sethvargo/vault-secrets-gen

lstat /etc/vault/plugins/vault-secrets-gen: no such file or directory

paolodr opened this issue · 1 comments

After changing the server configuration from HTTP to HTTPS I'm not able to install the plugin.

**[root@vault1 ~]# vault write sys/plugins/catalog/secrets-gen \
>     sha_256="${SHA256}" \
>     command="vault-secrets-gen"
Error writing data to sys/plugins/catalog/secrets-gen: Error making API request.

URL: PUT https://<HOSTNAME>:8200/v1/sys/plugins/catalog/secrets-gen
Code: 500. Errors:

* 1 error occurred:

* error while validating the command path: lstat /etc/vault/plugins/vault-secrets-gen: no such file or directory**

It was installed with no problem when it was HTTP

Note that I'm running on RH7

  1. ls -la /etc/vault/plugins/vault-secrets-gen
    -rwxrwxrwx 1 vault vault 10792960 Sep 17 15:06 /etc/vault/plugins/vault-secrets-gen

  2. lstat /etc/vault/plugins/vault-secrets-gen
    -bash: lstat: command not found

  3. stat /etc/vault/plugins/vault-secrets-gen
    File: ‘/etc/vault/plugins/vault-secrets-gen’
    Size: 10792960 Blocks: 21080 IO Block: 4096 regular file
    Device: fd00h/64768d Inode: 135358957 Links: 1
    Access: (0777/-rwxrwxrwx) Uid: ( 996/ vault) Gid: ( 992/ vault)
    Access: 2019-12-17 16:47:59.648753680 -0500
    Modify: 2019-09-17 15:06:05.114094711 -0400
    Change: 2019-12-17 16:24:39.357357684 -0500

Current VAULT config

listener "tcp" {
   address          = "0.0.0.0:8200"
   cluster_address  = "<IP ADDRESS>5:8201"
   tls_disable      = 0
   tls_cert_file    = "/etc/vault/ssl/certificate.pem"
   tls_key_file     =  "/etc/vault/ssl/certificate.key"
   tls_disable_client_certs = true
}

api_addr         = "https://<HOSTNAME>:8200"
cluster_address  = "https://<HOSTNAME>:8201"
plugin_directory = "/etc/vault/plugins/"
cluster_name         = "vault"
raw_storage_endpoint     = true
disable_sealwrap     = true
disable_printable_check = true

This is a Vault core issue. Vault is trying to check for the existence of the plugin and it cannot on your system. Please open an issue on Vault core.