USER/TARGET_PASS map to whatever environment specific variables were needed, so now we need to probably add that same capability (move the spaghetti code here). Alternatively, just have a generic "settings" array that adds settings to the config file?

[tohuwabohu]

Alternatively, just have a generic "settings" array that adds settings to the config file?

Yeah, that looks like a good idea to me. I presume you mean settings that should be exported like ...

export AWS_ACCESS_KEY_ID='some key'
export AWS_SECRET_ACCESS_KEY='some secret'

so everyone would have to know which environment variables to set based on the used backend.

[TJM]

@tohuwabohu - Yes, like that. Apparently that is the direction that duply has moved, so I guess it makes sense for this module to go the same direction :)

[andrewalles]

Hi, @TJM & I put together a patch that replaces that TARGET_USER/TARGET_PASS combo with environment variables that can be pulled from Hiera - if it can't get that, it maps the TARGET_USER/PASS. Please take a look, and if it passes muster I can submit as a pull request. Issue-25 fix

[tohuwabohu]

Fixed in version 4.1.0