chef - [chef] Re: [CHEF] error creating jenkins user with the sudo cookbook

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] Re: [CHEF] error creating jenkins user with the sudo cookbook

From: Jorge Bianquetti < >
To:
Subject: [chef] Re: [CHEF] error creating jenkins user with the sudo cookbook
Date: Fri, 15 Nov 2013 10:25:51 +0100

It's simple, you can't name a system user "%jenkins".

2013/11/12 Phil Cryer
< >:
> I'm using the Opscode sudo cookbook, and I've walked through the sudo
> example on their site (http://docs.opscode.com/lwrp_sudo.html) but I
> get an error 'validate_fragment' I've tried a few different things,
> but can't find much else online on the topic; most refer to using sudo
> to install chef, run chef-client, etc. Thanks
>
> via a GIST here: https://gist.github.com/philcryer/7439401
>
> text:
>
> [...CONFIG...]
> user "jenkins" do
>     supports :manage_home => true
>     comment "The Jenkins user that handles all deploys"
>     home "/home/jenkins"
>     shell "/bin/bash"
>     password "12341234"
> end
> node['authorization']['sudo']['include_sudoers_d'] = true
> include_recipe "sudo"
> sudo "jenkins" do
>   user "%jenkins"
>   runas "app_user"
>   commands ["/etc/init.d/httpd restart","chown -R apache:apache /var/www"]
>   host "ALL"
>   nopasswd true
> end
>
>
> [...LOGS...]
> [2013-11-12T15:45:34-06:00] DEBUG: package[sudo] is already installed
> - nothing to do
> [2013-11-12T15:45:34-06:00] INFO: Processing directory[/etc/sudoers.d]
> action create (sudo::default line 25)
> [2013-11-12T15:45:34-06:00] INFO: Processing
> cookbook_file[/etc/sudoers.d/README] action create (sudo::default line
> 31)
> [2013-11-12T15:45:34-06:00] INFO: Processing template[/etc/sudoers]
> action create (sudo::default line 39)
> [2013-11-12T15:45:34-06:00] DEBUG: Not fetching
> cookbooks/sudo/templates/default/sudoers.erb, as the cache is up to
> date.
> [2013-11-12T15:45:34-06:00] DEBUG: current checksum:
> 6f178ce07803096acacaca23d243f2c2; manifest checksum:
> 6f178ce07803096acacaca23d243f2c2)
> [2013-11-12T15:45:34-06:00] DEBUG: Current content's checksum:
> 261759ea279ca54103844c4a929fbcd3bd8b29f3e339ef334cbdea2405e7bd31
> [2013-11-12T15:45:34-06:00] DEBUG: Rendered content's checksum:
> 261759ea279ca54103844c4a929fbcd3bd8b29f3e339ef334cbdea2405e7bd31
> [2013-11-12T15:45:34-06:00] DEBUG: template[/etc/sudoers] content has
> not changed.
> [2013-11-12T15:45:34-06:00] INFO: Processing sudo[jenkins] action
> install (base::default line 135)
> [2013-11-12T15:45:34-06:00] DEBUG: Not fetching
> cookbooks/sudo/templates/default/sudoer.erb, as the cache is up to
> date.
> [2013-11-12T15:45:34-06:00] DEBUG: current checksum:
> f1a732fa44ee8eacc9ada77f75d580d3; manifest checksum:
> f1a732fa44ee8eacc9ada77f75d580d3)
> [2013-11-12T15:45:34-06:00] ERROR: Fragment validation failed:
>
>
> [2013-11-12T15:45:34-06:00] ERROR: # This file is managed by Chef.
> # Do NOT modify this file directly.
>
> %jenkins  ALL=(app_user) NOPASSWD:/etc/init.d/httpd restart
> %jenkins  ALL=(app_user) NOPASSWD:chown -R apache:apache /var/www
>
> [2013-11-12T15:45:34-06:00] FATAL: Template
> /tmp/sudoer20131112-12809-j5303y failed fragment validation!
>
> ================================================================================
> Error executing action `install` on resource 'sudo[jenkins]'
> ================================================================================
>
> SystemExit
> ----------
> exit
>
> Cookbook Trace:
> ---------------
> /var/chef/cache/cookbooks/sudo/providers/default.rb:51:in
> `validate_fragment!'
> /var/chef/cache/cookbooks/sudo/providers/default.rb:96:in `render_sudoer'
> /var/chef/cache/cookbooks/sudo/providers/default.rb:104:in `block in
> class_from_file'
>
> Resource Declaration:
> ---------------------
> # In /var/chef/cache/cookbooks/base/recipes/default.rb
>
> 135: sudo "jenkins" do
> 136:   user "%jenkins"
> 137:   runas "app_user"
> 138:   commands ["/etc/init.d/httpd restart","chown -R apache:apache
> /opt/iaas"]
> 139:   host "ALL"
> 140:   nopasswd true
> 141: end
>
> Compiled Resource:
> ------------------
> # Declared in /var/chef/cache/cookbooks/base/recipes/default.rb:135:in
> `from_file'
>
> sudo("jenkins") do
>   action :install
>   supports {:report=>true, :exception=>true}
>   retries 0
>   retry_delay 2
>   cookbook_name "base"
>   recipe_name "default"
>   user "%jenkins"
>   runas "app_user"
>   commands ["/etc/init.d/httpd restart", "chown -R apache:apache /opt/iaas"]
>   host "ALL"
>   nopasswd true
> end
>
> [2013-11-12T15:45:34-06:00] DEBUG: Re-raising exception: SystemExit -
> sudo[jenkins] (base::default line 135) had an error: SystemExit: exit

[chef] [CHEF] error creating jenkins user with the sudo cookbook, Phil Cryer, 11/12/2013
- [chef] Re: [CHEF] error creating jenkins user with the sudo cookbook, Jorge Bianquetti, 11/15/2013
  - [chef] Re: Re: [CHEF] error creating jenkins user with the sudo cookbook, Phil Cryer, 11/15/2013