Fixes #36973 - Use dnf needs-restarting to collect tracer information

[sbernhard]

Discussion, see: https://community.theforeman.org/t/tracer-for-dnf/35633?u=bernhard_suttner

[m-bucher]

Looks good to me

[ehelms]

@parthaa @ianballou could one of y'all take a look?

[ianballou]

Can we get a redmine for this please?

[ianballou]

@ehelms I think https://yum.theforeman.org/client/nightly/el7/x86_64/foreman-client-release.rpm might be leading to the wrong repository:

failure: repodata/repomd.xml from foreman-client: [Errno 256] No more mirrors to try.
https://yum.theforeman.org/client/nightly/el7_9/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found

[ehelms]

@ehelms I think https://yum.theforeman.org/client/nightly/el7/x86_64/foreman-client-release.rpm might be leading to the wrong repository:

failure: repodata/repomd.xml from foreman-client: [Errno 256] No more mirrors to try.
https://yum.theforeman.org/client/nightly/el7_9/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found

Thanks for the heads up!

[ehelms]

@ehelms I think https://yum.theforeman.org/client/nightly/el7/x86_64/foreman-client-release.rpm might be leading to the wrong repository:

failure: repodata/repomd.xml from foreman-client: [Errno 256] No more mirrors to try.
https://yum.theforeman.org/client/nightly/el7_9/x86_64/repodata/repomd.xml: [Errno 14] HTTPS Error 404 - Not Found

Thanks for the heads up!

The fix is now deployed and the tests are passing for EL7.

[sbernhard]

Inspired by https://github.com/FrostyX/tracer/blob/master/data/applications.xml#L84

[ianballou]

As an aside, I had to hack my system by copying the /usr/local/bin/katello-tracer-upload to /usr/sbin/katello-tracer-upload and /etc/cron.d/katello-tracer-upload to ensure that the dnf plugin would call the new code.

[ianballou]

Based on my comments above, I'd like to know if this issue with session traces is a surprise or not. Perhaps it was tested with a different client package upgrade?

[sbernhard]

Based on my comments above, I'd like to know if this issue with session traces is a surprise or not. Perhaps it was tested with a different client package upgrade?

I have tested this some time ago and session traces were recognized by https://github.com/Katello/katello-host-tools/pull/149/files#diff-21052bd00993aa53f643b56c70d49991ad54e23c97da7378b12a0b5b31197e28R36

The is_session is similar to https://github.com/FrostyX/tracer/blob/master/tracer/resources/processes.py#L268

See also this comment: #149 (comment)

Ah, maybe I just missed this one to grab: https://github.com/FrostyX/tracer/blob/ff8fc924fcbe2f638dd88b50549813dab2b8595b/tracer/resources/applications.py#L208

[ianballou]

Ah, maybe I just missed this one to grab: https://github.com/FrostyX/tracer/blob/ff8fc924fcbe2f638dd88b50549813dab2b8595b/tracer/resources/applications.py#L208

Wow, I am surprised there is such specialized logic in there for ssh sessions. Nice catch!

[ianballou]

@sbernhard after your update, I'm still seeing the same issue with ssh. The packages I'm playing with are:

[root@rhel9 katello-host-tools]# rpm -qa | grep ssh
libssh-config-0.10.4-8.el9.noarch
libssh-0.10.4-8.el9.x86_64
openssh-8.7p1-34.el9.x86_64
openssh-clients-8.7p1-34.el9.x86_64
openssh-server-8.7p1-34.el9.x86_64

Tracer is still showing:

[root@rhel9 katello-host-tools]# tracer -a
You should restart:
  * Some applications using:
      sudo systemctl restart NetworkManager

  * These applications restarting your session:
      ssh-vagrant-session

but I'm not seeing the session info yet. Is there any debugging / log statements you'd like me to try to help figure out what's going wrong?

[sbernhard]

@sbernhard after your update, I'm still seeing the same issue with ssh. The packages I'm playing with are:

[root@rhel9 katello-host-tools]# rpm -qa | grep ssh
libssh-config-0.10.4-8.el9.noarch
libssh-0.10.4-8.el9.x86_64
openssh-8.7p1-34.el9.x86_64
openssh-clients-8.7p1-34.el9.x86_64
openssh-server-8.7p1-34.el9.x86_64

Tracer is still showing:

[root@rhel9 katello-host-tools]# tracer -a
You should restart:
  * Some applications using:
      sudo systemctl restart NetworkManager

  * These applications restarting your session:
      ssh-vagrant-session

but I'm not seeing the session info yet. Is there any debugging / log statements you'd like me to try to help figure out what's going wrong?

