Issue #23132 has been reported by Adam Compton. ---------------------------------------- Bug #23132: Facter 1.7.x crashes on CentOS 6.x VMs with an illegal instruction while looking up sshfp https://projects.puppetlabs.com/issues/23132
* Author: Adam Compton * Status: Unreviewed * Priority: Normal * Assignee: * Category: * Target version: * Keywords: * Branch: * Affected Facter version: ---------------------------------------- Support for ssh fingerprints (as merged in https://github.com/puppetlabs/facter/pull/162) breaks facter while running on CentOS 6.x on a VM due to a bug with ruby 1.8.7, which is what CentOS 6 provides. [acompton@] /usr/lib/ruby/site_ruby/1.8/facter >> facter --debug Relative directory ./facter removed from search path. value for lsbdistid is still nil value for ipaddress6_lo is still nil ruby-augeas not available value for augeasversion is still nil value for sshecdsakey is still nil value for sshfp_ecdsa is still nil Found no suitable resolves of 1 for selinux_policyversion value for selinux_policyversion is still nil value for lsbdistdescription is still nil Found no suitable resolves of 1 for xendomains value for xendomains is still nil value for lsbrelease is still nil Found no suitable resolves of 1 for selinux_mode value for selinux_mode is still nil Found no suitable resolves of 1 for zonename value for zonename is still nil value for ipaddress6_eth0 is still nil value for cfkey is still nil value for lsbdistid is still nil value for zpool_version is still nil value for macaddress_lo is still nil Illegal instruction [acompton@] /usr/lib/ruby/site_ruby/1.8/facter >> strace -f -- facter 2>&1 | grep -v SIG_ | tail stat("/usr/lib64/site_ruby/1.8/x86_64-linux/digest.rb", 0x7fff6c9843d0) = -1 ENOENT (No such file or directory) stat("/usr/lib64/site_ruby/1.8/x86_64-linux/digest.so", 0x7fff6c9843d0) = -1 ENOENT (No such file or directory) stat("/usr/lib64/site_ruby/digest.rb", 0x7fff6c9843d0) = -1 ENOENT (No such file or directory) stat("/usr/lib64/site_ruby/digest.so", 0x7fff6c9843d0) = -1 ENOENT (No such file or directory) stat("/usr/lib/ruby/1.8/digest.rb", {st_mode=S_IFREG|0644, st_size=1145, ...}) = 0 open("/usr/lib/ruby/1.8/digest.rb", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=1145, ...}) = 0 close(3) = 0 --- SIGILL (Illegal instruction) @ 0 (0) --- +++ killed by SIGILL +++ (...comment out sshfp support...) [acompton@] /usr/lib/ruby/site_ruby/1.8/facter >> cat ssh.rb # Fact: ssh # # Purpose: # # Resolution: # # Caveats: # ## ssh.rb ## Facts related to SSH ## {"SSHDSAKey" => { :file => "ssh_host_dsa_key.pub", :sshfprrtype => 2 } , "SSHRSAKey" => { :file => "ssh_host_rsa_key.pub", :sshfprrtype => 1 }, "SSHECDSAKey" => { :file => "ssh_host_ecdsa_key.pub", :sshfprrtype => 3 } }.each do |name,key| Facter.add(name) do setcode do value = nil [ "/etc/ssh", "/usr/local/etc/ssh", "/etc", "/usr/local/etc", "/etc/opt/ssh", ].each do |dir| filepath = File.join(dir,key[:file]) if FileTest.file?(filepath) begin value = File.read(filepath).chomp.split(/\s+/)[1] break rescue value = nil end end end value end end # Facter.add('SSHFP_' + name[3..-4]) do # setcode do # ssh = Facter.fact(name).value # value = nil # if ssh && key[:sshfprrtype] # begin # require 'digest/sha1' # require 'base64' # digest = Base64.decode64(ssh) # value = 'SSHFP ' + key[:sshfprrtype].to_s + ' 1 ' + Digest::SHA1.hexdigest(digest) # begin # require 'digest/sha2' # value += "\nSSHFP " + key[:sshfprrtype].to_s + ' 2 ' + Digest::SHA256.hexdigest(digest) # rescue # end # rescue # value = nil # end # end # value # end # end end [acompton@] /usr/lib/ruby/site_ruby/1.8/facter >> facter | head -n 5 architecture => x86_64 bios_release_date => 01/01/2007 bios_vendor => Bochs bios_version => Bochs blockdevice_vda_size => 42949672960 I'm running the latest version of ruby available: [acompton@] /usr/lib/ruby/site_ruby/1.8/facter >> rpm -qa | grep ruby | sort ruby-1.8.7.352-12.el6_4.x86_64 ruby-libs-1.8.7.352-12.el6_4.x86_64 although this happens with every version I can find for CentOS 6. This does not happen (i.e., facter works fine) on physical machines with the same configuration. This problem is trivially demonstrated with this short example program (from https://groups.google.com/forum/#!topic/comp.lang.ruby/iFm1r1tvuC8): [acompton@] ~ >> cat 1.rb #!/usr/bin/ruby # require 'digest/sha1' require 'base64' require 'digest/sha2' puts Digest::SHA256.hexdigest("123") [acompton@] ~ >> ruby 1.rb Illegal instruction I'm not actually sure what you guys should do about this, since it's obviously a ruby bug, but perhaps you could constrain the sshfp check to only run on real hardware so facter can still function in this case? Thanks, Adam -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/groups/opt_out.
