Re: [vault] 'exec format error' on mount for plugins
747 views
Skip to first unread message
Message has been deleted
Brian Kassouf
Dec 30, 2018, 6:00:54 PM12/30/18
to vault...@googlegroups.com
Hi there,
Often times the "exec format error" means the binary was built for a
different arch. What is the output of `go env` and what OS/Arch are
you using?
Best,
Brian
On Sun, Dec 30, 2018 at 11:55 AM sanderiam <the.phi...@gmail.com> wrote:
>
> My plan is to take the Dynamic SSH Keys plugin and create a new one based on that to handle RSA key secrets for my authentication. (Before anyone points it out, I am aware of the issues with that plugin for use with SSH, but the pushing of keys for the platform I'm working on will not need the same sudo all access approach and therefore makes everything else about this plugin a good model.)
>
> After working in the go code for the SSH plugin for a while I decided to try to play with the build environment so I could test incrementally as I made changes. That's when I hit this 'exec format error' problem like a brick wall. I will include a full accounting of everything I did below. What it will include are all the commands run to achieve the results. In the end and what you will see below, I did not use any changed code at all. I forked the Hashicorp SSH plugin, and, when that failed many times, I tried the exact mock-plugin tutorial steps (https://learn.hashicorp.com/vault/developer/plugin-backends) and ended up in the same place. I did the initial steps on my macbook (forking and such), but moved to where I have vault running (an Amazon Linux based AWS instance) for the steps where I try to actually build and run both the forked SSH and the straight up mock-plugin plugins.
>
> The first block of stuff are steps taken to make my copy of your SSH plugin. I don't actually think those affect anything, but include them for completeness. The second is the config, startup, and logging for the vault server in dev mode. Finally there is a complete account of all the steps for everything from installing go (which I did not have on my server system before this) through to resorting to trying the mock-plugin to see if I was just doing something really wrong.
>
> The one major difference between the forked SSH and mock plugins is I did use vgo for the former to deal with the dependancies. I don't *think* that would affect things. And since the mock plugin ends up in the same place, there isn't much I can think of that it would mean to use one or the other.
>
> Any help on what I am doing wrong here would be highly appreciated. Thank you.
>
> # steps I used to make a copy of just the SSH package for a plugin of my own (not sure these steps are relevant anymore but including for completeness)
>
> export GOPATH=`pwd`/go
>
> export PATH=$PATH:$GOPATH/bin
>
> cd $GOPATH/src
>
> mkdir github.com
>
> cd github.com/
>
> git clone https://github.com/hashicorp/vault
>
> cd vault/
>
> git branch -m upstream-master
>
> git subtree split --prefix=builtin/logical/ssh -b upstream-ssh-backend
>
> git checkout upstream-ssh-backend
>
> git remote rename origin upstream
>
> git remote add origin https://github.com/sanderiam/snowflake-keys-vault-backend
>
> git fetch origin
>
> git push -u origin upstream-ssh-backend
>
> git checkout -b master
>
> git push -u origin master
>
> cd ..
>
> git clone https://github.com/sanderiam/snowflake-keys-vault-backend
>
>
> # steps to run the vault server in dev mode, including the contents of the config at the top and all logging through to the end of the run (with a few secrets NOPEed out)
>
> [ec2-user@ip-172-31-89-76 ~]$ cat /home/ec2-user/vaultDevModeConfig/vault.hcl
>
> plugin_directory = "/home/ec2-user/vaultDevModeConfig/plugins"
>
>
> [ec2-user@ip-172-31-89-76 ~]$ vault server -dev -config=/home/ec2-user/vaultDevModeConfig/vault.hcl
>
> ==> Vault server configuration:
>
>
> Api Address: http://127.0.0.1:8200
>
> Cgo: disabled
>
> Cluster Address: https://127.0.0.1:8201
>
> Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
>
> Log Level: (not set)
>
> Mlock: supported: true, enabled: false
>
> Storage: inmem
>
> Version: Vault v0.11.4
>
> Version Sha: 612120e76de651ef669c9af5e77b27a749b0dba3
>
>
> WARNING! dev mode is enabled! In this mode, Vault runs entirely in-memory
>
> and starts unsealed with a single unseal key. The root token is already
>
> authenticated to the CLI, so you can immediately begin using Vault.
>
>
> You may need to set the following environment variable:
>
>
> $ export VAULT_ADDR='http://127.0.0.1:8200'
>
>
> The unseal key and root token are displayed below in case you want to
>
> seal/unseal the Vault or re-authenticate.
>
>
> Unseal Key: NOPE
>
> Root Token: NOPE
>
>
> Development mode should NOT be used in production installations!
>
>
> ==> Vault server started! Log data will stream in below:
>
>
> 2018-12-30T16:18:43.753Z [WARN] no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set
>
> 2018-12-30T16:18:43.754Z [INFO] core: security barrier not initialized
>
> 2018-12-30T16:18:43.754Z [INFO] core: security barrier initialized: shares=1 threshold=1
>
> 2018-12-30T16:18:43.754Z [INFO] core: post-unseal setup starting
>
> 2018-12-30T16:18:43.771Z [INFO] core: loaded wrapping token key
>
> 2018-12-30T16:18:43.771Z [INFO] core: successfully setup plugin catalog: plugin-directory=/home/ec2-user/vaultDevModeConfig/plugins
>
> 2018-12-30T16:18:43.772Z [INFO] core: no mounts; adding default mount table
>
> 2018-12-30T16:18:43.773Z [INFO] core: successfully mounted backend: type=kv path=secret/
>
> 2018-12-30T16:18:43.773Z [INFO] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
>
> 2018-12-30T16:18:43.773Z [INFO] core: successfully mounted backend: type=system path=sys/
>
> 2018-12-30T16:18:43.776Z [INFO] core: successfully mounted backend: type=identity path=identity/
>
> 2018-12-30T16:18:43.778Z [INFO] core: successfully enabled credential backend: type=token path=token/
>
> 2018-12-30T16:18:43.779Z [INFO] core: restoring leases
>
> 2018-12-30T16:18:43.780Z [INFO] rollback: starting rollback manager
>
> 2018-12-30T16:18:43.780Z [INFO] expiration: lease restore complete
>
> 2018-12-30T16:18:43.780Z [INFO] identity: entities restored
>
> 2018-12-30T16:18:43.780Z [INFO] identity: groups restored
>
> 2018-12-30T16:18:43.780Z [INFO] core: post-unseal setup complete
>
> 2018-12-30T16:18:43.781Z [INFO] core: root token generated
>
> 2018-12-30T16:18:43.781Z [INFO] core: pre-seal teardown starting
>
> 2018-12-30T16:18:43.781Z [INFO] core: stopping cluster listeners
>
> 2018-12-30T16:18:43.781Z [INFO] core: starting listener: listener_address=127.0.0.1:8201
>
> 2018-12-30T16:18:43.781Z [INFO] core: serving cluster requests: cluster_listen_address=127.0.0.1:8201
>
> 2018-12-30T16:18:43.781Z [INFO] core: shutting down forwarding rpc listeners
>
> 2018-12-30T16:18:43.781Z [INFO] core: forwarding rpc listeners stopped
>
> 2018-12-30T16:18:44.281Z [INFO] core: rpc listeners successfully shut down
>
> 2018-12-30T16:18:44.281Z [INFO] core: cluster listeners successfully shut down
>
> 2018-12-30T16:18:44.281Z [INFO] rollback: stopping rollback manager
>
> 2018-12-30T16:18:44.281Z [INFO] core: pre-seal teardown complete
>
> 2018-12-30T16:18:44.281Z [INFO] core: vault is unsealed
>
> 2018-12-30T16:18:44.281Z [INFO] core: post-unseal setup starting
>
> 2018-12-30T16:18:44.281Z [INFO] core: loaded wrapping token key
>
> 2018-12-30T16:18:44.281Z [INFO] core: successfully setup plugin catalog: plugin-directory=/home/ec2-user/vaultDevModeConfig/plugins
