Verwenden eines Shares als Filedepot

Pachari
Beiträge: 6
Registriert: 15 Jul 2019, 11:54

Verwenden eines Shares als Filedepot

Beitragvon Pachari » 17 Jul 2019, 10:46

Nachdem die ersten Pakete erfolgreich zur Verfügung gestellt wurden, sollte das Depot auf eine andere Platte im Netzwerk ausgelagert werden. Diese steckt in einem Windowsserver, also diesen als neuen OPSI-Depot-Server zu verbinden geht erstmal nicht.
Ich habe die Platte in /etc/fstab eingetragen und kann sie auch mounten. Im opsiconfiged habe ich bei den Depot-Einstellungen die depotLocalUrl auf den Mountpfad (/media/software) gestellt. repositoryLocalUrl und workbenchLocalUrl hab ich auf den Standard-Werten in /var/lib/opsi/... gelassen.

Sobald ich jetzt ein Produkt mit opsi-package-manager -if installieren will, wird folgender Fehler geworfen.

Code: Alles auswählen

Errors occurred:
   Failure while processing Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local':
      Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath'

ERROR: Failed to process command 'install': 1 errors during the processing of tasks.


Verbose:

Code: Alles auswählen

adminuser@opsiserver:/home/opsiproducts/sehitpath$ opsi-package-manager -ifvv *.opsi
[6] [Jul 17 10:55:46] * BackendManager is creating BackendDispatcher (BackendManager.py|226)
[6] [Jul 17 10:55:46] Backend context was set to <BackendManager()> (Backend.py|258)
[6] [Jul 17 10:55:46] Loading dispatch config file '/etc/opsi/backendManager/dispatch.conf' (BackendManager.py|323)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/opsipxeconfd.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/dhcpd.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:46] Executing: /bin/systemctl list-unit-files (Posix.py|849)
[6] [Jul 17 10:55:46] Using encoding 'UTF-8' (Posix.py|882)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/file.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/mysql.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:47] Verifying modules file signature (MySQL.py|567)
[6] [Jul 17 10:55:47] Modules file signature verified (customer: opsivm basic license) (MySQL.py|592)
[6] [Jul 17 10:55:47] * BackendManager is creating ExtendedConfigDataBackend (BackendManager.py|231)
[6] [Jul 17 10:55:47] Setting context to backend <ExtendedConfigDataBackend(configDataBackend=<BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)>)> (Backend.py|495)
[6] [Jul 17 10:55:47] * BackendManager is creating BackendExtender (BackendManager.py|269)
[6] [Jul 17 10:55:47] Setting context to backend <BackendExtender()> (Backend.py|495)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/10_opsi.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/10_wim.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/20_legacy.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/30_kiosk.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/30_sshcommands.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/40_admin_tasks.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/40_groupActions.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/45_deprecated.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/70_dynamic_depot.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/70_wan.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] OpsiPackageManager initiated (opsi-package-manager|698)
[6] [Jul 17 10:55:47] Getting meta data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' (Product.py|204)
[6] [Jul 17 10:55:47] Executing: /bin/cat "/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi" | /bin/cpio --quiet --extract --list (Posix.py|849)
[6] [Jul 17 10:55:47] Using encoding 'UTF-8' (Posix.py|882)
[6] [Jul 17 10:55:47] Executing: /bin/cat "/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi" | /bin/cpio --quiet --extract --make-directories --unconditional --preserve-modification-time --verbose --no-preserve-owner "OPSI*" (__init__.py|94)
[6] [Jul 17 10:55:47] Exit code: 0 (__init__.py|137)
[6] [Jul 17 10:55:47] Executing: /bin/zcat "/tmp/.opsi.unpack.rXi6L/OPSI/OPSI.cpio.gz" | /bin/cpio --quiet --extract --list (Posix.py|849)
[6] [Jul 17 10:55:47] Using encoding 'UTF-8' (Posix.py|882)
[6] [Jul 17 10:55:47] Executing: /bin/zcat "/tmp/.opsi.unpack.rXi6L/OPSI/OPSI.cpio.gz" | /bin/cpio --quiet --extract --make-directories --unconditional --preserve-modification-time --verbose --no-preserve-owner  (__init__.py|94)
[6] [Jul 17 10:55:47] Exit code: 0 (__init__.py|137)
[6] [Jul 17 10:55:47] Starting task queue 'Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local'' (opsi-package-manager|1311)
[6] [Jul 17 10:55:47] Path to package file on depot 'opsiserver.opsi.local' is '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' (opsi-package-manager|1333)
[5] [Jul 17 10:55:47] Installing package 'sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local' (opsi-package-manager|1345)
[6] [Jul 17 10:55:48] <JSONRPCBackend(host=u'opsiserver.opsi.local', deflate=False)>: Connected to service (JSONRPC.py|449)
[2] [Jul 17 10:55:49] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/JSONRPC.py", line 100, in processResult
    raise exception
 (Logger.py|798)
[2] [Jul 17 10:55:49]      ==>>> Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (JSONRPC.py|109)
[3] [Jul 17 10:55:49] Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|1416)
[2] [Jul 17 10:55:49] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/bin/opsi-package-manager", line 101, in start
    self.method(*self.params)
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/bin/opsi-package-manager", line 1380, in installPackage
    depotConnection.depot_installPackage(depotPackageFile, **installationParameters)
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "<string>", line 1, in depot_installPackage
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/JSONRPC.py", line 598, in _jsonRPC
    return jsonrpc.execute()
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/JSONRPC.py", line 146, in execute
    return self.waitForResult()
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/Backend.py", line 208, in waitForResult
    raise self.error  # pylint: disable=raising-bad-type
 (Logger.py|798)
[2] [Jul 17 10:55:49]      ==>>> Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|103)
[3] [Jul 17 10:55:49] Task 'Install of package 'sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local'' failed: Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|650)
[6] [Jul 17 10:55:50] Cleaning up (opsi-package-manager|711)
[6] [Jul 17 10:55:50] Cleaning up (Product.py|77)
Errors occurred:
[3] [Jul 17 10:55:50] Failure while processing Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local': (opsi-package-manager|1656)
   Failure while processing Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local':
[3] [Jul 17 10:55:50]       Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|1659)
      Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath'
[2] [Jul 17 10:55:50] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:50]   File "/usr/bin/opsi-package-manager", line 1621, in __init__
    self.processCommand()
 (Logger.py|798)
[2] [Jul 17 10:55:50]      ==>>> 1 errors during the processing of tasks. (opsi-package-manager|1623)
[2] [Jul 17 10:55:50] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:50]   File "/usr/bin/opsi-package-manager", line 2064, in <module>
    OpsiPackageManagerControl()
 (Logger.py|798)
[2] [Jul 17 10:55:50]   File "/usr/bin/opsi-package-manager", line 1624, in __init__
    raise RuntimeError(u"Failed to process command '%s': %s" % (self.config['command'], processingError))
 (Logger.py|798)
[2] [Jul 17 10:55:50]      ==>>> Failed to process command 'install': 1 errors during the processing of tasks. (opsi-package-manager|2068)

