Unable to add key to device identity

General Discussions
1

I am attempting to add a serial number to the device’s identity. Whenever the device first connects, the Mac field is filled in, but the serial number field is blank. I added debug output to the mender client and it looks like it reads the serial number when mender-device-identity is run, but the serial number is not added to the authorization request. Do you have any thoughts on what may be the issue? I’ve added the relevant debug output below. We are using mender 2.3

DEBU[0000]/home/bk/tstbuildmend/build/tmp/work/aarch64-poky-linux/mender-client/2.3.0-r0/build/src/github.com/mendersoftware/mender/app/auth.go:125 github.com/mendersoftware/mender/app.(*MenderAuthManager).MakeAuthRequest() Authorization data: {{“mac”:“00:01:45:09:c9:c9”,“serial_numbers”:"urn:andium:nid:video-ec:F8DC7A3E-812C-IMX8-1020-032009004419”}…

Oct 13 23:34:30 imx8mq-itx-p-c444 mender[2016]: time=“2020-10-13T23:34:30Z” level=debug msg=“Authorization data: {{“mac”:“00:01:45:09:c9:c9”,“serial_numbers”:”"}

2

Hi @kbuck3, welcome to Mender hub. Can you share the contents of your mender-device-identity script?

Also can you run it manually and share the output?

Drew

3

To make the testing simple, I just added a cat command to the default script. The output of the script and script itself are below.

/usr/share/mender/identity# ./mender-device-identity
using interface /sys/class/net/eth0
serial_numbers=urn:andium:nid:video-ec:F8DC7A3E-812C-IMX8-1020-032009004419
mac=00:01:45:09:c9:c9

set -ue

SCN=/sys/class/net
min=65535
arphrd_ether=1
ifdev=

# find iface with lowest ifindex, skip non ARPHRD_ETHER types (lo, sit ...)
for dev in $SCN/*; do
    if [ ! -f "$dev/type" ]; then
        continue
    fi

    iftype=$(cat $dev/type)
    if [ $iftype -ne $arphrd_ether ]; then
        continue
    fi

    idx=$(cat $dev/ifindex)
    if [ $idx -lt $min ]; then
        min=$idx
        ifdev=$dev
    fi
done

if [ -z "$ifdev" ]; then
    echo "no suitable interfaces found" >&2
    exit 1
else
    echo "using interface $ifdev" >&2
    # grab MAC address
    echo "serial_numbers=$(cat out.txt)"
    echo "mac=$(cat $ifdev/address)"
fi

edit: @mirzak: formatting

4

@kbuck3 where is the out.txt file getting created? Could there be a race condition of some kind?
Drew

5

@drewmoseley out.txt is currently a static file while I test. After I can resolve this issue, out.txt will be created in the mender-device-identity script.

6

@kacf @tranchitella do you guys have any idea how this identity field could end up not being applied? Is it possible that the ‘:’ characters are causing some kind of parsing issue?

7

I just authorized a device with a similar change into my account and there are no issues with the ‘:’ characters that I can see.

I did use just a static echo in mender-device-identity rather than "cat"ting a file:

echo “serial_numbers=urn:andium:nid:video-ec:F8DC7A3E-812C-IMX8-1020-032009004419”

@kbuck3 is it possible that your issue is the use of a relative path with out.txt? If the out.txt file is not in the CWD when the Mender client invokes the mender-device-identity script, then it will obviously return an empty string. Hmm. I guess not since you have the debug log from the server showing the right details.

@tranchitella have there been any changes since 2.3 that could account for this?

Drew

8

@drewmoseley It looks like it was a path issue. I added the absolute path to the script and that fixed the issue. It threw me off a bit seeing the value in the debug logs but not in the auth request. Thanks for your help!

9

@drewmoseley I can confirm we support the “:” character, indeed.

10

@kbuck3 that’s great to hear. Glad you are unstuck. Please let us know if you need any more help in the future.