>
> 2018-12-30T16:18:44.281Z [INFO] core: successfully mounted backend: type=kv path=secret/
>
> 2018-12-30T16:18:44.282Z [INFO] core: successfully mounted backend: type=system path=sys/
>
> 2018-12-30T16:18:44.282Z [INFO] core: successfully mounted backend: type=identity path=identity/
>
> 2018-12-30T16:18:44.282Z [INFO] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
>
> 2018-12-30T16:18:44.283Z [INFO] core: successfully enabled credential backend: type=token path=token/
>
> 2018-12-30T16:18:44.283Z [INFO] core: restoring leases
>
> 2018-12-30T16:18:44.283Z [INFO] rollback: starting rollback manager
>
> 2018-12-30T16:18:44.283Z [INFO] identity: entities restored
>
> 2018-12-30T16:18:44.283Z [INFO] identity: groups restored
>
> 2018-12-30T16:18:44.283Z [INFO] core: post-unseal setup complete
>
> 2018-12-30T16:18:44.283Z [INFO] expiration: lease restore complete
>
> 2018-12-30T16:18:44.283Z [INFO] core: starting listener: listener_address=127.0.0.1:8201
>
> 2018-12-30T16:18:44.283Z [INFO] core: serving cluster requests: cluster_listen_address=127.0.0.1:8201
>
> 2018-12-30T16:18:44.286Z [INFO] core: mount tuning of options: path=secret/ options=map[version:2]
>
> 2018-12-30T16:18:44.292Z [INFO] secrets.kv.kv_e22ff382: collecting keys to upgrade
>
> 2018-12-30T16:18:44.292Z [INFO] secrets.kv.kv_e22ff382: done collecting keys: num_keys=1
>
> 2018-12-30T16:18:44.292Z [INFO] secrets.kv.kv_e22ff382: upgrading keys finished
>
> 2018-12-30T16:21:42.887Z [ERROR] secrets.system.system_11d491de: mount failed: path=snowflake-secrets-vault-backend/ error="fork/exec /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend: exec format error"
>
> 2018-12-30T16:52:37.427Z [ERROR] secrets.system.system_11d491de: mount failed: path=my-secrets-plugin/ error="fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: permission denied"
>
> 2018-12-30T16:52:55.298Z [ERROR] secrets.system.system_11d491de: mount failed: path=my-secrets-plugin/ error="fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: exec format error"
>
> ^C==> Vault shutdown triggered
>
> 2018-12-30T18:52:48.747Z [INFO] core: marked as sealed
>
> 2018-12-30T18:52:48.747Z [INFO] core: pre-seal teardown starting
>
> 2018-12-30T18:52:48.747Z [INFO] core: stopping cluster listeners
>
> 2018-12-30T18:52:48.747Z [INFO] core: shutting down forwarding rpc listeners
>
> 2018-12-30T18:52:48.747Z [INFO] core: forwarding rpc listeners stopped
>
> 2018-12-30T18:52:49.247Z [INFO] core: rpc listeners successfully shut down
>
> 2018-12-30T18:52:49.247Z [INFO] core: cluster listeners successfully shut down
>
> 2018-12-30T18:52:49.247Z [INFO] rollback: stopping rollback manager
>
> 2018-12-30T18:52:49.247Z [INFO] core: pre-seal teardown complete
>
> 2018-12-30T18:52:49.247Z [INFO] core: vault is sealed
>
> [ec2-user@ip-172-31-89-76 ~]$
>
>
> # steps taken on the ec2 instance that show the work of what I did for each failed plugin
>
> [ec2-user@ip-172-31-89-76 ~]$ sudo yum install golang
>
> Loaded plugins: priorities, update-motd, upgrade-helper
>
> 1054 packages excluded due to repository priority protections
>
> Resolving Dependencies
>
> --> Running transaction check
>
> ---> Package golang.x86_64 0:1.10.6-1.47.amzn1 will be installed
>
> --> Processing Dependency: golang-src = 1.10.6-1.47.amzn1 for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: golang-bin = 1.10.6-1.47.amzn1 for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: golang-bin(x86-64) = 1.10.6-1.47.amzn1 for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: subversion for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: mercurial for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: bzr for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Running transaction check
>
> ---> Package bzr-python27.x86_64 0:2.6.0-8.17.amzn1 will be installed
>
> --> Processing Dependency: bzr-common = 2.6.0-8.17.amzn1 for package: bzr-python27-2.6.0-8.17.amzn1.x86_64
>
> ---> Package golang-bin.x86_64 0:1.10.6-1.47.amzn1 will be installed
>
> --> Processing Dependency: gcc for package: golang-bin-1.10.6-1.47.amzn1.x86_64
>
> ---> Package golang-src.noarch 0:1.10.6-1.47.amzn1 will be installed
>
> ---> Package mercurial-python27.x86_64 0:4.2.3-1.30.amzn1 will be installed
>
> --> Processing Dependency: mercurial-common(x86-64) = 4.2.3-1.30.amzn1 for package: mercurial-python27-4.2.3-1.30.amzn1.x86_64
>
> ---> Package subversion.x86_64 0:1.9.7-1.58.amzn1 will be installed
>
> --> Processing Dependency: subversion-libs(x86-64) = 1.9.7-1.58.amzn1 for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_wc-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_subr-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_repos-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra_svn-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra_serf-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra_local-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_x-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_util-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_fs-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_base-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_diff-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_delta-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_client-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libserf-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Running transaction check
>
> ---> Package bzr-common.noarch 0:2.6.0-8.17.amzn1 will be installed
>
> ---> Package gcc72.x86_64 0:7.2.1-2.59.amzn1 will be installed
>
> --> Processing Dependency: cpp72(x86-64) = 7.2.1-2.59.amzn1 for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> --> Processing Dependency: glibc-devel(x86-64) >= 2.2.90-12 for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> --> Processing Dependency: libmpfr.so.4()(64bit) for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> --> Processing Dependency: libmpc.so.3()(64bit) for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> ---> Package libserf.x86_64 0:1.3.7-1.7.amzn1 will be installed
>
> ---> Package mercurial-common.x86_64 0:4.2.3-1.30.amzn1 will be installed
>
> ---> Package subversion-libs.x86_64 0:1.9.7-1.58.amzn1 will be installed
>
> --> Running transaction check
>
> ---> Package cpp72.x86_64 0:7.2.1-2.59.amzn1 will be installed
>
> ---> Package glibc-devel.x86_64 0:2.17-260.175.amzn1 will be installed
>
> --> Processing Dependency: glibc-headers = 2.17-260.175.amzn1 for package: glibc-devel-2.17-260.175.amzn1.x86_64
>
> --> Processing Dependency: glibc-headers for package: glibc-devel-2.17-260.175.amzn1.x86_64
>
> ---> Package libmpc.x86_64 0:1.0.1-3.3.amzn1 will be installed
>
> ---> Package mpfr.x86_64 0:3.1.1-4.14.amzn1 will be installed
>
> --> Running transaction check
>
> ---> Package glibc-headers.x86_64 0:2.17-260.175.amzn1 will be installed
>
> --> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers-2.17-260.175.amzn1.x86_64
>
> --> Processing Dependency: kernel-headers for package: glibc-headers-2.17-260.175.amzn1.x86_64
>
> --> Running transaction check
>
> ---> Package kernel-headers.x86_64 0:4.14.88-72.73.amzn1 will be installed
>
> --> Finished Dependency Resolution
>
>
> Dependencies Resolved
>
>
> =========================================================================================================================================================================================================
