duandao2083
duandao2083
2018-06-20 21:03

未检测到保管库令牌助手?

已采纳

Problem:

I have three files in a vault:0.10.2 docker image at the following locations:

/home/myuser/token_helper: A token helper binary in Go that implements the token helper interface according to this documentation

/home/myuser/vault_start: A Go script that runs os.exec("vault", "operator", "init") and os.exec("vault", "server", "-config=myconfig.hcl")

/home/myuser/.vault: The token helper config file specifying the token helper binary location, and I've exported VAULT_CONFIG_PATH to point to this path. The file reads token_helper = "/home/myuser/token_helper".

The problem I'm seeing is while running the vault_start script, I get the following error:

failed to get token helper: error expanding config path "": exec: "getent": executable file not found in $PATH

Debugging Done So Far:

This error doesn't seem to be correct. which getent returns /usr/bin/getent, and the image $PATH contains it, proving that both exist. In addition, the config path is not "", it's set as /home/myuser/.vault but Vault detects it as empty apparently.

I've traced that error output to this file in Vault's command directory: . According to that block of code, it only errors out when $HOME is not set, but I've confirmed that $HOME is set in the shell.

In addition, I've specified everything that Vault has asked in order to implement the token helper according to this document, but it doesn't seem to be detecting the config file to run it. This seems to be an error with Vault, or am I missing something?

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答

1条回答

  • doutan3463 doutan3463 3年前

    Figured this out, it was because the os.exec("vault", "operator", "init") line did not inherit the VAULT_CONFIG_PATH variable setting from the host, and so it was empty.

    The following shows how to give os.Exec environment variables during it's run:

        vaultInitCmd := exec.Command("vault", "operator", "init")
        vaultInitCmd.Env = []string{
        fmt.Sprintf(`VAULT_ADDR=%s`, addr),
        fmt.Sprintf(`VAULT_CONFIG_PATH=%s`, `/home/myuser/.vault`)}
    
    点赞 评论 复制链接分享

为你推荐