[BUG] x509 fails to load M2Crypto module on Ubuntu 22.04 (jammy) · Issue #63620 · saltstack/salt

link管理

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

痴情的机器猫 · [BUG] x509 fails to ...· 1 周前 ·

彷徨的骆驼 · Calling ...· 4 月前 ·

笑点低的帽子 · windows安装wsl，在windows中 ...· 6 月前 ·

月球上的煎饼果子 · 两种方法告诉你，如何查看Ubuntu系统版本 ...· 1 年前 ·

讲道义的鞭炮 · Please login as the ...· 1 年前 ·

强悍的斑马 · 木偶漫画又一部灵异漫画——《幽冥诡匠》_网易订阅· 2 月前 ·

没有腹肌的馒头 · elasticsearch ...· 5 月前 ·

刚毅的鼠标 · 有没有大佬有芋圆呀呀的资源啊-油猴中文网· 8 月前 ·

酒量大的黑框眼镜 · 测试晶面间距软件_【干货】高分辨TEM晶面间 ...· 1 年前 ·

俊秀的豆腐 · 永州名人_永州名人_永州政府网· 1 年前 ·

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Description
On Ubuntu 22.04 (Jammy) the x509 state fails because the M2Crypto module has been renamed:

    Function: x509.pem_managed
        Name: /usr/local/share/ca-certificates/ca.crt
      Result: False
     Comment: State 'x509.pem_managed' was not found in SLS 'pki-client'
              Reason: 'x509' __virtual__ returned False: Could not load x509 state: m2crypto unavailable
This also happens for the x509.pem_managed and x509.private_key_managed functions.
When opening a Python shell, it is possible to load M2Crypt with capitalized M and C:
Python 3.10.6 (main, Nov 14 2022, 16:10:14) [GCC 11.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import M2Crypto
>>> import m2crypto
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ModuleNotFoundError: No module named 'm2crypto'
Setup
cat /etc/os-release 
PRETTY_NAME="Ubuntu 22.04.1 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.1 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
apt search python3-m2crypto
[...]
python3-m2crypto/jammy,now 0.38.0-1ubuntu5 amd64 [installed]
  Python wrapper for the OpenSSL library (Python 3 modules)
Steps to Reproduce the behavior

Set up an Ubuntu 22.04 server and use the x509 state.
Expected behavior

The python3-m2crypto package should be found and used by the x509 module
Versions Report
salt --versions-report
ii  salt-common                            3005.1+ds-4                             amd64        shared libraries that salt requires for all packages
ii  salt-minion                            3005.1+ds-4                             all          client package for salt, the distributed remote execution system
It seems t he M2Crypto module is not found
Salt Version:
          Salt: 3005.1
Dependency Versions:
          cffi: 1.14.6
      cherrypy: 18.6.1
      dateutil: 2.8.1
     docker-py: Not Installed
         gitdb: Not Installed
     gitpython: Not Installed
        Jinja2: 3.1.0
       libgit2: Not Installed
      M2Crypto: Not Installed
          Mako: Not Installed
       msgpack: 1.0.2
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     pycparser: 2.21
      pycrypto: Not Installed
  pycryptodome: 3.9.8
        pygit2: Not Installed
        Python: 3.9.16 (main, Jan  6 2023, 22:50:07)
  python-gnupg: 0.4.8
        PyYAML: 5.4.1
         PyZMQ: 23.2.0
         smmap: Not Installed
       timelib: 0.2.4
       Tornado: 4.5.3
           ZMQ: 4.3.4
System Versions:
          dist: ubuntu 22.04 jammy
        locale: utf-8
       machine: x86_64
       release: 5.15.0-58-generic
        system: Linux
       version: Ubuntu 22.04 jammy
Additional context

Works fine for other Debian & Ubuntu versions.
          @svenseeberg I'm getting this same error. Ubuntu 22.04, salt 3005.1. I have verified M2Crypto is installed on the minion. I don't understand your fix. salt-pip: is that specific to the new onedir install? I'm still on the classic packages. I'm running arm64, and I don't think onedir is an option for me yet. Any thoughts on another fix?
          Can you check which package versions are installed and see if the file is in the package?
root@minion ~ # dpkg -l | grep salt
ii  salt-common                            3005.1+ds-4                             amd64        shared libraries that salt requires for all packages
ii  salt-minion                            3005.1+ds-4                             all          client package for salt, the distributed remote execution system
root@minion ~ # which salt-pip
/usr/bin/salt-pip
root@minion ~ # apt-file search /usr/bin/salt-pip
salt-common: /usr/bin/salt-pip
You may need to run apt install apt-file; apt-file update first.
          @svenseeberg
root@minion:~# dpkg -l | grep salt
ii  salt-common                      3005.1+ds-2                             all          shared libraries that salt requires for all packages
ii  salt-minion                      3005.1+ds-2                             all          client package for salt, the distributed remote execution system
root@minion:~# which salt-pip
root@minion:~# apt-file search /usr/bin/salt-pip
root@minion:~# ls -la /usr/bin/|grep salt
-rwxr-xr-x  1 root   root          380 Sep 29 15:10 salt-call
-rwxr-xr-x  1 root   root          384 Sep 29 15:10 salt-minion
-rwxr-xr-x  1 root   root          964 Sep 29 15:10 salt-proxy
          What I can see is that different versions are installed: 3005.1+ds-2 vs 3005.1+ds-4. Also, the architecture is different: amd64 vs all.
The sources file looks like this on my machine:
root@minion ~ # cat /etc/apt/sources.list.d/salt.list
deb [signed-by=/etc/apt/keyrings/salt-archive-keyring.gpg arch=amd64] https://repo.saltproject.io/salt/py3/ubuntu/22.04/amd64/latest jammy main