You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was configuring LDAP authentication and I created a service account in my ad domain called svc-duo-proxy. I randomly generated a password. this password contained a '$'. This caused the st2auth service constantly crash.
LDAP auth configuration should support $ with the password.
Actual Results
The st2 auth service crash with the following python error
2023-10-23 10:18:41 +0000] [2000] [INFO] Starting gunicorn 20.1.0
[2023-10-23 10:18:41 +0000] [2000] [INFO] Listening at: http://127.0.0.1:9100 (2000)
[2023-10-23 10:18:41 +0000] [2000] [INFO] Using worker: eventlet
[2023-10-23 10:18:41 +0000] [2002] [INFO] Booting worker with pid: 2002
2023-10-23 10:18:41,884 140607890677424 INFO app [-] Creating st2auth: StackStorm v3.8.0 as OpenAPI app.
[2023-10-23 10:18:42 +0000] [2002] [ERROR] Exception in worker process
Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2260, in _get
raise KeyError
KeyError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2630, in __getitem__
value = self.conf._get(option, group=group,
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2264, in _get
value = self._do_get(name, group, namespace)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2282, in _do_get
info = self._get_opt_info(name, group)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2415, in _get_opt_info
raise NoSuchOptError(opt_name, group)
oslo_config.cfg.NoSuchOptError: no such option in group auth: TtBB
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2260, in _get
raise KeyError
KeyError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/arbiter.py", line 589, in spawn_worker
worker.init_process()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/workers/geventlet.py", line 134, in init_process
super().init_process()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/workers/base.py", line 134, in init_process
self.load_wsgi()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/workers/base.py", line 146, in load_wsgi
self.wsgi = self.app.wsgi()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/app/base.py", line 67, in wsgi
self.callable = self.load()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/app/wsgiapp.py", line 58, in load
return self.load_wsgiapp()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/app/wsgiapp.py", line 48, in load_wsgiapp
return util.import_app(self.app_uri)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/gunicorn/util.py", line 359, in import_app
mod = importlib.import_module(module)
File "/usr/lib/python3.8/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1014, in _gcd_import
File "<frozen importlib._bootstrap>", line 991, in _find_and_load
File "<frozen importlib._bootstrap>", line 975, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 671, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 848, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2auth/wsgi.py", line 39, in <module>
application = app.setup_app(config)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2auth/app.py", line 56, in setup_app
common_setup(
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2common/service_setup.py", line 125, in setup
config.parse_args(config_args)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/st2auth/config.py", line 31, in parse_args
cfg.CONF(
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 1876, in __call__
self._namespace = self._parse_cli_opts(args if args is not None
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2451, in _parse_cli_opts
return self._parse_config_files()
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2470, in _parse_config_files
self._validate_cli_options(namespace)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2483, in _validate_cli_options
value = self._substitute(value, group=group, namespace=namespace)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2348, in _substitute
ret = tmpl.safe_substitute(
File "/usr/lib/python3.8/string.py", line 147, in safe_substitute
return self.pattern.sub(convert, self.template)
File "/usr/lib/python3.8/string.py", line 138, in convert
return str(mapping[named])
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2633, in __getitem__
value = self.conf._get(key, namespace=self.namespace)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2264, in _get
value = self._do_get(name, group, namespace)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2282, in _do_get
info = self._get_opt_info(name, group)
File "/opt/stackstorm/st2/lib/python3.8/site-packages/oslo_config/cfg.py", line 2415, in _get_opt_info
raise NoSuchOptError(opt_name, group)
oslo_config.cfg.NoSuchOptError: no such option: TtBB
The error line 'oslo_config.cfg.NoSuchOptError: no such option: TtBB' shows a part of the password after the $
Thanks!
The text was updated successfully, but these errors were encountered:
SUMMARY
I was configuring LDAP authentication and I created a service account in my ad domain called svc-duo-proxy. I randomly generated a password. this password contained a '$'. This caused the st2auth service constantly crash.
STACKSTORM VERSION
st2 3.8.0, on Python 3.8.10
OS, environment, install method
Ubuntu 20.04 LTS
/etc/lsb-release details
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=20.04
DISTRIB_CODENAME=focal
DISTRIB_DESCRIPTION="Ubuntu 20.04.6 LTS"
Steps to reproduce the problem
Utilise a password that contains a $ within the password and it will crash the st2auth service constantly
Example Configuration
Expected Results
Actual Results
The st2 auth service crash with the following python error
The error line 'oslo_config.cfg.NoSuchOptError: no such option: TtBB' shows a part of the password after the $
Thanks!
The text was updated successfully, but these errors were encountered: