Undefined method `sysctl' for cookbook: os-hardening, recipe: sysctl :Chef::Recipe

Chef Infra (archive)
1

I am doing this training module: https://learn.chef.io/modules/getting-started-with-policyfiles#/step5

And ran into this error that has had me going out of my mind:
Running handlers:
[2019-06-20T21:44:36+00:00] ERROR: Running exception handlers
Running handlers complete
[2019-06-20T21:44:36+00:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 01 seconds
[2019-06-20T21:44:36+00:00] FATAL: Stacktrace dumped to /tmp/kitchen/cache/chef-stacktrace.out
[2019-06-20T21:44:36+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2019-06-20T21:44:36+00:00] ERROR: undefined method `sysctl' for cookbook: os-hardening, recipe: sysctl :Chef::Recipe
[2019-06-20T21:44:36+00:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

This error has had me stumped for the awhile now.. and now getting back into it, I searched and found that this method is now deprecated: https://supermarket.chef.io/cookbooks/sysctl

Perhaps this cookbook should be updated being part of the training module?
How would I fix this?

Thanks!

2

I found with some digging in the code that ~/learn-chef/cookbooks/lcr-policyfiles-getstarted/cookbooks/hardening/recipes/default.rb needs to be edited as follows:

#
# Cookbook:: hardening
# Recipe:: default
#
# Copyright:: 2018, The Authors, All Rights Reserved.

if node['os'] == 'linux'
#  include_recipe 'os-hardening::default'
  include_recipe 'hardening::remediation'
elsif node['os'] == 'windows'
  include_recipe 'windows-hardening'
end

After this edit, I performed a:
$ kitchen converge
And SUCCESS!

Finished converging <default-centos-7> (0m17.57s).
-----> Kitchen is finished. (0m22.00s)
3

I created a pull request for this change here:

4

Hi,

Can I ask which version of Chef Workstation/ChefDK you are using, and if you pinned the chef version in the .kitchen.yml

I have just run this through with the latest, and after ensuring the chef-client license is accepted it runs with no changes required to the cookbook.

As for the sysctl cookbook, it is deprecated because the functionality is included directly in Chef Infra now. The os-hardening cookbook has been updated to support this.

5

I am running the same version based on the module here:
https://learn.chef.io/modules/learn-the-basics/ubuntu/aws/set-up-a-machine-to-manage#/

Chef Workstation: 0.2.41
  chef-run: 0.2.4
  chef-client: 14.7.17
  delivery-cli: master (19553a3799e2b1ebee5f7f5798ddb74fd61603f8)
  berks: 7.0.7
  test-kitchen: 1.23.2
  inspec: 3.0.52

The version I have in the kitchen is:

provisioner:
  name: chef_zero
  product_name: chef
  product_version: 13.7.16
  always_update_cookbooks: false
  deprecations_as_errors: true
  client_rb:
    chef_license: accept

I was fiddling with product_version here based on documentation and other bits because the license wasn't being accepted, but found this to be the variables that worked for this setup. This is in the "lcr-policyfiles-getstarted" cookbook.

6

Hello JGH,

Thanks for reporting this issue. I am correcting the https://learn.chef.io/modules/learn-the-basics/ubuntu/aws/set-up-a-machine-to-manage#/ module to not display the incorrect test configuration. Once it's re-published later today, the module should work with recent ChefDK/Chef Workstation versions.
Our apologies for the misleading info.

Thanks!
Steve

1 Like
7

Thanks so much!