win_firewall.py & win_reg.py returning execeptions
Closed this issue · 6 comments
installed new salt-master, hubblestack & minions today...
root@master:~# salt 'win*' hubble.audit verbose=True
win2012r2:
----------
Compliance:
26%
Errors:
|_
----------
\win_firewall.py:
----------
data:
IndexError: list index out of range
error:
exception occurred
|_
----------
\win_reg.py:
----------
data:
AttributeError: 'NoneType' object has no attribute 'get'
error:
exception occurred
Salt master details:
root@master:~# salt --versions
Salt Version:
Salt: 2016.3.4
Dependency Versions:
cffi: Not Installed
cherrypy: Not Installed
dateutil: 2.5.3
gitdb: 0.6.4
gitpython: 1.0.1
ioflo: Not Installed
Jinja2: 2.8
libgit2: Not Installed
libnacl: Not Installed
M2Crypto: Not Installed
Mako: Not Installed
msgpack-pure: Not Installed
msgpack-python: 0.4.6
mysql-python: Not Installed
pycparser: Not Installed
pycrypto: 2.6.1
pygit2: Not Installed
Python: 2.7.12 (default, Jul 1 2016, 15:12:24)
python-gnupg: 0.3.8
PyYAML: 3.12
PyZMQ: 15.2.0
RAET: Not Installed
smmap: 0.9.0
timelib: Not Installed
Tornado: 4.2.1
ZMQ: 4.1.4
System Versions:
dist: Ubuntu 16.04 xenial
machine: x86_64
release: 4.4.0-38-generic
system: Linux
version: Ubuntu 16.04 xenial
root@master:~#
windows minion detail:
root@master:~# salt 'win*' test.versions
win2012r2:
Salt Version:
Salt: 2016.3.4
Dependency Versions:
cffi: 1.6.0
cherrypy: 5.3.0
dateutil: 2.5.3
gitdb: 0.6.4
gitpython: 2.0.2
ioflo: 1.5.3
Jinja2: 2.8
libgit2: Not Installed
libnacl: 1.4.5
M2Crypto: Not Installed
Mako: 1.0.4
msgpack-pure: Not Installed
msgpack-python: 0.4.7
mysql-python: Not Installed
pycparser: 2.14
pycrypto: 2.6.1
pygit2: Not Installed
Python: 2.7.12 (v2.7.12:d33e0cf91556, Jun 27 2016, 15:24:40) [MSC v.1500 64 bit (AMD64)]
python-gnupg: 0.3.8
PyYAML: 3.11
PyZMQ: 15.2.0
RAET: Not Installed
smmap: 0.9.0
timelib: 0.2.4
Tornado: 4.3
ZMQ: 4.1.2
System Versions:
dist:
machine: AMD64
release: 8.1
system: Windows
version: 8.1 6.3.9600 Multiprocessor Free
root@master:~#
windows 2012r2 or 2008r2 standard or datacenter show same issue
What version of nova did you install?
hubblestack_nova-2016.10.2-1.spm
hubblestack_nova_profiles-20161101-1.spm
Could you get us some debug logs? The easiest way is to go to the server in question, and run it with salt-call. On windows, I think this should work:
C:\salt\salt-call.bat -ldebug hubble.audit verbose=True
The logs will be long, please don't just paste them here, put them in gist.github.com or similar. But they should point us to the underlying errors so we can fix them.
I'm pretty certain both of these bugs have been fixed.
The first error has been fixed in v2016.10.2, in the python code. I think you may have forgotten to run salt '*' -saltutil.sync_all when you last upgraded. In the stacktrace you posted from your debug logs, it shows a different Line 235 than the one in v2016.10.2
The second error I'm pretty certain was fixed in the latest versions of the profiles. It was fixed here, we had some duplicate identifiers.
Are you on the latest hubblestack_nova_profiles? I'm not sure what our packaging status is there, perhaps I need to ping @cedwards to make sure we have the latest profiles up in the latest spm package.
You can test to make sure that's the case by dropping https://github.com/HubbleStack/Nova/blob/v2016.10.2/hubblestack_nova_profiles/cis/windows-2012r2-level-1-scored-v2-0-0.yaml into /srv/spm/salt/hubblestack_nova_profiles/cis/ on your master. (I'm pretty sure that's the location, a file by the same name should already be there)
Keep me posted if those solve your problems.
This issue was moved to hubblestack/hubble-salt#44