>
> Package Arch Version Repository Size
>
> =========================================================================================================================================================================================================
>
> Installing:
>
> golang x86_64 1.10.6-1.47.amzn1 amzn-updates 910 k
>
> Installing for dependencies:
>
> bzr-common noarch 2.6.0-8.17.amzn1 amzn-main 624 k
>
> bzr-python27 x86_64 2.6.0-8.17.amzn1 amzn-main 6.9 M
>
> cpp72 x86_64 7.2.1-2.59.amzn1 amzn-main 10 M
>
> gcc72 x86_64 7.2.1-2.59.amzn1 amzn-main 20 M
>
> glibc-devel x86_64 2.17-260.175.amzn1 amzn-updates 1.2 M
>
> glibc-headers x86_64 2.17-260.175.amzn1 amzn-updates 758 k
>
> golang-bin x86_64 1.10.6-1.47.amzn1 amzn-updates 92 M
>
> golang-src noarch 1.10.6-1.47.amzn1 amzn-updates 6.7 M
>
> kernel-headers x86_64 4.14.88-72.73.amzn1 amzn-updates 1.2 M
>
> libmpc x86_64 1.0.1-3.3.amzn1 amzn-main 53 k
>
> libserf x86_64 1.3.7-1.7.amzn1 amzn-main 64 k
>
> mercurial-common x86_64 4.2.3-1.30.amzn1 amzn-main 1.6 M
>
> mercurial-python27 x86_64 4.2.3-1.30.amzn1 amzn-main 3.7 M
>
> mpfr x86_64 3.1.1-4.14.amzn1 amzn-main 237 k
>
> subversion x86_64 1.9.7-1.58.amzn1 amzn-main 1.6 M
>
> subversion-libs x86_64 1.9.7-1.58.amzn1 amzn-main 1.7 M
>
>
> Transaction Summary
>
> =========================================================================================================================================================================================================
>
> Install 1 Package (+16 Dependent packages)
>
>
> Total download size: 150 M
>
> Installed size: 458 M
>
> Is this ok [y/d/N]: y
>
> Downloading packages:
>
> (1/17): bzr-common-2.6.0-8.17.amzn1.noarch.rpm | 624 kB 00:00:00
>
> (2/17): bzr-python27-2.6.0-8.17.amzn1.x86_64.rpm | 6.9 MB 00:00:00
>
> (3/17): cpp72-7.2.1-2.59.amzn1.x86_64.rpm | 10 MB 00:00:00
>
> (4/17): glibc-headers-2.17-260.175.amzn1.x86_64.rpm | 758 kB 00:00:00
>
> (5/17): glibc-devel-2.17-260.175.amzn1.x86_64.rpm | 1.2 MB 00:00:00
>
> (6/17): golang-1.10.6-1.47.amzn1.x86_64.rpm | 910 kB 00:00:00
>
> (7/17): gcc72-7.2.1-2.59.amzn1.x86_64.rpm | 20 MB 00:00:00
>
> (8/17): golang-src-1.10.6-1.47.amzn1.noarch.rpm | 6.7 MB 00:00:00
>
> (9/17): kernel-headers-4.14.88-72.73.amzn1.x86_64.rpm | 1.2 MB 00:00:00
>
> (10/17): libmpc-1.0.1-3.3.amzn1.x86_64.rpm | 53 kB 00:00:00
>
> (11/17): libserf-1.3.7-1.7.amzn1.x86_64.rpm | 64 kB 00:00:00
>
> (12/17): mercurial-common-4.2.3-1.30.amzn1.x86_64.rpm | 1.6 MB 00:00:00
>
> (13/17): mpfr-3.1.1-4.14.amzn1.x86_64.rpm | 237 kB 00:00:00
>
> (14/17): subversion-1.9.7-1.58.amzn1.x86_64.rpm | 1.6 MB 00:00:00
>
> (15/17): mercurial-python27-4.2.3-1.30.amzn1.x86_64.rpm | 3.7 MB 00:00:00
>
> (16/17): subversion-libs-1.9.7-1.58.amzn1.x86_64.rpm | 1.7 MB 00:00:00
>
> (17/17): golang-bin-1.10.6-1.47.amzn1.x86_64.rpm | 92 MB 00:00:01
>
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Total 54 MB/s | 150 MB 00:00:02
>
> Running transaction check
>
> Running transaction test
>
> Transaction test succeeded
>
> Running transaction
>
> Installing : mpfr-3.1.1-4.14.amzn1.x86_64 1/17
>
> Installing : libmpc-1.0.1-3.3.amzn1.x86_64 2/17
>
> Installing : libserf-1.3.7-1.7.amzn1.x86_64 3/17
>
> Installing : subversion-libs-1.9.7-1.58.amzn1.x86_64 4/17
>
> Installing : subversion-1.9.7-1.58.amzn1.x86_64 5/17
>
> Installing : cpp72-7.2.1-2.59.amzn1.x86_64 6/17
>
> Installing : bzr-python27-2.6.0-8.17.amzn1.x86_64 7/17
>
> Installing : bzr-common-2.6.0-8.17.amzn1.noarch 8/17
>
> Installing : golang-src-1.10.6-1.47.amzn1.noarch 9/17
>
> Installing : kernel-headers-4.14.88-72.73.amzn1.x86_64 10/17
>
> Installing : glibc-headers-2.17-260.175.amzn1.x86_64 11/17
>
> Installing : glibc-devel-2.17-260.175.amzn1.x86_64 12/17
>
> Installing : gcc72-7.2.1-2.59.amzn1.x86_64 13/17
>
> Installing : mercurial-common-4.2.3-1.30.amzn1.x86_64 14/17
>
> Installing : mercurial-python27-4.2.3-1.30.amzn1.x86_64 15/17
>
> Installing : golang-1.10.6-1.47.amzn1.x86_64 16/17
>
> Installing : golang-bin-1.10.6-1.47.amzn1.x86_64 17/17
>
> Verifying : glibc-devel-2.17-260.175.amzn1.x86_64 1/17
>
> Verifying : mercurial-common-4.2.3-1.30.amzn1.x86_64 2/17
>
> Verifying : cpp72-7.2.1-2.59.amzn1.x86_64 3/17
>
> Verifying : libmpc-1.0.1-3.3.amzn1.x86_64 4/17
>
> Verifying : bzr-common-2.6.0-8.17.amzn1.noarch 5/17
>
> Verifying : subversion-libs-1.9.7-1.58.amzn1.x86_64 6/17
>
> Verifying : kernel-headers-4.14.88-72.73.amzn1.x86_64 7/17
>
> Verifying : glibc-headers-2.17-260.175.amzn1.x86_64 8/17
>
> Verifying : mpfr-3.1.1-4.14.amzn1.x86_64 9/17
>
> Verifying : golang-bin-1.10.6-1.47.amzn1.x86_64 10/17
>
> Verifying : gcc72-7.2.1-2.59.amzn1.x86_64 11/17
>
> Verifying : subversion-1.9.7-1.58.amzn1.x86_64 12/17
>
> Verifying : libserf-1.3.7-1.7.amzn1.x86_64 13/17
>
> Verifying : golang-1.10.6-1.47.amzn1.x86_64 14/17
>
> Verifying : bzr-python27-2.6.0-8.17.amzn1.x86_64 15/17
>
> Verifying : mercurial-python27-4.2.3-1.30.amzn1.x86_64 16/17
>
> Verifying : golang-src-1.10.6-1.47.amzn1.noarch 17/17
>
>
> Installed:
>
> golang.x86_64 0:1.10.6-1.47.amzn1
>
>
> Dependency Installed:
>
> bzr-common.noarch 0:2.6.0-8.17.amzn1 bzr-python27.x86_64 0:2.6.0-8.17.amzn1 cpp72.x86_64 0:7.2.1-2.59.amzn1 gcc72.x86_64 0:7.2.1-2.59.amzn1
>
> glibc-devel.x86_64 0:2.17-260.175.amzn1 glibc-headers.x86_64 0:2.17-260.175.amzn1 golang-bin.x86_64 0:1.10.6-1.47.amzn1 golang-src.noarch 0:1.10.6-1.47.amzn1
>
> kernel-headers.x86_64 0:4.14.88-72.73.amzn1 libmpc.x86_64 0:1.0.1-3.3.amzn1 libserf.x86_64 0:1.3.7-1.7.amzn1 mercurial-common.x86_64 0:4.2.3-1.30.amzn1
>
> mercurial-python27.x86_64 0:4.2.3-1.30.amzn1 mpfr.x86_64 0:3.1.1-4.14.amzn1 subversion.x86_64 0:1.9.7-1.58.amzn1 subversion-libs.x86_64 0:1.9.7-1.58.amzn1
>
>
> Complete!
>
> [ec2-user@ip-172-31-89-76 ~]$ go get -u golang.org/x/vgo
>
> [ec2-user@ip-172-31-89-76 ~]$ export GOPATH=`pwd`/go
>
> [ec2-user@ip-172-31-89-76 ~]$ echo $GOPATH
>
> /home/ec2-user/go
>
> [ec2-user@ip-172-31-89-76 ~]$ export PATH=$PATH:$GOPATH/bin
>
> [ec2-user@ip-172-31-89-76 ~]$ which vgo
>
> ~/go/bin/vgo
>
> [ec2-user@ip-172-31-89-76 ~]$ cd go
>
> [ec2-user@ip-172-31-89-76 go]$ cd src
>
> [ec2-user@ip-172-31-89-76 src]$ ll
>
> total 12
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:10 .
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:10 ..
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:10 golang.org
>
> [ec2-user@ip-172-31-89-76 src]$ mkdir github.com
>
> [ec2-user@ip-172-31-89-76 src]$ cd github.com/
>
> [ec2-user@ip-172-31-89-76 github.com]$ git clone https://github.com/sanderiam/snowflake-keys-vault-backend
>
> Cloning into 'snowflake-keys-vault-backend'...
>
> remote: Enumerating objects: 799, done.
>
> remote: Counting objects: 100% (799/799), done.
>
> remote: Compressing objects: 100% (254/254), done.
>
> remote: Total 799 (delta 540), reused 799 (delta 540), pack-reused 0
>
> Receiving objects: 100% (799/799), 327.15 KiB | 19.24 MiB/s, done.
>
> Resolving deltas: 100% (540/540), done.
>
> [ec2-user@ip-172-31-89-76 github.com]$ ll
>
> total 12
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:14 .
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:13 ..
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:14 snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 github.com]$ cd snowflake-keys-vault-backend/
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ ll
>
> total 184
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:14 .
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:14 ..
