Suppress certain 'failed' promises error log entries.
28 views
Skip to first unread message
Matthias Rieber
Sep 9, 2016, 10:26:36 AM9/9/16
to help-c...@googlegroups.com
Hello,
I'm trying to reduce the noise in the logs. I've a bundle like this:
bundle agent rpcbind
{
vars:
any::
"whitelist" slist => { "drogo" };
classes:
any::
"whitelist" or => { classmatch(canonify($(whitelist))) };
packages:
!whitelist::
"rpcbind"
package_policy => "verify",
classes => if_ok("has_rpcbind");
methods:
has_rpcbind::
"rpcbind"
usebundle => set_remote_class("$(sys.host)", "rpcbind_installed");
}
The package promise generates an error message in the logs, but that's
actually not an error. So the question is:
1. Is there general wait to flag promises with something like
'fail_is_ok'.
or
2. Can I check if a package is installed without the error message?
Best Regards,
Matthias
I'm trying to reduce the noise in the logs. I've a bundle like this:
bundle agent rpcbind
{
vars:
any::
"whitelist" slist => { "drogo" };
classes:
any::
"whitelist" or => { classmatch(canonify($(whitelist))) };
packages:
!whitelist::
"rpcbind"
package_policy => "verify",
classes => if_ok("has_rpcbind");
methods:
has_rpcbind::
"rpcbind"
usebundle => set_remote_class("$(sys.host)", "rpcbind_installed");
}
The package promise generates an error message in the logs, but that's
actually not an error. So the question is:
1. Is there general wait to flag promises with something like
'fail_is_ok'.
or
2. Can I check if a package is installed without the error message?
Best Regards,
Matthias
Neil Watson
Sep 9, 2016, 10:46:01 AM9/9/16
to help-c...@googlegroups.com
What is the error message.
--
Neil H Watson @neil_h_watson
CFEngine reporting: https://github.com/neilhwatson/delta_reporting
CFEngine policy: https://github.com/neilhwatson/evolve_cfengine_freelib
CFEngine and vim: https://github.com/neilhwatson/vim_cf3
--
Neil H Watson @neil_h_watson
CFEngine reporting: https://github.com/neilhwatson/delta_reporting
CFEngine policy: https://github.com/neilhwatson/evolve_cfengine_freelib
CFEngine and vim: https://github.com/neilhwatson/vim_cf3
Matthias Rieber
Sep 9, 2016, 10:49:04 AM9/9/16
to Neil Watson, help-c...@googlegroups.com
It's:
Method 'rpcbind' failed in some repairs
Best Regards,
Matthias
> --
> You received this message because you are subscribed to the Google Groups
> "help-cfengine" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to help-cfengin...@googlegroups.com.
> To post to this group, send email to help-c...@googlegroups.com.
> Visit this group at https://groups.google.com/group/help-cfengine.
> For more options, visit https://groups.google.com/d/optout.
>
>
Method 'rpcbind' failed in some repairs
Best Regards,
Matthias
> You received this message because you are subscribed to the Google Groups
> "help-cfengine" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to help-cfengin...@googlegroups.com.
> To post to this group, send email to help-c...@googlegroups.com.
> Visit this group at https://groups.google.com/group/help-cfengine.
> For more options, visit https://groups.google.com/d/optout.
>
>
Neil Watson
Sep 9, 2016, 11:00:42 AM9/9/16
to help-c...@googlegroups.com
On Fri, Sep 09, 2016 at 04:49:01PM +0200, Matthias Rieber wrote:
>It's:
>
>Method 'rpcbind' failed in some repairs
I can't think of any way to suppress that. I'm not certain it's a valid
>It's:
>
>Method 'rpcbind' failed in some repairs
nag from cf-agent. If you look at verbose output can you see what's
causing the failure?
