Seite 1 von 1

Verwenden eines Shares als Filedepot

Verfasst: 17 Jul 2019, 10:46
von Pachari
Nachdem die ersten Pakete erfolgreich zur Verfügung gestellt wurden, sollte das Depot auf eine andere Platte im Netzwerk ausgelagert werden. Diese steckt in einem Windowsserver, also diesen als neuen OPSI-Depot-Server zu verbinden geht erstmal nicht.
Ich habe die Platte in /etc/fstab eingetragen und kann sie auch mounten. Im opsiconfiged habe ich bei den Depot-Einstellungen die depotLocalUrl auf den Mountpfad (/media/software) gestellt. repositoryLocalUrl und workbenchLocalUrl hab ich auf den Standard-Werten in /var/lib/opsi/... gelassen.

Sobald ich jetzt ein Produkt mit opsi-package-manager -if installieren will, wird folgender Fehler geworfen.

Code: Alles auswählen

Errors occurred: 
   Failure while processing Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local':
      Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath'

ERROR: Failed to process command 'install': 1 errors during the processing of tasks.
Verbose:

Code: Alles auswählen

adminuser@opsiserver:/home/opsiproducts/sehitpath$ opsi-package-manager -ifvv *.opsi
[6] [Jul 17 10:55:46] * BackendManager is creating BackendDispatcher (BackendManager.py|226)
[6] [Jul 17 10:55:46] Backend context was set to <BackendManager()> (Backend.py|258)
[6] [Jul 17 10:55:46] Loading dispatch config file '/etc/opsi/backendManager/dispatch.conf' (BackendManager.py|323)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/opsipxeconfd.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/dhcpd.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:46] Executing: /bin/systemctl list-unit-files (Posix.py|849)
[6] [Jul 17 10:55:46] Using encoding 'UTF-8' (Posix.py|882)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/file.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:46] Loading backend config '/etc/opsi/backends/mysql.conf' (BackendManager.py|382)
[6] [Jul 17 10:55:46] Backend context was set to <BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)> (Backend.py|258)
[6] [Jul 17 10:55:47] Verifying modules file signature (MySQL.py|567)
[6] [Jul 17 10:55:47] Modules file signature verified (customer: opsivm basic license) (MySQL.py|592)
[6] [Jul 17 10:55:47] * BackendManager is creating ExtendedConfigDataBackend (BackendManager.py|231)
[6] [Jul 17 10:55:47] Setting context to backend <ExtendedConfigDataBackend(configDataBackend=<BackendDispatcher(dispatchConfigFile=u'/etc/opsi/backendManager/dispatch.conf', context=<BackendManager()>)>)> (Backend.py|495)
[6] [Jul 17 10:55:47] * BackendManager is creating BackendExtender (BackendManager.py|269)
[6] [Jul 17 10:55:47] Setting context to backend <BackendExtender()> (Backend.py|495)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/10_opsi.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/10_wim.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/20_legacy.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/30_kiosk.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/30_sshcommands.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/40_admin_tasks.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/40_groupActions.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/45_deprecated.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/70_dynamic_depot.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] Reading config file '/etc/opsi/backendManager/extend.d/70_wan.conf' (BackendManager.py|520)
[6] [Jul 17 10:55:47] OpsiPackageManager initiated (opsi-package-manager|698)
[6] [Jul 17 10:55:47] Getting meta data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' (Product.py|204)
[6] [Jul 17 10:55:47] Executing: /bin/cat "/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi" | /bin/cpio --quiet --extract --list (Posix.py|849)
[6] [Jul 17 10:55:47] Using encoding 'UTF-8' (Posix.py|882)
[6] [Jul 17 10:55:47] Executing: /bin/cat "/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi" | /bin/cpio --quiet --extract --make-directories --unconditional --preserve-modification-time --verbose --no-preserve-owner "OPSI*" (__init__.py|94)
[6] [Jul 17 10:55:47] Exit code: 0 (__init__.py|137)
[6] [Jul 17 10:55:47] Executing: /bin/zcat "/tmp/.opsi.unpack.rXi6L/OPSI/OPSI.cpio.gz" | /bin/cpio --quiet --extract --list (Posix.py|849)
[6] [Jul 17 10:55:47] Using encoding 'UTF-8' (Posix.py|882)
[6] [Jul 17 10:55:47] Executing: /bin/zcat "/tmp/.opsi.unpack.rXi6L/OPSI/OPSI.cpio.gz" | /bin/cpio --quiet --extract --make-directories --unconditional --preserve-modification-time --verbose --no-preserve-owner  (__init__.py|94)
[6] [Jul 17 10:55:47] Exit code: 0 (__init__.py|137)
[6] [Jul 17 10:55:47] Starting task queue 'Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local'' (opsi-package-manager|1311)
[6] [Jul 17 10:55:47] Path to package file on depot 'opsiserver.opsi.local' is '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' (opsi-package-manager|1333)
[5] [Jul 17 10:55:47] Installing package 'sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local' (opsi-package-manager|1345)
[6] [Jul 17 10:55:48] <JSONRPCBackend(host=u'opsiserver.opsi.local', deflate=False)>: Connected to service (JSONRPC.py|449)
[2] [Jul 17 10:55:49] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/JSONRPC.py", line 100, in processResult
    raise exception
 (Logger.py|798)
[2] [Jul 17 10:55:49]      ==>>> Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (JSONRPC.py|109)
[3] [Jul 17 10:55:49] Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|1416)
[2] [Jul 17 10:55:49] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/bin/opsi-package-manager", line 101, in start
    self.method(*self.params)
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/bin/opsi-package-manager", line 1380, in installPackage
    depotConnection.depot_installPackage(depotPackageFile, **installationParameters)
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "<string>", line 1, in depot_installPackage
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/JSONRPC.py", line 598, in _jsonRPC
    return jsonrpc.execute()
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/JSONRPC.py", line 146, in execute
    return self.waitForResult()
 (Logger.py|798)
[2] [Jul 17 10:55:49]   File "/usr/lib/python2.7/dist-packages/OPSI/Backend/Backend.py", line 208, in waitForResult
    raise self.error  # pylint: disable=raising-bad-type
 (Logger.py|798)
[2] [Jul 17 10:55:49]      ==>>> Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|103)
[3] [Jul 17 10:55:49] Task 'Install of package 'sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local'' failed: Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|650)
[6] [Jul 17 10:55:50] Cleaning up (opsi-package-manager|711)
[6] [Jul 17 10:55:50] Cleaning up (Product.py|77)
Errors occurred: 
[3] [Jul 17 10:55:50] Failure while processing Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local': (opsi-package-manager|1656)
   Failure while processing Install of package(s) /home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi on depot 'opsiserver.opsi.local':
[3] [Jul 17 10:55:50]       Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath' (opsi-package-manager|1659)
      Opsi rpc error: Backend error: Failed to install package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi' on depot 'opsiserver.opsi.local': Failed to extract data from package '/home/opsiproducts/sehitpath/sehitpath_1.1-1.opsi': [Errno 1] Operation not permitted: '/media/software/sehitpath'
[2] [Jul 17 10:55:50] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:50]   File "/usr/bin/opsi-package-manager", line 1621, in __init__
    self.processCommand()
 (Logger.py|798)
[2] [Jul 17 10:55:50]      ==>>> 1 errors during the processing of tasks. (opsi-package-manager|1623)
[2] [Jul 17 10:55:50] Traceback: (Logger.py|798)
[2] [Jul 17 10:55:50]   File "/usr/bin/opsi-package-manager", line 2064, in <module>
    OpsiPackageManagerControl()
 (Logger.py|798)
[2] [Jul 17 10:55:50]   File "/usr/bin/opsi-package-manager", line 1624, in __init__
    raise RuntimeError(u"Failed to process command '%s': %s" % (self.config['command'], processingError))
 (Logger.py|798)
[2] [Jul 17 10:55:50]      ==>>> Failed to process command 'install': 1 errors during the processing of tasks. (opsi-package-manager|2068)

