Memcache plugin results in "ERF42-4995 [Foreman::Exception]: Invalid authenticity token" upon login

Problem:
I was using default admin and temp pw iterating over a list of plugins to install. Everything was working just fine and I went to install memcache via

foreman-installer --scenario katello --enable-foreman-plugin-memcache

I added 127.0.0.1 in the chance status would change, but nogo

cat /usr/share/foreman/config/settings.plugins.d/foreman_memcache.yaml
# Foreman Memcache plugin configuration file

:memcache:
  :hosts:
    - 127.0.0.1
  :options:
    :namespace: foreman
    :expires_in: 86400
    :compress: true

Expected outcome: able to login

Foreman and Proxy versions: 3.15

Foreman and Proxy plugin versions:

foreman-tasks The goal of this plugin is to unify the way of showing task statuses across the Foreman instance. It defines Task model for keeping the information about the tasks and Lock for assigning the tasks to resources. The locking allows dealing with preventing multiple colliding tasks to be run on the same resource. It also optionally provides Dynflow infrastructure for using it for managing the tasks. Ivan Nečas 1.1.3
katello Katello adds Content and Subscription Management to Foreman. For this it relies on Candlepin and Pulp. N/A 3.15.3.1

Pulp, Pulpcore, Templates, TFTP, Puppet CA, Puppet, Logs, and HTTPBoot
2.0.1

Distribution and version: 3.15

Other relevant data:

I tried

chmod 666 /usr/share/foreman/config/initializers/local_secret_token.rb
foreman-rake security:generate_token

as well as

rake tmp:cache:clear

but I get a

No Rakefile found (looking for: rakefile, Rakefile, rakefile.rb, Rakefile.rb)

(See full trace by running task with --trace)

yum install memcached -y
systemctl enable memcached
systemctl start memcached

You do not want world writable encryption secrets, it should not even be world readable. Do not do this.

You should always use foreman-rake. Also note that tmp:cache:clear is not implemented for memcache.

2 Likes

thanks, reverted perms.

I was just randomly setting them to some type of writeable so “foreman-rake security:generate_token” would write.

thanks for the tip on foreman-rake. I was following advise I saw on how to clear rails cache on a stackexchange specifically. none of which were directly relevant to my issue, as the issue was not having memcached installed. I was ignorant that memcached was a linux package, but I did read a post asking if memcached was configured. The d made me think it was a linux daemon, so I did a “yum provides memcached” and sure enough…