>
> -rw-rw-r-- 1 ec2-user ec2-user 2719 Dec 30 16:14 backend.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 34888 Dec 30 16:14 backend_test.go
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:14 cmd
>
> -rw-rw-r-- 1 ec2-user ec2-user 8704 Dec 30 16:14 communicator.go
>
> drwxrwxr-x 8 ec2-user ec2-user 4096 Dec 30 16:14 .git
>
> -rw-rw-r-- 1 ec2-user ec2-user 2628 Dec 30 16:14 linux_install_script.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 8174 Dec 30 16:14 path_config_ca.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 4298 Dec 30 16:14 path_config_ca_test.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 5168 Dec 30 16:14 path_config_zeroaddress.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 10658 Dec 30 16:14 path_creds_create.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 1045 Dec 30 16:14 path_fetch.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2884 Dec 30 16:14 path_keys.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2920 Dec 30 16:14 path_lookup.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 25136 Dec 30 16:14 path_roles.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 12556 Dec 30 16:14 path_sign.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2859 Dec 30 16:14 path_verify.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2400 Dec 30 16:14 secret_dynamic_key.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 999 Dec 30 16:14 secret_otp.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 6541 Dec 30 16:14 util.go
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ vgo build -o ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> go: creating new go.mod: module github.com/snowflake-keys-vault-backend
>
> go: finding github.com/mitchellh/mapstructure v1.1.2
>
> go: finding github.com/hashicorp/go-uuid v1.0.0
>
> go: finding github.com/hashicorp/errwrap v1.0.0
>
> go: finding github.com/hashicorp/vault/logical/framework latest
>
> go: finding github.com/hashicorp/vault/helper/certutil latest
>
> go: finding github.com/hashicorp/vault/logical latest
>
> go: finding github.com/hashicorp/vault/helper/strutil latest
>
> go: finding github.com/hashicorp/vault/helper/parseutil latest
>
> go: finding github.com/hashicorp/vault/api latest
>
> go: downloading github.com/mitchellh/mapstructure v1.1.2
>
> go: downloading github.com/hashicorp/errwrap v1.0.0
>
> go: finding golang.org/x/crypto/ssh latest
>
> go: downloading github.com/hashicorp/go-uuid v1.0.0
>
> go: finding golang.org/x/crypto/ssh/agent latest
>
> go: finding github.com/hashicorp/vault/helper/salt latest
>
> go: finding github.com/hashicorp/go-multierror v1.0.0
>
> go: downloading github.com/hashicorp/go-multierror v1.0.0
>
> go: finding github.com/hashicorp/go-hclog latest
>
> go: finding golang.org/x/crypto latest
>
> go: downloading golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9
>
> go: downloading github.com/hashicorp/go-hclog v0.0.0-20181001195459-61d530d6c27f
>
> go: finding github.com/hashicorp/vault/helper/cidrutil latest
>
> go: finding github.com/hashicorp/vault/helper latest
>
> go: finding github.com/hashicorp/vault v1.0.1
>
> go: downloading github.com/hashicorp/vault v1.0.1
>
> go: finding github.com/stretchr/testify v1.2.2
>
> go: finding github.com/davecgh/go-spew v1.1.1
>
> go: finding github.com/pmezard/go-difflib v1.0.0
>
> go: finding github.com/hashicorp/go-retryablehttp v0.5.0
>
> go: finding github.com/hashicorp/go-cleanhttp v0.5.0
>
> go: finding github.com/hashicorp/go-sockaddr latest
>
> go: finding github.com/hashicorp/golang-lru v0.5.0
>
> go: finding github.com/hashicorp/go-version v1.0.0
>
> go: finding github.com/hashicorp/hcl/hcl/ast latest
>
> go: finding github.com/hashicorp/hcl v1.0.0
>
> go: finding github.com/golang/protobuf/proto latest
>
> go: finding golang.org/x/time/rate latest
>
> go: finding golang.org/x/net/http2 latest
>
> go: downloading github.com/hashicorp/go-retryablehttp v0.5.0
>
> go: downloading github.com/hashicorp/golang-lru v0.5.0
>
> go: downloading github.com/hashicorp/go-cleanhttp v0.5.0
>
> go: downloading github.com/hashicorp/go-version v1.0.0
>
> go: downloading github.com/hashicorp/hcl v1.0.0
>
> go: finding github.com/SermoDigital/jose/jws latest
>
> go: finding golang.org/x/time latest
>
> go: downloading golang.org/x/time v0.0.0-20181108054448-85acf8d2951c
>
> go: finding github.com/golang/protobuf v1.2.0
>
> go: downloading github.com/hashicorp/go-sockaddr v0.0.0-20180320115054-6d291a969b86
>
> go: finding github.com/ryanuber/go-glob latest
>
> go: finding github.com/hashicorp/go-plugin latest
>
> go: finding github.com/SermoDigital/jose v0.9.1
>
> go: finding golang.org/x/net latest
>
> go: downloading golang.org/x/net v0.0.0-20181220203305-927f97764cc3
>
> go: finding github.com/mitchellh/go-testing-interface v1.0.0
>
> go: finding github.com/hashicorp/hcl/hcl latest
>
> go: finding github.com/hashicorp/go-rootcerts latest
>
> go: downloading github.com/golang/protobuf v1.2.0
>
> go: downloading github.com/ryanuber/go-glob v0.0.0-20170128012129-256dc444b735
>
> go: downloading github.com/hashicorp/go-plugin v0.0.0-20181212150838-f444068e8f5a
>
> go: downloading github.com/SermoDigital/jose v0.9.1
>
> go: downloading github.com/mitchellh/go-testing-interface v1.0.0
>
> go: finding golang.org/x/sys/unix latest
>
> go: downloading github.com/hashicorp/go-rootcerts v0.0.0-20160503143440-6bb64b370b90
>
> go: finding github.com/hashicorp/go-immutable-radix v1.0.0
>
> go: finding github.com/golang/snappy latest
>
> go: finding github.com/armon/go-radix v1.0.0
>
> go: downloading github.com/hashicorp/go-immutable-radix v1.0.0
>
> go: downloading github.com/armon/go-radix v1.0.0
>
> go: downloading github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db
>
> go: finding golang.org/x/sys latest
>
> go: downloading golang.org/x/sys v0.0.0-20181228144115-9a3f9b0469bb
>
> go: finding github.com/pierrec/lz4 v2.0.5+incompatible
>
> go: downloading github.com/pierrec/lz4 v2.0.5+incompatible
>
> go: finding golang.org/x/net v0.0.0-20180826012351-8a410e7b638d
>
> go: finding github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77
>
> go: finding github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd
>
> go: finding github.com/oklog/run v1.0.0
>
> go: finding github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb
>
> go: finding golang.org/x/text v0.3.0
>
> go: finding google.golang.org/grpc v1.14.0
>
> go: finding google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
>
> go: downloading github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb
>
> go: downloading google.golang.org/grpc v1.14.0
>
> go: downloading github.com/oklog/run v1.0.0
>
> go: downloading golang.org/x/text v0.3.0
>
> go: downloading google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ file ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend: current ar archive
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ ll ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> -rw-rw-r-- 1 ec2-user ec2-user 522128 Dec 30 16:16 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ chmod 700 ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ ll ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> -rwx------ 1 ec2-user ec2-user 522128 Dec 30 16:16 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ cd
>
> [ec2-user@ip-172-31-89-76 ~]$ shasum -a 256 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> 5ec459e7551fdc17cada5d2669ec36149f1de40017d69d0b278f706d80537f76 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 ~]$ vault write sys/plugins/catalog/snowflake-keys-vault-backend sha_256=5ec459e7551fdc17cada5d2669ec36149f1de40017d69d0b278f706d80537f76 command=snowflake-keys-vault-backend
>
> Success! Data written to: sys/plugins/catalog/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 ~]$ vault secrets enable -path=snowflake-secrets-vault-backend -plugin-name=snowflake-keys-vault-backend plugin
>
> Error enabling: Error making API request.
>
>
> URL: POST http://127.0.0.1:8200/v1/sys/mounts/snowflake-secrets-vault-backend
>
> Code: 400. Errors:
>
>
> * fork/exec /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend: exec format error
>
> [ec2-user@ip-172-31-89-76 ~]$ cd -
>
> /home/ec2-user/go/src/github.com
>
> [ec2-user@ip-172-31-89-76 github.com]$ ll
>
> total 12
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:40 .
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:13 ..
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:15 snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 github.com]$ mkdir hashicorp
>
> [ec2-user@ip-172-31-89-76 github.com]$ cd hashicorp/
>
> [ec2-user@ip-172-31-89-76 hashicorp]$ git clone https://github.com/hashicorp/vault
>
> Cloning into 'vault'...
>
> remote: Enumerating objects: 13, done.
>
> remote: Counting objects: 100% (13/13), done.
>
> remote: Compressing objects: 100% (13/13), done.
>
> remote: Total 101948 (delta 4), reused 0 (delta 0), pack-reused 101935
>
> Receiving objects: 100% (101948/101948), 73.17 MiB | 26.13 MiB/s, done.
>
> Resolving deltas: 100% (65950/65950), done.
>
> [ec2-user@ip-172-31-89-76 hashicorp]$ cd vault/logical/plugin/mock/
>
> [ec2-user@ip-172-31-89-76 mock]$ go build -o /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ shasum -a 256 /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> 420f5e23c40bc4888230fd1030fb3a1d5a243ea8b30546fd8ff086f8bf7d0cc9 /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ vault write sys/plugins/catalog/mock-plugin sha_256=420f5e23c40bc4888230fd1030fb3a1d5a243ea8b30546fd8ff086f8bf7d0cc9 command=mock-plugin
>
> Success! Data written to: sys/plugins/catalog/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ vault secrets enable -path=my-secrets-plugin -plugin-name=mock-plugin plugin
>
> Error enabling: Error making API request.
>
>
> URL: POST http://127.0.0.1:8200/v1/sys/mounts/my-secrets-plugin
>
> Code: 400. Errors:
>
>
> * fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: permission denied
>
> [ec2-user@ip-172-31-89-76 mock]$ chmod 700 /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ vault secrets enable -path=my-secrets-plugin -plugin-name=mock-plugin plugin
>
> Error enabling: Error making API request.
>
>
> URL: POST http://127.0.0.1:8200/v1/sys/mounts/my-secrets-plugin
>
> Code: 400. Errors:
>
>
> * fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: exec format error
>
> [ec2-user@ip-172-31-89-76 mock]$
>
>
>
>
>
> --
> This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/34842103-d129-4c7d-a6ee-c16fe3b1210e%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Often times the "exec format error" means the binary was built for a
different arch. What is the output of `go env` and what OS/Arch are
you using?
Best,
Brian
On Sun, Dec 30, 2018 at 11:55 AM sanderiam <the.phi...@gmail.com> wrote:
>
> My plan is to take the Dynamic SSH Keys plugin and create a new one based on that to handle RSA key secrets for my authentication. (Before anyone points it out, I am aware of the issues with that plugin for use with SSH, but the pushing of keys for the platform I'm working on will not need the same sudo all access approach and therefore makes everything else about this plugin a good model.)