Added some more handling for ssh sessions https://github.com/Katello/katello-host-tools/pull/149/files#diff-21052bd00993aa53f643b56c70d49991ad54e23c97da7378b12a0b5b31197e28R29

Similar to https://github.com/FrostyX/tracer/blob/master/tracer/resources/processes.py#L79

[ianballou]

Awesome, I'll give it a re-test

[ianballou]

Session is working now!

[ianballou]

Just need to check the static type and also test on EL7 to make sure the legacy stuff isn't broken.

[ianballou]

Another photo of the traces working on EL9:

[ianballou]

I'm a little confused why sudo is being marked as a daemon that needs restarting.

Here is the tracer -a output:

You should restart:
  * Some applications using:
      sudo systemctl restart NetworkManager
      sudo systemctl restart auditd
      sudo systemctl restart chronyd
      sudo systemctl restart crond
      sudo systemctl restart dbus-broker
      sudo systemctl restart gssproxy
      sudo systemctl restart irqbalance
      sudo systemctl restart rhsmcertd
      sudo systemctl restart rpcbind
      sudo systemctl restart sshd
      sudo systemctl restart systemd-journald
      sudo systemctl restart systemd-logind
      sudo systemctl restart systemd-udevd

  * These applications manually:
      (sd-pam)

  * These applications restarting your session:
      bash
      getty@tty1
      ssh-vagrant-session

  * These applications rebooting your computer:
      systemd

Here is the dnf needs-restarting output:

[root@rhel9 katello-host-tools]# dnf needs-restarting
Updating Subscription Management repositories.
1 : /usr/lib/systemd/systemd --system --deserialize 42 
534 : /usr/bin/rpcbind -w -f 
538 : /sbin/auditd 
559 : /usr/sbin/NetworkManager --no-daemon 
564 : /usr/lib/systemd/systemd-logind 
570 : /usr/sbin/chronyd -F 2 
574 : /usr/bin/dbus-broker-launch --scope system --audit 
578 : dbus-broker --log 4 --controller 9 --machine-id 1d74ad9f991d4d3eb78e0b2f33e7d45c --max-bytes 536870912 --max-fds 4096 --max-matches 131072 --audit 
587 : /usr/bin/rhsmcertd 
603 : /sbin/agetty -o -p -- \u --noclear - linux 
1950 : sshd: vagrant [priv] 
1954 : /usr/lib/systemd/systemd --user 
1957 : (sd-pam) 
1964 : sshd: vagrant@pts/0  
1965 : -bash 
1985 : sudo -i -u root 
1987 : -bash 
2068 : /usr/sbin/anacron -s

Also (sd-pam) seems to be an outlier since it's not a service. The old tracer reports it as needing "manual restart".

Here's it in systemctl status

           └─user.slice
             └─user-1000.slice
               ├─session-5.scope
               │ ├─ 1950 "sshd: vagrant [priv]"
               │ ├─ 1964 "sshd: vagrant@pts/0"
               │ ├─ 1965 -bash
               │ ├─ 1985 sudo -i -u root
               │ ├─ 1987 -bash
               │ ├─23256 systemctl status
               │ └─23257 less
               └─[email protected]
                 └─init.scope
                   ├─1954 /usr/lib/systemd/systemd --user
                   └─1957 "(sd-pam)"

[ianballou]

I'm thinking sudo might count under the session type?

[ianballou]

It looks like with old tracer, sudo is ignored:

vs

[root@rhel7 katello-host-tools]# tracer -a
You should restart:
  * Some applications using:
      sudo systemctl restart NetworkManager
      sudo systemctl restart NetworkManager
      sudo systemctl restart chronyd
      sudo systemctl restart crond
      sudo systemctl restart gssproxy
      sudo systemctl restart irqbalance
      sudo systemctl restart polkit
      sudo systemctl restart rhsmcertd
      sudo systemctl restart rpcbind
      sudo systemctl restart rsyslog
      sudo systemctl restart sshd
      sudo systemctl restart systemd-journald
      sudo systemctl restart systemd-logind
      sudo systemctl restart systemd-udevd
      sudo systemctl restart tuned

  * These applications manually:
      sudo

  * These applications restarting your session:
      bash
      getty@tty1
      ssh-vagrant-session

  * These applications rebooting your computer:
      dbus
      kernel
      systemd

This is on EL7.

[ianballou]

I think anything that the old tracer puts under the "manual restart" category can be ignored, like (sd-pam) and sudo.

[sbernhard]

I have added a workaround @ianballou

[ianballou]

Looking pretty much perfect! Just one small addition:

[ianballou]

Looking good, doing some final checks

[ianballou]

Okay, looking good to me!

[jeremylenz]

@sbernhard can you please fix the Redmine issue and/or squash? :)

[ianballou]

@sbernhard can you please fix the Redmine issue and/or squash? :)

I took care of it during the squash merge 👍

[jeremylenz]

oh right, of course squash fixes that 🙈