Looking for the log for the failed fixlet - it appears that the fixlet destroyed the evidence :)

anepomn · July 16, 2019, 2:17pm

Number of fixlets have failed on the Linux clients last night. No packages have been installed or updated, the action was showing as “Failed” in the BigFix console.

Is there a way to find the details - it appears that the fixlet destroyed the evidence after completion, I see “delete” commands in the log.

Investigation:
I looked at “/var/opt/BESClient/__BESData/__Global/Logs/20190715.log”, searching for “RHSA-2019:1294 - Bind Security Update - Red Hat Enterprise Linux 7 (x86_64)”.

By looking at the log below I have decided that fixlet was trying to run:
yum install bind-libs-9.9.4-74.el7_6.1.x86_64 bind-libs-lite-9.9.4-74.el7_6.1.x86_64 bind-license-9.9.4-74.el7_6.1.noarch bind-utils-9.9.4-74.el7_6.1.x86_64

I have run the command above and it completed successfully (causing the action status to change to completed ).

====== fragment of the log =====
Command succeeded parameter “t17” = “” (group:2441275,action:2441276)
Command succeeded parameter “t18” = “” (group:2441275,action:2441276)
Command succeeded parameter “t19” = “bind-utils-9.9.4-74.el7_6.1.x86_64” (group:2441275,action:2441276)
Command succeeded parameter “packages” = " bind-libs-9.9.4-74.el7_6.1.x86_64 bind-libs-lite-9.9.4-74.el7_6.1.x86_64 bind-license-9.9.4-74.el7_6.1 .noarch bind-utils-9.9.4-74.el7_6.1.x86_64" (group:2441275,action:2441276)
Command succeeded parameter “outputfile” = “/var/opt/BESClient/EDRDeployData//MultiPkgInstall.txt” (group:2441275,action:2441276)
Command succeeded parameter “flag” = “/var/opt/BESClient/EDRDeployData//opsite141-MultiPkgInstallFlag.txt” (group:2441275,action:2441276)
Command succeeded parameter “expire_timestamp” = “Mon, 15 Jul 2019 23:18:52 -0500” (group:2441275,action:2441276)
Command started - wait “/bin/bash” -c “TMPDIR=’/var/opt/BESClient/__BESData/Patches for RHEL 7’ ‘/var/opt/BESClient/__BESData/Patches for RHEL 7/redha t-client-x64’ --log_level ‘20’ --id ‘2441276’ --exit_code_file ‘/var/opt/BESClient/EDRDeployData//EDR_ExitCode_2441276’ --log_file ‘/var/opt/BESClient/ED RDeployData//EDR_DeploymentResults.txt’ yum_run --yumconfig ‘/var/opt/BESClient/EDRDeployData//EDR_Yumconfig_2441276’ --yum_cmd ‘install’ bind-libs- 9.9.4-74.el7_6.1.x86_64 bind-libs-lite-9.9.4-74.el7_6.1.x86_64 bind-license-9.9.4-74.el7_6.1.noarch bind-utils-9.9.4-74.el7_6.1.x86_64” (group :2441275,action:2441276)
Command succeeded (Exit Code=0) wait “/bin/bash” -c “TMPDIR=’/var/opt/BESClient/__BESData/Patches for RHEL 7’ ‘/var/opt/BESClient/__BESData/Patches fo r RHEL 7/redhat-client-x64’ --log_level ‘20’ --id ‘2441276’ --exit_code_file ‘/var/opt/BESClient/EDRDeployData//EDR_ExitCode_2441276’ --log_file ‘/var/op t/BESClient/EDRDeployData//EDR_DeploymentResults.txt’ yum_run --yumconfig ‘/var/opt/BESClient/EDRDeployData//EDR_Yumconfig_2441276’ --yum_cmd ‘install’ bind-libs-9.9.4-74.el7_6.1.x86_64 bind-libs-lite-9.9.4-74.el7_6.1.x86_64 bind-license-9.9.4-74.el7_6.1.noarch bind-utils-9.9.4-74.el7_6.1. x86_64” (group:2441275,action:2441276)
Command succeeded parameter “exit_code” = “1” (group:2441275,action:2441276)
Command succeeded delete “/var/opt/BESClient/EDRDeployData//EDR_RepoList_2441276” (group:2441275,action:2441276)
Command succeeded delete “/var/opt/BESClient/EDRDeployData//EDR_ExitCode_2441276” (group:2441275,action:2441276)
Command succeeded delete “/var/opt/BESClient/EDRDeployData//EDR_Yumconfig_2441276” (group:2441275,action:2441276)
Command succeeded delete “/var/opt/BESClient/EDRDeployData//EDR_RepomdRequest_2441276” (group:2441275,action:2441276)
Command succeeded delete “/var/opt/BESClient/EDRDeployData//EDR_RepomdMapping_2441276” (group:2441275,action:2441276)
====== end of the log =====