>
> After working in the go code for the SSH plugin for a while I decided to try to play with the build environment so I could test incrementally as I made changes. That's when I hit this 'exec format error' problem like a brick wall. I will include a full accounting of everything I did below. What it will include are all the commands run to achieve the results. In the end and what you will see below, I did not use any changed code at all. I forked the Hashicorp SSH plugin, and, when that failed many times, I tried the exact mock-plugin tutorial steps (https://learn.hashicorp.com/vault/developer/plugin-backends) and ended up in the same place. I did the initial steps on my macbook (forking and such), but moved to where I have vault running (an Amazon Linux based AWS instance) for the steps where I try to actually build and run both the forked SSH and the straight up mock-plugin plugins.
>
> The first block of stuff are steps taken to make my copy of your SSH plugin. I don't actually think those affect anything, but include them for completeness. The second is the config, startup, and logging for the vault server in dev mode. Finally there is a complete account of all the steps for everything from installing go (which I did not have on my server system before this) through to resorting to trying the mock-plugin to see if I was just doing something really wrong.
>
> The one major difference between the forked SSH and mock plugins is I did use vgo for the former to deal with the dependancies. I don't *think* that would affect things. And since the mock plugin ends up in the same place, there isn't much I can think of that it would mean to use one or the other.
>
> Any help on what I am doing wrong here would be highly appreciated. Thank you.
>
> # steps I used to make a copy of just the SSH package for a plugin of my own (not sure these steps are relevant anymore but including for completeness)
>
> export GOPATH=`pwd`/go
>
> export PATH=$PATH:$GOPATH/bin
>
> cd $GOPATH/src
>
> mkdir github.com
>
> cd github.com/
>
> git clone https://github.com/hashicorp/vault
>
> cd vault/
>
> git branch -m upstream-master
>
> git subtree split --prefix=builtin/logical/ssh -b upstream-ssh-backend
>
> git checkout upstream-ssh-backend
>
> git remote rename origin upstream
>
> git remote add origin https://github.com/sanderiam/snowflake-keys-vault-backend
>
> git fetch origin
>
> git push -u origin upstream-ssh-backend
>
> git checkout -b master
>
> git push -u origin master
>
> cd ..
>
> git clone https://github.com/sanderiam/snowflake-keys-vault-backend
>
>
> # steps to run the vault server in dev mode, including the contents of the config at the top and all logging through to the end of the run (with a few secrets NOPEed out)
>
> [ec2-user@ip-172-31-89-76 ~]$ cat /home/ec2-user/vaultDevModeConfig/vault.hcl
>
> plugin_directory = "/home/ec2-user/vaultDevModeConfig/plugins"
>
>
> [ec2-user@ip-172-31-89-76 ~]$ vault server -dev -config=/home/ec2-user/vaultDevModeConfig/vault.hcl
>
> ==> Vault server configuration:
>
>
> Api Address: http://127.0.0.1:8200
>
> Cgo: disabled
>
> Cluster Address: https://127.0.0.1:8201
>
> Listener 1: tcp (addr: "127.0.0.1:8200", cluster address: "127.0.0.1:8201", max_request_duration: "1m30s", max_request_size: "33554432", tls: "disabled")
>
> Log Level: (not set)
>
> Mlock: supported: true, enabled: false
>
> Storage: inmem
>
> Version: Vault v0.11.4
>
> Version Sha: 612120e76de651ef669c9af5e77b27a749b0dba3
>
>
> WARNING! dev mode is enabled! In this mode, Vault runs entirely in-memory
>
> and starts unsealed with a single unseal key. The root token is already
>
> authenticated to the CLI, so you can immediately begin using Vault.
>
>
> You may need to set the following environment variable:
>
>
> $ export VAULT_ADDR='http://127.0.0.1:8200'
>
>
> The unseal key and root token are displayed below in case you want to
>
> seal/unseal the Vault or re-authenticate.
>
>
> Unseal Key: NOPE
>
> Root Token: NOPE
>
>
> Development mode should NOT be used in production installations!
>
>
> ==> Vault server started! Log data will stream in below:
>
>
> 2018-12-30T16:18:43.753Z [WARN] no `api_addr` value specified in config or in VAULT_API_ADDR; falling back to detection if possible, but this value should be manually set
>
> 2018-12-30T16:18:43.754Z [INFO] core: security barrier not initialized
>
> 2018-12-30T16:18:43.754Z [INFO] core: security barrier initialized: shares=1 threshold=1
>
> 2018-12-30T16:18:43.754Z [INFO] core: post-unseal setup starting
>
> 2018-12-30T16:18:43.771Z [INFO] core: loaded wrapping token key
>
> 2018-12-30T16:18:43.771Z [INFO] core: successfully setup plugin catalog: plugin-directory=/home/ec2-user/vaultDevModeConfig/plugins
>
> 2018-12-30T16:18:43.772Z [INFO] core: no mounts; adding default mount table
>
> 2018-12-30T16:18:43.773Z [INFO] core: successfully mounted backend: type=kv path=secret/
>
> 2018-12-30T16:18:43.773Z [INFO] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
>
> 2018-12-30T16:18:43.773Z [INFO] core: successfully mounted backend: type=system path=sys/
>
> 2018-12-30T16:18:43.776Z [INFO] core: successfully mounted backend: type=identity path=identity/
>
> 2018-12-30T16:18:43.778Z [INFO] core: successfully enabled credential backend: type=token path=token/
>
> 2018-12-30T16:18:43.779Z [INFO] core: restoring leases
>
> 2018-12-30T16:18:43.780Z [INFO] rollback: starting rollback manager
>
> 2018-12-30T16:18:43.780Z [INFO] expiration: lease restore complete
>
> 2018-12-30T16:18:43.780Z [INFO] identity: entities restored
>
> 2018-12-30T16:18:43.780Z [INFO] identity: groups restored
>
> 2018-12-30T16:18:43.780Z [INFO] core: post-unseal setup complete
>
> 2018-12-30T16:18:43.781Z [INFO] core: root token generated
>
> 2018-12-30T16:18:43.781Z [INFO] core: pre-seal teardown starting
>
> 2018-12-30T16:18:43.781Z [INFO] core: stopping cluster listeners
>
> 2018-12-30T16:18:43.781Z [INFO] core: starting listener: listener_address=127.0.0.1:8201
>
> 2018-12-30T16:18:43.781Z [INFO] core: serving cluster requests: cluster_listen_address=127.0.0.1:8201
>
> 2018-12-30T16:18:43.781Z [INFO] core: shutting down forwarding rpc listeners
>
> 2018-12-30T16:18:43.781Z [INFO] core: forwarding rpc listeners stopped
>
> 2018-12-30T16:18:44.281Z [INFO] core: rpc listeners successfully shut down
>
> 2018-12-30T16:18:44.281Z [INFO] core: cluster listeners successfully shut down
>
> 2018-12-30T16:18:44.281Z [INFO] rollback: stopping rollback manager
>
> 2018-12-30T16:18:44.281Z [INFO] core: pre-seal teardown complete
>
> 2018-12-30T16:18:44.281Z [INFO] core: vault is unsealed
>
> 2018-12-30T16:18:44.281Z [INFO] core: post-unseal setup starting
>
> 2018-12-30T16:18:44.281Z [INFO] core: loaded wrapping token key
>
> 2018-12-30T16:18:44.281Z [INFO] core: successfully setup plugin catalog: plugin-directory=/home/ec2-user/vaultDevModeConfig/plugins
>
> 2018-12-30T16:18:44.281Z [INFO] core: successfully mounted backend: type=kv path=secret/
>
> 2018-12-30T16:18:44.282Z [INFO] core: successfully mounted backend: type=system path=sys/
>
> 2018-12-30T16:18:44.282Z [INFO] core: successfully mounted backend: type=identity path=identity/
>
> 2018-12-30T16:18:44.282Z [INFO] core: successfully mounted backend: type=cubbyhole path=cubbyhole/
>
> 2018-12-30T16:18:44.283Z [INFO] core: successfully enabled credential backend: type=token path=token/