ERROR: Failed to process command 'install': 1 errors during the processing of tasks.

opsi-set-rights habe ich ausgeführt, testweise erfolgte der Mount mit 777 Berechtigungen, also eigentlich Vollzugriff. Das tritt auch auf, wenn ich das Produkt mit sudo opsi-admin -d method unlockProduct sehitpath wieder entsperre.

Gruß Michael

Re: Verwenden eines Shares als Filedepot

Verfasst: 17 Jul 2019, 12:00
von ThomasT
Ist das ein CIFS Mount? Wenn ja, mit welchen Rechten ist denn der Mount-User auf dem Windows Server versehen? Also wie sind die NTFS Rechte?

Re: Verwenden eines Shares als Filedepot

Verfasst: 18 Jul 2019, 08:55
von Pachari
Ja, ist ein CIFS Mount. Hier der fstab Eintrag:

Code: Alles auswählen

//192.168.5.2/share/opsi_depot      /media/software cifs    credentials=/home/adminuser/.smbcredentials,file_mode=0777,dir_mode=0777 0 0
Auf dieses Verzeichnis habe ich Schreib- und Leserechte und das Laufwerk wird auch als 777 gemountet. Als user kann ich darauf auch lesen und schreiben.

Re: Verwenden eines Shares als Filedepot

Verfasst: 22 Jul 2019, 16:09
von n.wenselowski
Hi,

kann der User opsiconfd darauf auch zugreifen?

Re: Verwenden eines Shares als Filedepot

Verfasst: 23 Jul 2019, 09:16
von Pachari
Ja, der User opsiconfd kann auch darauf zugreifen.

Als andere Möglichkeit habe ich überlegt, ob nur die Setup-Files auf das CIFS Share raufkommen, da dies eh bei jedem Rechner gemountet ist. Aber da OPSI die Setup-Skripte als SYSTEM User auf Windows ausführt und SYSTEM nicht auf Netzwerklaufwerke zugreifen kann, funktioniert das auch nicht. Ich habe auch versucht, die Setup-Files mit

Code: Alles auswählen

[DOSbatch_Copy]
runas /noprofile /user:Benutzer "cmd \c cp "S:\Software\Programm\setup.exe" "C:\tmp\""
als angemeldeter Benutzer zu kopieren, doch dieser Befehl wurde mit Fehler 5: Zugriff verweigert.

Ich habe gelesen, dass [Winbatch] /RunAsLogonUser auch nur beim Einloggen funktioniert, das entspricht leider auch nicht dem gewünschten Verhalten.

EDIT: Wenn ich als SYSTEM das Laufwerk mounte, kann ich darauf auch zugreifen und Programm installieren!

Code: Alles auswählen

[DOSbatch_Mount]
net use y: \\Software /user:Domäne\Benutzer

[Winbatch_Setup]
"y:\Programm\setup.exe" /S