Project

General

Profile

Bug #17566

TFTP provisioning fails when grub2 directory does not exist

Added by Matt Spaulding over 4 years ago. Updated over 4 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
TFTP
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

After installation of the OS is complete the PXE boot configuration does not get switched to boot off the local disk. This is because the REST call to the tftp smart proxy fails with the following error:

D, [2016-12-02T19:11:06.479408 #2523] DEBUG -- : require_ssl_client_verification: skipping, non-HTTPS request
E, [2016-12-02T19:11:06.480301 #2523] ERROR -- : TFTP: Failed to create pxe config file: Permission denied - /tftpboot/grub2
D, [2016-12-02T19:11:06.480358 #2523] DEBUG -- : Permission denied - /tftpboot/grub2 (Errno::EACCES)
/usr/share/ruby/fileutils.rb:245:in `mkdir'
/usr/share/ruby/fileutils.rb:245:in `fu_mkdir'
/usr/share/ruby/fileutils.rb:219:in `block (2 levels) in mkdir_p'
/usr/share/ruby/fileutils.rb:217:in `reverse_each'
/usr/share/ruby/fileutils.rb:217:in `block in mkdir_p'
/usr/share/ruby/fileutils.rb:203:in `each'
/usr/share/ruby/fileutils.rb:203:in `mkdir_p'
/usr/share/foreman-proxy/modules/tftp/server.rb:51:in `write_file'
/usr/share/foreman-proxy/modules/tftp/server.rb:11:in `block in set'
/usr/share/foreman-proxy/modules/tftp/server.rb:10:in `each'
/usr/share/foreman-proxy/modules/tftp/server.rb:10:in `set'
/usr/share/foreman-proxy/modules/tftp/tftp_api.rb:23:in `block in create'
/usr/share/foreman-proxy/lib/proxy/helpers.rb:14:in `log_halt'
/usr/share/foreman-proxy/modules/tftp/tftp_api.rb:23:in `create'
/usr/share/foreman-proxy/modules/tftp/tftp_api.rb:49:in `block in <class:Api>'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:1292:in `call'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:1292:in `block in compile!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:860:in `[]'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:860:in `block (3 levels) in route!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:876:in `route_eval'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:860:in `block (2 levels) in route!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:897:in `block in process_route'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:895:in `catch'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:895:in `process_route'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:859:in `block in route!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:858:in `each'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:858:in `route!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:963:in `block in dispatch!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:946:in `block in invoke'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:946:in `catch'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:946:in `invoke'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:960:in `dispatch!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:794:in `block in call!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:946:in `block in invoke'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:946:in `catch'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:946:in `invoke'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:794:in `call!'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:780:in `call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/commonlogger.rb:33:in `call'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:161:in `call'
/usr/share/foreman-proxy/lib/proxy/log.rb:63:in `call'
/usr/share/gems/gems/rack-protection-1.5.3/lib/rack/protection/xss_header.rb:18:in `call'
/usr/share/gems/gems/rack-protection-1.5.3/lib/rack/protection/path_traversal.rb:16:in `call'
/usr/share/gems/gems/rack-protection-1.5.3/lib/rack/protection/json_csrf.rb:18:in `call'
/usr/share/gems/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/usr/share/gems/gems/rack-protection-1.5.3/lib/rack/protection/base.rb:49:in `call'
/usr/share/gems/gems/rack-protection-1.5.3/lib/rack/protection/frame_options.rb:31:in `call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/nulllogger.rb:9:in `call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/head.rb:13:in `call'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/showexceptions.rb:21:in `call'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:124:in `call'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:1417:in `block in call'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:1499:in `synchronize'
/usr/share/gems/gems/sinatra-1.3.5/lib/sinatra/base.rb:1417:in `call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/urlmap.rb:66:in `block in call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/urlmap.rb:50:in `each'
/usr/share/gems/gems/rack-1.6.4/lib/rack/urlmap.rb:50:in `call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/builder.rb:153:in `call'
/usr/share/gems/gems/rack-1.6.4/lib/rack/handler/webrick.rb:88:in `service'
/usr/share/ruby/webrick/httpserver.rb:138:in `service'
/usr/share/ruby/webrick/httpserver.rb:94:in `run'
/usr/share/ruby/webrick/server.rb:295:in `block in start_thread'
I, [2016-12-02T19:11:06.480913 #2523]  INFO -- : 10.123.0.100 - - [02/Dec/2016:19:11:06 +0000] "POST /tftp/PXEGrub2/00:50:56:84:35:df HTTP/1.1" 400 75 0.0051

When I create the grub2 directory installations succeed and PXE boot gets switched to local disk like expected. It doesn't appear that any files get written to the grub2 directory so not sure why the check is needed.


Related issues

Related to Katello - Bug #17639: Upgrade fails if /var/lib/tfpboot/grub2 is not pre-createdClosed2016-12-12

History

#2 Updated by Dominic Cleal over 4 years ago

  • Category set to TFTP

#3 Updated by Lukas Zapletal over 4 years ago

Was there any PXEGrub2 template associated with the host?

Can you share the proxy.log bit after you created the missing directory? If there was a file written, this should have been logged.

#4 Updated by Dmitri Dolguikh over 4 years ago

This is due to permissions on /var/lib/tftpboot (or w/e directory is used as tftp root). By default it's owned by root:root with 0755 mask, which prevents proxy process from creating any sub-directories. Directories under tftp root required by various PXE flavours are created automatically by foreman installer. These directories are not created when packages are used for installation.

As mentioned in the description of the problem, creating missing sub-directories resolves the problem. An alternative approach would be to change the group ownership and permissions on tftp root directory to allow proxy process to create sub-directories under tftp root.

#5 Updated by Lukas Zapletal over 4 years ago

I will add to that that the installer should take care of the directories:

https://github.com/theforeman/foreman-installer/commit/78e5b78360daa21df1d2541994abd8e2849ed947

there was a bug in katello scenario missing the migration, tracked as #17639

#6 Updated by Dmitri Dolguikh over 4 years ago

  • Related to Bug #17639: Upgrade fails if /var/lib/tfpboot/grub2 is not pre-created added

Also available in: Atom PDF