>
> 2018-12-30T16:18:44.283Z [INFO] core: restoring leases
>
> 2018-12-30T16:18:44.283Z [INFO] rollback: starting rollback manager
>
> 2018-12-30T16:18:44.283Z [INFO] identity: entities restored
>
> 2018-12-30T16:18:44.283Z [INFO] identity: groups restored
>
> 2018-12-30T16:18:44.283Z [INFO] core: post-unseal setup complete
>
> 2018-12-30T16:18:44.283Z [INFO] expiration: lease restore complete
>
> 2018-12-30T16:18:44.283Z [INFO] core: starting listener: listener_address=127.0.0.1:8201
>
> 2018-12-30T16:18:44.283Z [INFO] core: serving cluster requests: cluster_listen_address=127.0.0.1:8201
>
> 2018-12-30T16:18:44.286Z [INFO] core: mount tuning of options: path=secret/ options=map[version:2]
>
> 2018-12-30T16:18:44.292Z [INFO] secrets.kv.kv_e22ff382: collecting keys to upgrade
>
> 2018-12-30T16:18:44.292Z [INFO] secrets.kv.kv_e22ff382: done collecting keys: num_keys=1
>
> 2018-12-30T16:18:44.292Z [INFO] secrets.kv.kv_e22ff382: upgrading keys finished
>
> 2018-12-30T16:21:42.887Z [ERROR] secrets.system.system_11d491de: mount failed: path=snowflake-secrets-vault-backend/ error="fork/exec /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend: exec format error"
>
> 2018-12-30T16:52:37.427Z [ERROR] secrets.system.system_11d491de: mount failed: path=my-secrets-plugin/ error="fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: permission denied"
>
> 2018-12-30T16:52:55.298Z [ERROR] secrets.system.system_11d491de: mount failed: path=my-secrets-plugin/ error="fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: exec format error"
>
> ^C==> Vault shutdown triggered
>
> 2018-12-30T18:52:48.747Z [INFO] core: marked as sealed
>
> 2018-12-30T18:52:48.747Z [INFO] core: pre-seal teardown starting
>
> 2018-12-30T18:52:48.747Z [INFO] core: stopping cluster listeners
>
> 2018-12-30T18:52:48.747Z [INFO] core: shutting down forwarding rpc listeners
>
> 2018-12-30T18:52:48.747Z [INFO] core: forwarding rpc listeners stopped
>
> 2018-12-30T18:52:49.247Z [INFO] core: rpc listeners successfully shut down
>
> 2018-12-30T18:52:49.247Z [INFO] core: cluster listeners successfully shut down
>
> 2018-12-30T18:52:49.247Z [INFO] rollback: stopping rollback manager
>
> 2018-12-30T18:52:49.247Z [INFO] core: pre-seal teardown complete
>
> 2018-12-30T18:52:49.247Z [INFO] core: vault is sealed
>
> [ec2-user@ip-172-31-89-76 ~]$
>
>
> # steps taken on the ec2 instance that show the work of what I did for each failed plugin
>
> [ec2-user@ip-172-31-89-76 ~]$ sudo yum install golang
>
> Loaded plugins: priorities, update-motd, upgrade-helper
>
> 1054 packages excluded due to repository priority protections
>
> Resolving Dependencies
>
> --> Running transaction check
>
> ---> Package golang.x86_64 0:1.10.6-1.47.amzn1 will be installed
>
> --> Processing Dependency: golang-src = 1.10.6-1.47.amzn1 for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: golang-bin = 1.10.6-1.47.amzn1 for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: golang-bin(x86-64) = 1.10.6-1.47.amzn1 for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: subversion for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: mercurial for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Processing Dependency: bzr for package: golang-1.10.6-1.47.amzn1.x86_64
>
> --> Running transaction check
>
> ---> Package bzr-python27.x86_64 0:2.6.0-8.17.amzn1 will be installed
>
> --> Processing Dependency: bzr-common = 2.6.0-8.17.amzn1 for package: bzr-python27-2.6.0-8.17.amzn1.x86_64
>
> ---> Package golang-bin.x86_64 0:1.10.6-1.47.amzn1 will be installed
>
> --> Processing Dependency: gcc for package: golang-bin-1.10.6-1.47.amzn1.x86_64
>
> ---> Package golang-src.noarch 0:1.10.6-1.47.amzn1 will be installed
>
> ---> Package mercurial-python27.x86_64 0:4.2.3-1.30.amzn1 will be installed
>
> --> Processing Dependency: mercurial-common(x86-64) = 4.2.3-1.30.amzn1 for package: mercurial-python27-4.2.3-1.30.amzn1.x86_64
>
> ---> Package subversion.x86_64 0:1.9.7-1.58.amzn1 will be installed
>
> --> Processing Dependency: subversion-libs(x86-64) = 1.9.7-1.58.amzn1 for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_wc-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_subr-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_repos-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra_svn-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra_serf-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra_local-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_ra-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_x-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_util-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_fs-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs_base-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_fs-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_diff-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_delta-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libsvn_client-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Processing Dependency: libserf-1.so.0()(64bit) for package: subversion-1.9.7-1.58.amzn1.x86_64
>
> --> Running transaction check
>
> ---> Package bzr-common.noarch 0:2.6.0-8.17.amzn1 will be installed
>
> ---> Package gcc72.x86_64 0:7.2.1-2.59.amzn1 will be installed
>
> --> Processing Dependency: cpp72(x86-64) = 7.2.1-2.59.amzn1 for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> --> Processing Dependency: glibc-devel(x86-64) >= 2.2.90-12 for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> --> Processing Dependency: libmpfr.so.4()(64bit) for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> --> Processing Dependency: libmpc.so.3()(64bit) for package: gcc72-7.2.1-2.59.amzn1.x86_64
>
> ---> Package libserf.x86_64 0:1.3.7-1.7.amzn1 will be installed
>
> ---> Package mercurial-common.x86_64 0:4.2.3-1.30.amzn1 will be installed
>
> ---> Package subversion-libs.x86_64 0:1.9.7-1.58.amzn1 will be installed
>
> --> Running transaction check
>
> ---> Package cpp72.x86_64 0:7.2.1-2.59.amzn1 will be installed
>
> ---> Package glibc-devel.x86_64 0:2.17-260.175.amzn1 will be installed
>
> --> Processing Dependency: glibc-headers = 2.17-260.175.amzn1 for package: glibc-devel-2.17-260.175.amzn1.x86_64
>
> --> Processing Dependency: glibc-headers for package: glibc-devel-2.17-260.175.amzn1.x86_64
>
> ---> Package libmpc.x86_64 0:1.0.1-3.3.amzn1 will be installed
>
> ---> Package mpfr.x86_64 0:3.1.1-4.14.amzn1 will be installed
>
> --> Running transaction check
>
> ---> Package glibc-headers.x86_64 0:2.17-260.175.amzn1 will be installed
>
> --> Processing Dependency: kernel-headers >= 2.2.1 for package: glibc-headers-2.17-260.175.amzn1.x86_64
>
> --> Processing Dependency: kernel-headers for package: glibc-headers-2.17-260.175.amzn1.x86_64
>
> --> Running transaction check
>
> ---> Package kernel-headers.x86_64 0:4.14.88-72.73.amzn1 will be installed
>
> --> Finished Dependency Resolution
>
>
> Dependencies Resolved
>
>
> =========================================================================================================================================================================================================
>
> Package Arch Version Repository Size
>