ERROR: Failed to process command 'install': 1 errors during the processing of tasks.



opsi-set-rights habe ich ausgeführt, testweise erfolgte der Mount mit 777 Berechtigungen, also eigentlich Vollzugriff. Das tritt auch auf, wenn ich das Produkt mit sudo opsi-admin -d method unlockProduct sehitpath wieder entsperre.

Gruß Michael

Benutzeravatar
ThomasT
uib-Team
Beiträge: 146
Registriert: 26 Jun 2013, 12:26

Re: Verwenden eines Shares als Filedepot

Beitragvon ThomasT » 17 Jul 2019, 12:00

Ist das ein CIFS Mount? Wenn ja, mit welchen Rechten ist denn der Mount-User auf dem Windows Server versehen? Also wie sind die NTFS Rechte?
Kein Support per DM!
_________________________
opsi support - https://www.uib.de/
For productive opsi installations we recommend support contracts.

Pachari
Beiträge: 6
Registriert: 15 Jul 2019, 11:54

Re: Verwenden eines Shares als Filedepot

Beitragvon Pachari » 18 Jul 2019, 08:55

Ja, ist ein CIFS Mount. Hier der fstab Eintrag:

Code: Alles auswählen

//192.168.5.2/share/opsi_depot      /media/software cifs    credentials=/home/adminuser/.smbcredentials,file_mode=0777,dir_mode=0777 0 0


Auf dieses Verzeichnis habe ich Schreib- und Leserechte und das Laufwerk wird auch als 777 gemountet. Als user kann ich darauf auch lesen und schreiben.

Benutzeravatar
n.wenselowski
uib-Team
Beiträge: 3120
Registriert: 04 Apr 2013, 12:15

Re: Verwenden eines Shares als Filedepot

Beitragvon n.wenselowski » 22 Jul 2019, 16:09

Hi,

kann der User opsiconfd darauf auch zugreifen?
opsi development - uib gmbh
For productive opsi installations we recommend support contracts.

Pachari
Beiträge: 6
Registriert: 15 Jul 2019, 11:54

Re: Verwenden eines Shares als Filedepot

Beitragvon Pachari » 23 Jul 2019, 09:16

Ja, der User opsiconfd kann auch darauf zugreifen.

Als andere Möglichkeit habe ich überlegt, ob nur die Setup-Files auf das CIFS Share raufkommen, da dies eh bei jedem Rechner gemountet ist. Aber da OPSI die Setup-Skripte als SYSTEM User auf Windows ausführt und SYSTEM nicht auf Netzwerklaufwerke zugreifen kann, funktioniert das auch nicht. Ich habe auch versucht, die Setup-Files mit

Code: Alles auswählen

[DOSbatch_Copy]
runas /noprofile /user:Benutzer "cmd \c cp "S:\Software\Programm\setup.exe" "C:\tmp\""
als angemeldeter Benutzer zu kopieren, doch dieser Befehl wurde mit Fehler 5: Zugriff verweigert.

Ich habe gelesen, dass [Winbatch] /RunAsLogonUser auch nur beim Einloggen funktioniert, das entspricht leider auch nicht dem gewünschten Verhalten.

EDIT: Wenn ich als SYSTEM das Laufwerk mounte, kann ich darauf auch zugreifen und Programm installieren!

Code: Alles auswählen

[DOSbatch_Mount]
net use y: \\Software /user:Domäne\Benutzer

[Winbatch_Setup]
"y:\Programm\setup.exe" /S