Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

talosctl reboot --wait failing for os:operator role #7197

Closed
utkuozdemir opened this issue May 9, 2023 · 1 comment · Fixed by #8708
Closed

talosctl reboot --wait failing for os:operator role #7197

utkuozdemir opened this issue May 9, 2023 · 1 comment · Fixed by #8708
Assignees
@utkuozdemir

Comments

@utkuozdemir
Copy link
Member

utkuozdemir commented May 9, 2023
edited
Loading

When --wait is used, reboot command does a /machine.MachineService/Read to read the boot ID before issuing the reboot. Since /machine.MachineService/Read is only allowed for admins, reboot only works when --wait=false is used by non-admins.
@utkuozdemir utkuozdemir self-assigned this May 9, 2023
@utkuozdemir utkuozdemir changed the title talosctl reboot --wait=false failing for os:operator role talosctl reboot --wait failing for os:operator role May 9, 2023
@smira
Copy link
Member

smira commented May 15, 2023

We should probably look into whitelisting some paths in a safe way to Read API.

@utkuozdemir utkuozdemir mentioned this issue Apr 29, 2024
Closed
1 task
utkuozdemir added a commit to utkuozdemir/talos that referenced this issue May 6, 2024
@utkuozdemir
feat: do not fail cli action tracker when boot id cannot be read
4b3f3c2 
If the `reboot/reset/shutdown/upgrade` action tracker cannot read the boot ID from the node under `/proc/sys/kernel/random/boot_id` due to insufficient permissions (e.g., when `talosctl reboot` is used over Omni), fall back to skipping boot ID check instead of hard-failing.

Closes siderolabs#7197.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
@utkuozdemir utkuozdemir mentioned this issue May 6, 2024
Merged
utkuozdemir added a commit to utkuozdemir/talos that referenced this issue May 6, 2024
@utkuozdemir
fix: do not fail cli action tracker when boot id cannot be read
34e480f 
If the `reboot/reset/shutdown/upgrade` action tracker cannot read the boot ID from the node under `/proc/sys/kernel/random/boot_id` due to insufficient permissions (e.g., when `talosctl reboot` is used over Omni), fall back to skipping boot ID check instead of hard-failing.

Closes siderolabs#7197.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
utkuozdemir added a commit to utkuozdemir/talos that referenced this issue May 7, 2024
@utkuozdemir
fix: do not fail cli action tracker when boot id cannot be read
53f170b 
If the `reboot/reset/shutdown/upgrade` action tracker cannot read the boot ID from the node under `/proc/sys/kernel/random/boot_id` due to insufficient permissions (e.g., when `talosctl reboot` is used over Omni), fall back to skipping boot ID check instead of hard-failing.

Closes siderolabs#7197.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
smira pushed a commit to smira/talos that referenced this issue May 17, 2024
@utkuozdemir @smira
fix: do not fail cli action tracker when boot id cannot be read
24c3532 
If the `reboot/reset/shutdown/upgrade` action tracker cannot read the boot ID from the node under `/proc/sys/kernel/random/boot_id` due to insufficient permissions (e.g., when `talosctl reboot` is used over Omni), fall back to skipping boot ID check instead of hard-failing.

Closes siderolabs#7197.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
(cherry picked from commit 478b862)
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 7, 2024
smira pushed a commit to smira/talos that referenced this issue Jul 22, 2024
@utkuozdemir @smira
fix: do not fail cli action tracker when boot id cannot be read
3ec9b8d 
If the `reboot/reset/shutdown/upgrade` action tracker cannot read the boot ID from the node under `/proc/sys/kernel/random/boot_id` due to insufficient permissions (e.g., when `talosctl reboot` is used over Omni), fall back to skipping boot ID check instead of hard-failing.

Closes siderolabs#7197.

Signed-off-by: Utku Ozdemir <utku.ozdemir@siderolabs.com>
(cherry picked from commit 478b862)
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@utkuozdemir utkuozdemir

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: do not fail cli action tracker when boot id cannot be read utkuozdemir/talos
2 participants
@smira @utkuozdemir