Thank you,
Aleksandr

JasonWalker · July 16, 2019, 2:27pm

The RHSM Plugin creates several temporary files during its processing that are cleaned up after the action runs. It should leave behind a single log file to which you should refer for your troubleshooting - /var/opt/BESClient/EDRDeployData/EDR_DeploymentResults.txt

anepomn · July 16, 2019, 3:16pm

Jason,
Thanks for looking!

I have rerun the fixlet and noticed the lines below in “/var/opt/BESClient/EDRDeployData/EDR_DeploymentResults.txt”.
I think that the config file for yum ( /var/opt/BESClient/EDRDeployData//EDR_Yumconfig_2441287 specified after ‘-c’ ) has an error

28104 : 2019-07-16 09:47:18 : INFO : Start Task ID: 2441287
28104 : 2019-07-16 09:47:18 : INFO : RHEL-Patch-Client at version 2.0.1.0
28104 : 2019-07-16 09:47:18 : INFO : 01 setup and request repomd.xml
28104 : 2019-07-16 09:47:18 : WARNING : Repo list is empty for OS: server-7-x86_64
28106 : 2019-07-16 09:47:18 : INFO : 03 lock repo data
28109 : 2019-07-16 09:47:18 : INFO : 04 dependency resolution and request packages
28109 : 2019-07-16 09:47:18 : WARNING : Repo list is empty for OS: server-7-x86_64
28109 : 2019-07-16 09:47:18 : INFO : Download Plugin mode.
28109 : 2019-07-16 09:47:18 : INFO : Run cmd: env: {} cmd: yum --verbose --cacheonly -c /var/opt/BESClient/EDRDeployData//EDR_Yumconfig_2441287 --bf_dependency_resolution install --assumeyes bind-utils-9.9.4-74.el7_6.1.x86_64 bind-libs-9.9.4-74.el7_6.1.x86_64 bind-libs-lite-9.9.4-74.el7_6.1.x86_64 bind-license-9.9.4-74.el7_6.1.noarch
28109 : 2019-07-16 09:47:18 : INFO : Set timout: 45 seconds
28109 : 2019-07-16 09:47:18 : ERROR : Dependency resolution failed.
28109 : 2019-07-16 09:47:18 : ERROR : Exit Code: 1
Loading “yum-rhsmplugin” plugin
Config time: 0.011
Yum version: 3.4.3
Setting up Package Sacks

There are no enabled repos.
Run “yum repolist all” to see the repos you have.
To enable Red Hat Subscription Management repositories:
subscription-manager repos --enable
To enable custom repositories:
yum-config-manager --enable

28113 : 2019-07-16 09:47:19 : ERROR : yum command not continue, last command exit code is not 0

Have to mention that simple “yum install bind-utils-9.9.4-74.el7_6.1.x86_64 bind-libs-9.9.4-74.el7_6.1.x86_64 bind-libs-lite-9.9.4-74.el7_6.1.x86_64 bind-license-9.9.4-74.el7_6.1.noarch” works as expected.

JasonWalker · July 16, 2019, 4:16pm

So the repos that it is looking for are the ones supplied by the RHSMDownloadPlugin on the BigFix server…do you have that installed & configured?

anepomn · July 17, 2019, 1:35am

Jason,
Thanks again!
Looks like we had an issue wit the RHN certificate - redownloading certificate from redhat.com and uploading it to the BigFix server helped.

Thank you,
Aleksandr

JBarter · July 17, 2019, 4:38pm

Be careful of what subscription you attach Bigfix to as they will expire repeatedly if attached to a “Virtual Datacenter” subscription. Check the “Creating the RHSM entitlement certificates” section on the page below for more details.

https://www.ibm.com/developerworks/community/wikis/home?lang=en#!/wiki/Tivoli%20Endpoint%20Manager/page/Using%20the%20Red%20Hat%20Subscription%20Management%20(RHSM)%20download%20plug-in