Matthias Rieber
Sep 9, 2016, 11:11:00 AM9/9/16
to Neil Watson, help-c...@googlegroups.com
The full log can be found here: https://yerl.org/hip0D
Isn't an error correct if the promise can't be kept?
verbose: PackageMatch did not find [installed] packages to match the constraints of promise (rpcbind,*,*) [name,version,arch]
info: Package 'rpcbind' cannot be verified -- no match
verbose: A: Promise NOT KEPT!
verbose: A: ...................................................
verbose: A: Bundle Accounting Summary for 'rpcbind' in namespace default
verbose: A: Promises kept in 'rpcbind' = 0
verbose: A: Promises not kept in 'rpcbind' = 1
verbose: A: Promises repaired in 'rpcbind' = 0
verbose: A: Aggregate compliance (promises kept/repaired) for bundle 'rpcbind' = 0.0%
verbose: A: ...................................................
verbose:
error: Method 'rpcbind' failed in some repairs
Best Regards,
Matthias
On Fri, 9 Sep 2016, Neil Watson wrote:
Isn't an error correct if the promise can't be kept?
verbose: PackageMatch did not find [installed] packages to match the constraints of promise (rpcbind,*,*) [name,version,arch]
info: Package 'rpcbind' cannot be verified -- no match
verbose: A: Promise NOT KEPT!
verbose: A: ...................................................
verbose: A: Bundle Accounting Summary for 'rpcbind' in namespace default
verbose: A: Promises kept in 'rpcbind' = 0
verbose: A: Promises not kept in 'rpcbind' = 1
verbose: A: Promises repaired in 'rpcbind' = 0
verbose: A: Aggregate compliance (promises kept/repaired) for bundle 'rpcbind' = 0.0%
verbose: A: ...................................................
verbose:
error: Method 'rpcbind' failed in some repairs
Best Regards,
Matthias
On Fri, 9 Sep 2016, Neil Watson wrote:
Neil Watson
Sep 9, 2016, 11:18:59 AM9/9/16
to help-c...@googlegroups.com
On Fri, Sep 09, 2016 at 05:10:58PM +0200, Matthias Rieber wrote:
>The full log can be found here: https://yerl.org/hip0D
>
>Isn't an error correct if the promise can't be kept?
You are correct. Curious, why verify instead of install? Verify only
>The full log can be found here: https://yerl.org/hip0D
>
>Isn't an error correct if the promise can't be kept?
does rpm verify, which is to md5sum every installed file in the package.
I can think of ways that check is not valid, like purposeful config file
changes.
Matthias Rieber
Sep 12, 2016, 4:16:20 AM9/12/16
to Neil Watson, help-c...@googlegroups.com
Hello,
On Fri, 9 Sep 2016, Neil Watson wrote:
it's installed to run set_remote_class() which gonna trigger an alert
somewhere else.
Best Regards,
Matthias
On Fri, 9 Sep 2016, Neil Watson wrote:
> On Fri, Sep 09, 2016 at 05:10:58PM +0200, Matthias Rieber wrote:
> > The full log can be found here: https://yerl.org/hip0D
> >
> > Isn't an error correct if the promise can't be kept?
>
> You are correct. Curious, why verify instead of install? Verify only
> does rpm verify, which is to md5sum every installed file in the package.
> I can think of ways that check is not valid, like purposeful config file
> changes.
My intention is to make sure that this package is not installed and when
> > The full log can be found here: https://yerl.org/hip0D
> >
> > Isn't an error correct if the promise can't be kept?
>
> You are correct. Curious, why verify instead of install? Verify only
> does rpm verify, which is to md5sum every installed file in the package.
> I can think of ways that check is not valid, like purposeful config file
> changes.
it's installed to run set_remote_class() which gonna trigger an alert
somewhere else.
Best Regards,
Matthias
Nick Anderson
Sep 14, 2016, 9:42:17 AM9/14/16
to Matthias Rieber, Neil Watson, help-c...@googlegroups.com
On 09/12/2016 03:16 AM, Matthias Rieber wrote:
> My intention is to make sure that this package is not installed and when
> it's installed to run set_remote_class() which gonna trigger an alert
> somewhere else.
Instead of using verify I would probably consider setting the
> My intention is to make sure that this package is not installed and when
> it's installed to run set_remote_class() which gonna trigger an alert
> somewhere else.
action_policy for the promise to warn.
https://docs.cfengine.com/lts/reference-promise-types.html#action_policy
But more likely I would use packagesmatching() to find packages on the
system that are undesirable and then either report on them or set
classes or iterate and remove them.
https://docs.cfengine.com/lts/reference-functions-packagesmatching.html
Reply all
Reply to author
Forward
0 new messages