Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chef_user hits 400 errors whenever you try to update any user fields (email, display_name, etc.) #106

Open
poliva83 opened this issue May 12, 2016 · 7 comments
Open

chef_user hits 400 errors whenever you try to update any user fields (email, display_name, etc.) #106

poliva83 opened this issue May 12, 2016 · 7 comments
Labels
Priority: Critical
Milestone
Accepted Minor

Comments

@poliva83
Copy link

Discovered that when you try to update an email of a existing user the chef_user blows up with 400 "Bad Request" error. Tried other fields like display_name and hit similar results.

Discovered using combination of cheffish 2.0.2 and chef-client 12.5.1.

 * chef_user[admin-helm] action create

 ["update user admin-helm at https://127.0.0.1/users", "  update email from \"[email protected]\" to \"[email protected]\""]
 {"name"=>"admin-helm", "username"=>"admin-helm", "display_name"=>"Admin Shared User for HELM Org", "admin"=>false, "json_class"=>"Chef::WebUIUser", "chef_type"=>"webui_user", "salt"=>nil, "password"=>nil, "openid"=>nil, "email"=>"[email protected]", "public_key"=>"-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNKOarIC4dUS2SUdOuOZ\n0ACVepwMeoHuzQYdUtwVA1+fDXjLqfZy63b4KObCIPx8m4bdrWXw15Fr9eMrjw36\nBf4tPHxU4Jq+CivD1pW3QVAV4Z2cZ89mruOD4xwLfjycQ7/LWydhmGs59hC7l6Fk\nxxmDSoWVs3pmNs2Ug9ZRmN6OsAltb0JbMpLqFrleg2j4RalfLls24rOQqkKC5n8K\nAmef0zt3F5HaufxXbuBWBG1wmNCxAzQswTzpFUd1ZSSdXxPg3KOkNiZdY6GEt1AY\nJW4ReFWo5MISnv7JyNSEZWr0eGOJqzTEURGPrbJUWS6UbkioFdwLtBC+AsLk3Cvo\nBQIDAQAB\n-----END PUBLIC KEY-----\n"}


     ================================================================================
     Error executing action `create` on resource 'chef_user[admin-helm]'
     ================================================================================

     Net::HTTPServerException
     ------------------------
     400 "Bad Request"

     Resource Declaration:
     ---------------------
     # In /var/chef/cache/cookbooks/bb_chef_server_cluster/recipes/manage_rbac.rb

      92:   chef_user user do
      93:     display_name values['display_name']
      94:     email values['email']
      95:     password lazy { determine_user_password(chef_server_url, user, values['password']) }
      96:     source_key values['source_key']
      97:     chef_server url_root
      98:     action :create
      99:     not_if { values['source_key'].nil? }
     100:     only_if { node.run_state['check_ha_status'] }
     101:   end
     102: end

     Compiled Resource:
     ------------------
     # Declared in /var/chef/cache/cookbooks/bb_chef_server_cluster/recipes/manage_rbac.rb:92:in `block in from_file'

     chef_user("admin-helm") do
       action [:create]
       retries 0
       retry_delay 2
       default_guard_interpreter :default
       chef_server {:chef_server_url=>"https://127.0.0.1:443", :options=>{:client_name=>"pivotal", :signing_key_filename=>"/etc/opscode/pivotal.pem", :api_version=>"0"}}
       declared_type :chef_user
       cookbook_name "bb_chef_server_cluster"
       recipe_name "manage_rbac"
       display_name "Admin Shared User for HELM Org"
       email "[email protected]"
       password #<ChefCompat::CopiedFromChef::Chef::DelayedEvaluator:0x0000000584e770@/var/chef/cache/cookbooks/bb_chef_server_cluster/recipes/manage_rbac.rb:95>
       source_key "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCo0o5qsgLh1RLZJR0645nQAJV6nAx6ge7NBh1S3BUDX58NeMup9nLrdvgo5sIg/Hybht2tZfDXkWv14yuPDfoF/i08fFTgmr4KK8PWlbdBUBXhnZxnz2au44PjHAt+PJxDv8tbJ2GYazn2ELuXoWTHGYNKhZWzemY2zZSD1lGY3o6wCW1vQlsykuoWuV6DaPhFqV8uWzbis5CqQoLmfwoCZ5/TO3cXkdq5/Fdu4FYEbXCY0LEDNCzBPOkVR3VlJJ1fE+Dco6Q2Jl1joYS3UBglbhF4VajkwhKe/snI1IRlavR4Y4mrNMRREY+tslRZLpRuSKgV3Au0EL4CwuTcK+gF"
       not_if { #code block }
       only_if { #code block }
     end