> =========================================================================================================================================================================================================
>
> Installing:
>
> golang x86_64 1.10.6-1.47.amzn1 amzn-updates 910 k
>
> Installing for dependencies:
>
> bzr-common noarch 2.6.0-8.17.amzn1 amzn-main 624 k
>
> bzr-python27 x86_64 2.6.0-8.17.amzn1 amzn-main 6.9 M
>
> cpp72 x86_64 7.2.1-2.59.amzn1 amzn-main 10 M
>
> gcc72 x86_64 7.2.1-2.59.amzn1 amzn-main 20 M
>
> glibc-devel x86_64 2.17-260.175.amzn1 amzn-updates 1.2 M
>
> glibc-headers x86_64 2.17-260.175.amzn1 amzn-updates 758 k
>
> golang-bin x86_64 1.10.6-1.47.amzn1 amzn-updates 92 M
>
> golang-src noarch 1.10.6-1.47.amzn1 amzn-updates 6.7 M
>
> kernel-headers x86_64 4.14.88-72.73.amzn1 amzn-updates 1.2 M
>
> libmpc x86_64 1.0.1-3.3.amzn1 amzn-main 53 k
>
> libserf x86_64 1.3.7-1.7.amzn1 amzn-main 64 k
>
> mercurial-common x86_64 4.2.3-1.30.amzn1 amzn-main 1.6 M
>
> mercurial-python27 x86_64 4.2.3-1.30.amzn1 amzn-main 3.7 M
>
> mpfr x86_64 3.1.1-4.14.amzn1 amzn-main 237 k
>
> subversion x86_64 1.9.7-1.58.amzn1 amzn-main 1.6 M
>
> subversion-libs x86_64 1.9.7-1.58.amzn1 amzn-main 1.7 M
>
>
> Transaction Summary
>
> =========================================================================================================================================================================================================
>
> Install 1 Package (+16 Dependent packages)
>
>
> Total download size: 150 M
>
> Installed size: 458 M
>
> Is this ok [y/d/N]: y
>
> Downloading packages:
>
> (1/17): bzr-common-2.6.0-8.17.amzn1.noarch.rpm | 624 kB 00:00:00
>
> (2/17): bzr-python27-2.6.0-8.17.amzn1.x86_64.rpm | 6.9 MB 00:00:00
>
> (3/17): cpp72-7.2.1-2.59.amzn1.x86_64.rpm | 10 MB 00:00:00
>
> (4/17): glibc-headers-2.17-260.175.amzn1.x86_64.rpm | 758 kB 00:00:00
>
> (5/17): glibc-devel-2.17-260.175.amzn1.x86_64.rpm | 1.2 MB 00:00:00
>
> (6/17): golang-1.10.6-1.47.amzn1.x86_64.rpm | 910 kB 00:00:00
>
> (7/17): gcc72-7.2.1-2.59.amzn1.x86_64.rpm | 20 MB 00:00:00
>
> (8/17): golang-src-1.10.6-1.47.amzn1.noarch.rpm | 6.7 MB 00:00:00
>
> (9/17): kernel-headers-4.14.88-72.73.amzn1.x86_64.rpm | 1.2 MB 00:00:00
>
> (10/17): libmpc-1.0.1-3.3.amzn1.x86_64.rpm | 53 kB 00:00:00
>
> (11/17): libserf-1.3.7-1.7.amzn1.x86_64.rpm | 64 kB 00:00:00
>
> (12/17): mercurial-common-4.2.3-1.30.amzn1.x86_64.rpm | 1.6 MB 00:00:00
>
> (13/17): mpfr-3.1.1-4.14.amzn1.x86_64.rpm | 237 kB 00:00:00
>
> (14/17): subversion-1.9.7-1.58.amzn1.x86_64.rpm | 1.6 MB 00:00:00
>
> (15/17): mercurial-python27-4.2.3-1.30.amzn1.x86_64.rpm | 3.7 MB 00:00:00
>
> (16/17): subversion-libs-1.9.7-1.58.amzn1.x86_64.rpm | 1.7 MB 00:00:00
>
> (17/17): golang-bin-1.10.6-1.47.amzn1.x86_64.rpm | 92 MB 00:00:01
>
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Total 54 MB/s | 150 MB 00:00:02
>
> Running transaction check
>
> Running transaction test
>
> Transaction test succeeded
>
> Running transaction
>
> Installing : mpfr-3.1.1-4.14.amzn1.x86_64 1/17
>
> Installing : libmpc-1.0.1-3.3.amzn1.x86_64 2/17
>
> Installing : libserf-1.3.7-1.7.amzn1.x86_64 3/17
>
> Installing : subversion-libs-1.9.7-1.58.amzn1.x86_64 4/17
>
> Installing : subversion-1.9.7-1.58.amzn1.x86_64 5/17
>
> Installing : cpp72-7.2.1-2.59.amzn1.x86_64 6/17
>
> Installing : bzr-python27-2.6.0-8.17.amzn1.x86_64 7/17
>
> Installing : bzr-common-2.6.0-8.17.amzn1.noarch 8/17
>
> Installing : golang-src-1.10.6-1.47.amzn1.noarch 9/17
>
> Installing : kernel-headers-4.14.88-72.73.amzn1.x86_64 10/17
>
> Installing : glibc-headers-2.17-260.175.amzn1.x86_64 11/17
>
> Installing : glibc-devel-2.17-260.175.amzn1.x86_64 12/17
>
> Installing : gcc72-7.2.1-2.59.amzn1.x86_64 13/17
>
> Installing : mercurial-common-4.2.3-1.30.amzn1.x86_64 14/17
>
> Installing : mercurial-python27-4.2.3-1.30.amzn1.x86_64 15/17
>
> Installing : golang-1.10.6-1.47.amzn1.x86_64 16/17
>
> Installing : golang-bin-1.10.6-1.47.amzn1.x86_64 17/17
>
> Verifying : glibc-devel-2.17-260.175.amzn1.x86_64 1/17
>
> Verifying : mercurial-common-4.2.3-1.30.amzn1.x86_64 2/17
>
> Verifying : cpp72-7.2.1-2.59.amzn1.x86_64 3/17
>
> Verifying : libmpc-1.0.1-3.3.amzn1.x86_64 4/17
>
> Verifying : bzr-common-2.6.0-8.17.amzn1.noarch 5/17
>
> Verifying : subversion-libs-1.9.7-1.58.amzn1.x86_64 6/17
>
> Verifying : kernel-headers-4.14.88-72.73.amzn1.x86_64 7/17
>
> Verifying : glibc-headers-2.17-260.175.amzn1.x86_64 8/17
>
> Verifying : mpfr-3.1.1-4.14.amzn1.x86_64 9/17
>
> Verifying : golang-bin-1.10.6-1.47.amzn1.x86_64 10/17
>
> Verifying : gcc72-7.2.1-2.59.amzn1.x86_64 11/17
>
> Verifying : subversion-1.9.7-1.58.amzn1.x86_64 12/17
>
> Verifying : libserf-1.3.7-1.7.amzn1.x86_64 13/17
>
> Verifying : golang-1.10.6-1.47.amzn1.x86_64 14/17
>
> Verifying : bzr-python27-2.6.0-8.17.amzn1.x86_64 15/17
>
> Verifying : mercurial-python27-4.2.3-1.30.amzn1.x86_64 16/17
>
> Verifying : golang-src-1.10.6-1.47.amzn1.noarch 17/17
>
>
> Installed:
>
> golang.x86_64 0:1.10.6-1.47.amzn1
>
>
> Dependency Installed:
>
> bzr-common.noarch 0:2.6.0-8.17.amzn1 bzr-python27.x86_64 0:2.6.0-8.17.amzn1 cpp72.x86_64 0:7.2.1-2.59.amzn1 gcc72.x86_64 0:7.2.1-2.59.amzn1
>
> glibc-devel.x86_64 0:2.17-260.175.amzn1 glibc-headers.x86_64 0:2.17-260.175.amzn1 golang-bin.x86_64 0:1.10.6-1.47.amzn1 golang-src.noarch 0:1.10.6-1.47.amzn1
>
> kernel-headers.x86_64 0:4.14.88-72.73.amzn1 libmpc.x86_64 0:1.0.1-3.3.amzn1 libserf.x86_64 0:1.3.7-1.7.amzn1 mercurial-common.x86_64 0:4.2.3-1.30.amzn1
>
> mercurial-python27.x86_64 0:4.2.3-1.30.amzn1 mpfr.x86_64 0:3.1.1-4.14.amzn1 subversion.x86_64 0:1.9.7-1.58.amzn1 subversion-libs.x86_64 0:1.9.7-1.58.amzn1
>
>
> Complete!
>
> [ec2-user@ip-172-31-89-76 ~]$ go get -u golang.org/x/vgo
>
> [ec2-user@ip-172-31-89-76 ~]$ export GOPATH=`pwd`/go
>
> [ec2-user@ip-172-31-89-76 ~]$ echo $GOPATH
>
> /home/ec2-user/go
>
> [ec2-user@ip-172-31-89-76 ~]$ export PATH=$PATH:$GOPATH/bin
>
> [ec2-user@ip-172-31-89-76 ~]$ which vgo
>
> ~/go/bin/vgo
>
> [ec2-user@ip-172-31-89-76 ~]$ cd go
>
> [ec2-user@ip-172-31-89-76 go]$ cd src
>
> [ec2-user@ip-172-31-89-76 src]$ ll
>
> total 12
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:10 .
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:10 ..
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:10 golang.org
>
> [ec2-user@ip-172-31-89-76 src]$ mkdir github.com
>
> [ec2-user@ip-172-31-89-76 src]$ cd github.com/
>
> [ec2-user@ip-172-31-89-76 github.com]$ git clone https://github.com/sanderiam/snowflake-keys-vault-backend
>
> Cloning into 'snowflake-keys-vault-backend'...
>
> remote: Enumerating objects: 799, done.
>
> remote: Counting objects: 100% (799/799), done.
>
> remote: Compressing objects: 100% (254/254), done.
>
> remote: Total 799 (delta 540), reused 799 (delta 540), pack-reused 0
>
> Receiving objects: 100% (799/799), 327.15 KiB | 19.24 MiB/s, done.
>
> Resolving deltas: 100% (540/540), done.
>
> [ec2-user@ip-172-31-89-76 github.com]$ ll
>
> total 12
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:14 .
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:13 ..
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:14 snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 github.com]$ cd snowflake-keys-vault-backend/
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ ll
>
> total 184
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:14 .
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:14 ..
