RoR 5.6.1 Pro Changes to the yml file are not being picked up

mching · October 26, 2017, 9:44pm

I’m having an issue with YML changes. After making changes to the yml file and committing it. The logs are showing that the change has not propagated.

For example:

Adding this block to the yml config under access_control_rules:

- name: '::SERVICE-USER::'
  auth_key: 'service:servicepasswd'

Commit the change (observe the green OK banner)

Using the “new” service account, I’m unable to access Elasticsearch using postman. I get a 403 access error. Using a previous user that was already there, it works.

Now comes the weird part.

I remove the newly added block “::SERVICE-USER::”, commit the change and test again.

The logs still show that ::SERVICE-USER:: is still being validated against.

What this means to me is that the change did not propagate and get applied.

Am I missing something?

Mark

mching · October 27, 2017, 8:13pm

After 24 hours, the logs are still showing an entry against an access_control_block that does not exist.

I’ll look to see how to turn on debug logging for RoR.

Mark

mching · October 27, 2017, 8:16pm

In addition: I’ve added another block and that block is NOT showing up in the HIS list at all.

sscarduzio · October 27, 2017, 8:27pm

Hi Mark, is this the 1.16.12 ES & Kibana plugin?

mching · October 27, 2017, 8:42pm

A restart of the cluster shows that the ROR index being read and the changes are active. Deletion of a block and a save does is not active reflected.

mching · October 27, 2017, 8:44pm

Hi Simone,

This is the 1.16.11 release of the RoR.
readonlyrest-1.16.11_es5.6.1.jar

Mark

sscarduzio · October 27, 2017, 8:46pm

Thank you Mark, will have a look: I’m currently working on untangling the config & SSL cert paths resolution. Will test this again after that.

mching · October 27, 2017, 8:48pm

Was that a typo? When I log into the download site I don’t see a 1.16.12 download.

Mark

sscarduzio · October 27, 2017, 8:50pm

I see you found your way to the self service form. This is going to be the only way to distribute the Kibana plugin going forward, not the Plasso platform.

mching · October 27, 2017, 8:52pm

Yes, I did! I read the banner on the Plasso page.

I’m installing the updated plugin now and I’ll let you know the outcome.

Mark

mching · October 27, 2017, 9:41pm

Upgrading to 1.16.12 resolved the issue. The logs now show an entry for refreshing RoR configuration.

Mark

sscarduzio · October 27, 2017, 10:09pm

Thanks for testing thisl, Mark!