Here is the complete stack trace:

Generated at 2016-05-12 14:01:32 +0000
Net::HTTPServerException: chef_user[admin-helm] (bb_chef_server_cluster::manage_rbac line 92) had an error: Net::HTTPServerException: 400 "Bad Request"
/opt/chef/embedded/lib/ruby/2.1.0/net/http/response.rb:119:in `error!'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/http.rb:145:in `request'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/http.rb:118:in `put'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.2/lib/cheffish/chef_actor_base.rb:21:in `block in create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/mixin/why_run.rb:52:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/mixin/why_run.rb:52:in `add_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/provider.rb:175:in `converge_by'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.2/lib/cheffish/chef_actor_base.rb:20:in `create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.2/lib/chef/resource/chef_user.rb:42:in `block in <class:ChefUser>'
(eval):2:in `block in action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `instance_eval'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `compile_and_converge_action'
(eval):2:in `action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/provider.rb:144:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource.rb:585:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:49:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:81:in `block (2 levels) in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:81:in `each'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:81:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/resource_list.rb:83:in `block in execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/resource_collection/resource_list.rb:81:in `execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/runner.rb:80:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:653:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:648:in `catch'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:648:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:687:in `converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/client.rb:269:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:270:in `block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:258:in `fork'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:258:in `fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:224:in `block in run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/local_mode.rb:44:in `with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:212:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:408:in `block in interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:398:in `loop'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:398:in `interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/client.rb:388:in `run_application'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application.rb:60:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:54:in `load'
/usr/bin/chef-client:54:in `<main>'
@poliva83
Copy link
Author

Still hit issue with cheffish 2.0.4 and chef-client 12.9.41 (latest versions)

Net::HTTPServerException: chef_user[admin-helm] (bb_chef_server_cluster::manage_rbac line 92) had an error: Net::HTTPServerException: 400 "Bad Request"
/opt/chef/embedded/lib/ruby/2.1.0/net/http/response.rb:119:in `error!'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/http.rb:146:in `request'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/http.rb:119:in `put'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:21:in `block in create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/mixin/why_run.rb:52:in `add_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/provider.rb:175:in `converge_by'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:20:in `create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/chef/resource/chef_user.rb:42:in `block in <class:ChefUser>'
(eval):2:in `block in action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `instance_eval'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.9.1/files/lib/chef_compat/copied_from_chef/chef/provider.rb:122:in `compile_and_converge_action'
(eval):2:in `action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/provider.rb:144:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource.rb:596:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:69:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:97:in `block (2 levels) in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:97:in `each'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:97:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/resource_list.rb:84:in `block in execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/resource_collection/resource_list.rb:82:in `execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/runner.rb:96:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:667:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:662:in `catch'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:662:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:701:in `converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/client.rb:281:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:285:in `block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:273:in `fork'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:273:in `fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:238:in `block in run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/local_mode.rb:44:in `with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:226:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:456:in `sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:443:in `block in interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:442:in `loop'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:442:in `interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application/client.rb:426:in `run_application'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/lib/chef/application.rb:58:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.9.41/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:51:in `load'

@andy-dufour
Copy link

This appears to be fixed with chef-client v12.9.41 and chef-server-core v12.6

@nlam79
Copy link

nlam79 commented Jun 29, 2016
edited
Loading

I don't think this is fix in latest chef-client v12.11.18 and chef-server-core v12.7.

sudo dpkg -l | egrep "opscode|chef"
ii chef 12.11.18-1 amd64 The full stack of chef
ii chef-ha 0.0.1bbry+20151223173646-1 amd64 The full stack of chef-ha
ii chef-server-core 12.7.0-1 amd64 The full stack of chef-server
ii chef-sync 1.0.0rc.7-1 amd64 The full stack of chef-sync
ii opscode-reporting 1.6.0-1 amd64 The full stack of opscode-reporting

