Is this a critical security issue?
Describe the Bug
We are currently investigating a significant issue.
OpenVox (puppet) agent runs in the SLES 16 unattended installation in a post script. The entire process runs in a chroot environment.
What we observe is that we have an /etc/resolv.conf file BEFORE OpenVox Agent is executed, but it is no longer present AFTER execution.
During host provisioning, “puppet agent --test --noop” is executed to complete the CSR. Its only about attaching the host to the puppetserver - it is NOT about configuring any configuration file.
DURING the execution of "puppet agent", name resolution suddenly fails. Before running puppet agent: /etc/resolv.conf is present. After executing “puppet agent --test --noop,” the file /etc/resolv.conf is missing.
Even DURING execution, openvox cannot complete all requests to the pupeptserver because something is removing the /etc/resolv.conf file.
We also tried to replace the "puppet agent --test --noop" with "puppet ssl bootstrap". In this case, the whole puppet request blocks forever.
Is there anything in OpenVox, which would suddenly remove the /etc/resolv.conf and would therefore make it impossible to do nameserver loookup? Maybe running systemd command or NetworkManager?
Expected Behavior
/etc/resolv.conf is untouched and the CSR can be completed.
Steps to Reproduce
- Start SLES16 unattended installation
- run puppet agent in post script for CSR
Environment
SLES16 (we have used the SLES15 packages which work fine)
OpenVox 8.23.1
Additional Context
No response
Relevant log output
Is this a critical security issue?
Describe the Bug
We are currently investigating a significant issue.
OpenVox (puppet) agent runs in the SLES 16 unattended installation in a post script. The entire process runs in a chroot environment.
What we observe is that we have an /etc/resolv.conf file BEFORE OpenVox Agent is executed, but it is no longer present AFTER execution.
During host provisioning, “puppet agent --test --noop” is executed to complete the CSR. Its only about attaching the host to the puppetserver - it is NOT about configuring any configuration file.
DURING the execution of "puppet agent", name resolution suddenly fails. Before running puppet agent: /etc/resolv.conf is present. After executing “puppet agent --test --noop,” the file /etc/resolv.conf is missing.
Even DURING execution, openvox cannot complete all requests to the pupeptserver because something is removing the /etc/resolv.conf file.
We also tried to replace the "puppet agent --test --noop" with "puppet ssl bootstrap". In this case, the whole puppet request blocks forever.
Is there anything in OpenVox, which would suddenly remove the /etc/resolv.conf and would therefore make it impossible to do nameserver loookup? Maybe running systemd command or NetworkManager?
Expected Behavior
/etc/resolv.conf is untouched and the CSR can be completed.
Steps to Reproduce
Environment
SLES16 (we have used the SLES15 packages which work fine)
OpenVox 8.23.1
Additional Context
No response
Relevant log output