>
> -rw-rw-r-- 1 ec2-user ec2-user 2719 Dec 30 16:14 backend.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 34888 Dec 30 16:14 backend_test.go
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:14 cmd
>
> -rw-rw-r-- 1 ec2-user ec2-user 8704 Dec 30 16:14 communicator.go
>
> drwxrwxr-x 8 ec2-user ec2-user 4096 Dec 30 16:14 .git
>
> -rw-rw-r-- 1 ec2-user ec2-user 2628 Dec 30 16:14 linux_install_script.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 8174 Dec 30 16:14 path_config_ca.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 4298 Dec 30 16:14 path_config_ca_test.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 5168 Dec 30 16:14 path_config_zeroaddress.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 10658 Dec 30 16:14 path_creds_create.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 1045 Dec 30 16:14 path_fetch.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2884 Dec 30 16:14 path_keys.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2920 Dec 30 16:14 path_lookup.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 25136 Dec 30 16:14 path_roles.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 12556 Dec 30 16:14 path_sign.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2859 Dec 30 16:14 path_verify.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 2400 Dec 30 16:14 secret_dynamic_key.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 999 Dec 30 16:14 secret_otp.go
>
> -rw-rw-r-- 1 ec2-user ec2-user 6541 Dec 30 16:14 util.go
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ vgo build -o ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> go: creating new go.mod: module github.com/snowflake-keys-vault-backend
>
> go: finding github.com/mitchellh/mapstructure v1.1.2
>
> go: finding github.com/hashicorp/go-uuid v1.0.0
>
> go: finding github.com/hashicorp/errwrap v1.0.0
>
> go: finding github.com/hashicorp/vault/logical/framework latest
>
> go: finding github.com/hashicorp/vault/helper/certutil latest
>
> go: finding github.com/hashicorp/vault/logical latest
>
> go: finding github.com/hashicorp/vault/helper/strutil latest
>
> go: finding github.com/hashicorp/vault/helper/parseutil latest
>
> go: finding github.com/hashicorp/vault/api latest
>
> go: downloading github.com/mitchellh/mapstructure v1.1.2
>
> go: downloading github.com/hashicorp/errwrap v1.0.0
>
> go: finding golang.org/x/crypto/ssh latest
>
> go: downloading github.com/hashicorp/go-uuid v1.0.0
>
> go: finding golang.org/x/crypto/ssh/agent latest
>
> go: finding github.com/hashicorp/vault/helper/salt latest
>
> go: finding github.com/hashicorp/go-multierror v1.0.0
>
> go: downloading github.com/hashicorp/go-multierror v1.0.0
>
> go: finding github.com/hashicorp/go-hclog latest
>
> go: finding golang.org/x/crypto latest
>
> go: downloading golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9
>
> go: downloading github.com/hashicorp/go-hclog v0.0.0-20181001195459-61d530d6c27f
>
> go: finding github.com/hashicorp/vault/helper/cidrutil latest
>
> go: finding github.com/hashicorp/vault/helper latest
>
> go: finding github.com/hashicorp/vault v1.0.1
>
> go: downloading github.com/hashicorp/vault v1.0.1
>
> go: finding github.com/stretchr/testify v1.2.2
>
> go: finding github.com/davecgh/go-spew v1.1.1
>
> go: finding github.com/pmezard/go-difflib v1.0.0
>
> go: finding github.com/hashicorp/go-retryablehttp v0.5.0
>
> go: finding github.com/hashicorp/go-cleanhttp v0.5.0
>
> go: finding github.com/hashicorp/go-sockaddr latest
>
> go: finding github.com/hashicorp/golang-lru v0.5.0
>
> go: finding github.com/hashicorp/go-version v1.0.0
>
> go: finding github.com/hashicorp/hcl/hcl/ast latest
>
> go: finding github.com/hashicorp/hcl v1.0.0
>
> go: finding github.com/golang/protobuf/proto latest
>
> go: finding golang.org/x/time/rate latest
>
> go: finding golang.org/x/net/http2 latest
>
> go: downloading github.com/hashicorp/go-retryablehttp v0.5.0
>
> go: downloading github.com/hashicorp/golang-lru v0.5.0
>
> go: downloading github.com/hashicorp/go-cleanhttp v0.5.0
>
> go: downloading github.com/hashicorp/go-version v1.0.0
>
> go: downloading github.com/hashicorp/hcl v1.0.0
>
> go: finding github.com/SermoDigital/jose/jws latest
>
> go: finding golang.org/x/time latest
>
> go: downloading golang.org/x/time v0.0.0-20181108054448-85acf8d2951c
>
> go: finding github.com/golang/protobuf v1.2.0
>
> go: downloading github.com/hashicorp/go-sockaddr v0.0.0-20180320115054-6d291a969b86
>
> go: finding github.com/ryanuber/go-glob latest
>
> go: finding github.com/hashicorp/go-plugin latest
>
> go: finding github.com/SermoDigital/jose v0.9.1
>
> go: finding golang.org/x/net latest
>
> go: downloading golang.org/x/net v0.0.0-20181220203305-927f97764cc3
>
> go: finding github.com/mitchellh/go-testing-interface v1.0.0
>
> go: finding github.com/hashicorp/hcl/hcl latest
>
> go: finding github.com/hashicorp/go-rootcerts latest
>
> go: downloading github.com/golang/protobuf v1.2.0
>
> go: downloading github.com/ryanuber/go-glob v0.0.0-20170128012129-256dc444b735
>
> go: downloading github.com/hashicorp/go-plugin v0.0.0-20181212150838-f444068e8f5a
>
> go: downloading github.com/SermoDigital/jose v0.9.1
>
> go: downloading github.com/mitchellh/go-testing-interface v1.0.0
>
> go: finding golang.org/x/sys/unix latest
>
> go: downloading github.com/hashicorp/go-rootcerts v0.0.0-20160503143440-6bb64b370b90
>
> go: finding github.com/hashicorp/go-immutable-radix v1.0.0
>
> go: finding github.com/golang/snappy latest
>
> go: finding github.com/armon/go-radix v1.0.0
>
> go: downloading github.com/hashicorp/go-immutable-radix v1.0.0
>
> go: downloading github.com/armon/go-radix v1.0.0
>
> go: downloading github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db
>
> go: finding golang.org/x/sys latest
>
> go: downloading golang.org/x/sys v0.0.0-20181228144115-9a3f9b0469bb
>
> go: finding github.com/pierrec/lz4 v2.0.5+incompatible
>
> go: downloading github.com/pierrec/lz4 v2.0.5+incompatible
>
> go: finding golang.org/x/net v0.0.0-20180826012351-8a410e7b638d
>
> go: finding github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77
>
> go: finding github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd
>
> go: finding github.com/oklog/run v1.0.0
>
> go: finding github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb
>
> go: finding golang.org/x/text v0.3.0
>
> go: finding google.golang.org/grpc v1.14.0
>
> go: finding google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
>
> go: downloading github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb
>
> go: downloading google.golang.org/grpc v1.14.0
>
> go: downloading github.com/oklog/run v1.0.0
>
> go: downloading golang.org/x/text v0.3.0
>
> go: downloading google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ file ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend: current ar archive
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ ll ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> -rw-rw-r-- 1 ec2-user ec2-user 522128 Dec 30 16:16 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ chmod 700 ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ ll ~/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> -rwx------ 1 ec2-user ec2-user 522128 Dec 30 16:16 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 snowflake-keys-vault-backend]$ cd
>
> [ec2-user@ip-172-31-89-76 ~]$ shasum -a 256 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> 5ec459e7551fdc17cada5d2669ec36149f1de40017d69d0b278f706d80537f76 /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 ~]$ vault write sys/plugins/catalog/snowflake-keys-vault-backend sha_256=5ec459e7551fdc17cada5d2669ec36149f1de40017d69d0b278f706d80537f76 command=snowflake-keys-vault-backend
>
> Success! Data written to: sys/plugins/catalog/snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 ~]$ vault secrets enable -path=snowflake-secrets-vault-backend -plugin-name=snowflake-keys-vault-backend plugin
>
> Error enabling: Error making API request.
>
>
> URL: POST http://127.0.0.1:8200/v1/sys/mounts/snowflake-secrets-vault-backend
>
> Code: 400. Errors:
>
>
> * fork/exec /home/ec2-user/vaultDevModeConfig/plugins/snowflake-keys-vault-backend: exec format error
>
> [ec2-user@ip-172-31-89-76 ~]$ cd -
>
> /home/ec2-user/go/src/github.com
>
> [ec2-user@ip-172-31-89-76 github.com]$ ll
>
> total 12
>
> drwxrwxr-x 3 ec2-user ec2-user 4096 Dec 30 16:40 .
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:13 ..
>
> drwxrwxr-x 4 ec2-user ec2-user 4096 Dec 30 16:15 snowflake-keys-vault-backend
>
> [ec2-user@ip-172-31-89-76 github.com]$ mkdir hashicorp
>
> [ec2-user@ip-172-31-89-76 github.com]$ cd hashicorp/
>
> [ec2-user@ip-172-31-89-76 hashicorp]$ git clone https://github.com/hashicorp/vault
>
> Cloning into 'vault'...
>
> remote: Enumerating objects: 13, done.
>
> remote: Counting objects: 100% (13/13), done.
>
> remote: Compressing objects: 100% (13/13), done.
>
> remote: Total 101948 (delta 4), reused 0 (delta 0), pack-reused 101935
>
> Receiving objects: 100% (101948/101948), 73.17 MiB | 26.13 MiB/s, done.
>
> Resolving deltas: 100% (65950/65950), done.
>
> [ec2-user@ip-172-31-89-76 hashicorp]$ cd vault/logical/plugin/mock/
>
> [ec2-user@ip-172-31-89-76 mock]$ go build -o /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ shasum -a 256 /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> 420f5e23c40bc4888230fd1030fb3a1d5a243ea8b30546fd8ff086f8bf7d0cc9 /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ vault write sys/plugins/catalog/mock-plugin sha_256=420f5e23c40bc4888230fd1030fb3a1d5a243ea8b30546fd8ff086f8bf7d0cc9 command=mock-plugin
>
> Success! Data written to: sys/plugins/catalog/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ vault secrets enable -path=my-secrets-plugin -plugin-name=mock-plugin plugin
>
> Error enabling: Error making API request.
>
>
> URL: POST http://127.0.0.1:8200/v1/sys/mounts/my-secrets-plugin
>
> Code: 400. Errors:
>
>
> * fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: permission denied
>
> [ec2-user@ip-172-31-89-76 mock]$ chmod 700 /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin
>
> [ec2-user@ip-172-31-89-76 mock]$ vault secrets enable -path=my-secrets-plugin -plugin-name=mock-plugin plugin
>
> Error enabling: Error making API request.
>
>
> URL: POST http://127.0.0.1:8200/v1/sys/mounts/my-secrets-plugin
>
> Code: 400. Errors:
>
>
> * fork/exec /home/ec2-user/vaultDevModeConfig/plugins/mock-plugin: exec format error
>
> [ec2-user@ip-172-31-89-76 mock]$
>
>
>
>
>
> --
> This mailing list is governed under the HashiCorp Community Guidelines - https://www.hashicorp.com/community-guidelines.html. Behavior in violation of those guidelines may result in your removal from this mailing list.
>
> GitHub Issues: https://github.com/hashicorp/vault/issues
> IRC: #vault-tool on Freenode
> ---
> You received this message because you are subscribed to the Google Groups "Vault" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/34842103-d129-4c7d-a6ee-c16fe3b1210e%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
Message has been deleted
0 new messages