Generated at 2016-06-29 14:26:09 +0000
Net::HTTPServerException: chef_user[guest-helm] (bb_chef_server_cluster::manage_rbac line 92) had an error: Net::HTTPServerException: 400 "
Bad Request"
/opt/chef/embedded/lib/ruby/2.1.0/net/http/response.rb:119:in `error!'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/http.rb:146:in `request'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/http.rb:119:in `put'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:21:in `block in create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/mixin/why_run.rb:52:in `add_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/provider.rb:176:in `converge_by'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/cheffish/chef_actor_base.rb:20:in `create_actor'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/cheffish-2.0.4/lib/chef/resource/chef_user.rb:42:in `block in <class:ChefUser>'
(eval):2:in `block in action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.10.4/files/lib/chef_compat/copied_from_chef/chef/provider.rb:124:in `instanc
e_eval'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.10.4/files/lib/chef_compat/copied_from_chef/chef/provider.rb:124:in `compile
_and_converge_action'
(eval):2:in `action_create'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/provider.rb:145:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource.rb:591:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/compat_resource-12.10.4/files/lib/chef_compat/monkeypatches/chef/runner.rb:41:in `run_action'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:97:in `block (2 levels) in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:97:in `each'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:97:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/resource_list.rb:94:in `block in execute_each_resour
ce'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:116:in `call'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:116:in `call_iterator_block'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:85:in `step'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:104:in `iterate'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/stepable_iterator.rb:55:in `each_with_index'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/resource_collection/resource_list.rb:92:in `execute_each_resource'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/runner.rb:96:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:669:in `block in converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:664:in `catch'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:664:in `converge'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:703:in `converge_and_save'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/client.rb:283:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:286:in `block in fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:274:in `fork'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:274:in `fork_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:239:in `block in run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/local_mode.rb:44:in `with_server_connectivity'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:227:in `run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:456:in `sleep_then_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:443:in `block in interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:442:in `loop'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:442:in `interval_run_chef_client'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application/client.rb:426:in `run_application'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/lib/chef/application.rb:59:in `run'
/opt/chef/embedded/lib/ruby/gems/2.1.0/gems/chef-12.11.18/bin/chef-client:26:in `<top (required)>'
/usr/bin/chef-client:52:in `load'
/usr/bin/chef-client:52:in `<main>'

@lamont-granquist
Copy link
Contributor

This seems very bad if its not fixed.

@lamont-granquist lamont-granquist added this to the Accepted Minor milestone Dec 7, 2016
@poliva83
Copy link
Author

poliva83 commented Dec 7, 2016

@lamont-granquist I did workaround this issue. The problem is you can not update email, display_name, and/or source_key without passing in the password attribute to chef_user resource. So basically I needed to make some postgres db calls and save hashed_password information of users in opscode_chef table, set the password attribute to passw0rd when using chef_user resource and then restore the old hashed_password for user with postgres db calls. I put guards to ensure chef_user resource didn't trigger unless update email, display_name, and/or source_key has changed.

# create users
node['bb_chef_server_cluster']['manage_rbac']['users'].each do |user, values|
  next if user.eql?('ec_sync_user') || values == false
  ruby_block "save #{user} password info" do
    block do
      rest = setup_rest(url_root)
      if user_exist?(rest, user)
        node.run_state["#{user}_diff"] = diff_user(rest, user, values)
        node.run_state["#{user}_password"] = get_user_password_info(user)
      else
        node.run_state["#{user}_diff"] = true
        node.run_state["#{user}_password"] = nil
      end
    end
    only_if { node.run_state['check_ha_status'] }
  end
  chef_user user do # ~FC022
    display_name values['display_name']
    email values['email']
    password 'passw0rd'
    source_key values['source_key']
    chef_server url_root
    action :create
    only_if { node.run_state["#{user}_diff"] }
    only_if { node.run_state['check_ha_status'] }
    notifies :run, "ruby_block[restore #{user} password info]", :immediately
  end
  ruby_block "restore #{user} password info" do
    block do
      update_user_password(node.run_state["#{user}_password"])
      restored = Chef::Resource::Log.new("restored #{user} password successfully!", run_context)
      restored.level :info
      restored.run_action :write
    end
    action :nothing
    only_if { node.run_state["#{user}_password"] }
    only_if { node.run_state['check_ha_status'] }
  end
end

@poliva83
Copy link
Author

poliva83 commented Dec 7, 2016

I guess this issue is related to #83

@lamont-granquist
Copy link
Contributor

Okay I think I understand it clearer now.

The RESTfulness of the API is getting into a fight with password hashing. It wants everything updated, but the passwords have been one-way hashed so that you can't GET, , POST.

this is probably the better written ticket than #83

@lamont-granquist lamont-granquist mentioned this issue Dec 7, 2016
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Priority: Critical
Projects
None yet
Milestone
Accepted Minor
Development

No branches or pull requests
5 participants
@thommay @lamont-granquist @poliva83 @andy-dufour @nlam79