[opensuse-buildservice] Re: [PATCH] [appliance] Chown all directories on appliance change.
Am Mittwoch, 23. März 2011, 23:23:13 schrieb OBS build-service:
From: Jan-Simon Möller
Signed-off-by: Jan-Simon Möller
--- dist/obsstoragesetup | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/dist/obsstoragesetup b/dist/obsstoragesetup index eae6e93..ca7c7a9 100755 --- a/dist/obsstoragesetup +++ b/dist/obsstoragesetup @@ -258,7 +258,7 @@ case "$1" in [ -d /obs/info ] || mkdir /obs/info [ -d /obs/projects ] || mkdir /obs/projects [ -d /obs/workers ] || mkdir /obs/workers - chown obsrun.obsrun /obs/{,log,run,build,events,jobs,info,projects,workers} + chown -R obsrun:obsrun /obs/{,build,db,events,info,jobs,log,projects,remotecache,repos,repos_sync,run,sources,trees,upload,workers}
Uh, isn't that a bit too agressive ? Someone might have done a chown to root to be sure that OBS does not touch certain binaries anymore. Actually the entire chown should not be needed, the appliances should have always the same userid. If that is not the case we have a bug ...
else echo "Setup local storage" if [ -e /obs -a ! -L /obs ]; then
-- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 24. März 2011, 08:05:25 schrieb Adrian Schröter:
Am Mittwoch, 23. März 2011, 23:23:13 schrieb OBS build-service:
From: Jan-Simon Möller
Signed-off-by: Jan-Simon Möller
--- dist/obsstoragesetup | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/dist/obsstoragesetup b/dist/obsstoragesetup index eae6e93..ca7c7a9 100755 --- a/dist/obsstoragesetup +++ b/dist/obsstoragesetup @@ -258,7 +258,7 @@ case "$1" in
[ -d /obs/info ] || mkdir /obs/info [ -d /obs/projects ] || mkdir /obs/projects [ -d /obs/workers ] || mkdir /obs/workers
- chown obsrun.obsrun /obs/{,log,run,build,events,jobs,info,projects,workers} + chown -R obsrun:obsrun
/obs/{,build,db,events,info,jobs,log,projects,remotecache,repos,repos_sync, run,sources,trees,upload,workers}
Uh, isn't that a bit too agressive ? Someone might have done a chown to root to be sure that OBS does not touch certain binaries anymore.
Actually the entire chown should not be needed, the appliances should have always the same userid.
If that is not the case we have a bug ...
We have a bug. Lets me revert this commit and hunt the other. On appliance change, we had a lot of messagebus:messagebus ownerships. This might depend on installation-order in kiwi ? May be better to find a fixed numeric id to assign to obs user. Best, Jan-Simon
else
echo "Setup local storage"
if [ -e /obs -a ! -L /obs ]; then
-- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am Donnerstag, 24. März 2011, 08:58:43 schrieb Jan-Simon Moeller:
Am Donnerstag, 24. März 2011, 08:05:25 schrieb Adrian Schröter:
Am Mittwoch, 23. März 2011, 23:23:13 schrieb OBS build-service:
From: Jan-Simon Möller
Signed-off-by: Jan-Simon Möller
--- dist/obsstoragesetup | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/dist/obsstoragesetup b/dist/obsstoragesetup index eae6e93..ca7c7a9 100755 --- a/dist/obsstoragesetup +++ b/dist/obsstoragesetup @@ -258,7 +258,7 @@ case "$1" in
[ -d /obs/info ] || mkdir /obs/info [ -d /obs/projects ] || mkdir /obs/projects [ -d /obs/workers ] || mkdir /obs/workers
- chown obsrun.obsrun /obs/{,log,run,build,events,jobs,info,projects,workers} + chown -R obsrun:obsrun
/obs/{,build,db,events,info,jobs,log,projects,remotecache,repos,repos_sync, run,sources,trees,upload,workers}
Uh, isn't that a bit too agressive ? Someone might have done a chown to root to be sure that OBS does not touch certain binaries anymore.
Actually the entire chown should not be needed, the appliances should have always the same userid.
If that is not the case we have a bug ...
We have a bug. Lets me revert this commit and hunt the other. On appliance change, we had a lot of messagebus:messagebus ownerships. This might depend on installation-order in kiwi ? May be better to find a fixed numeric id to assign to obs user.
I do so in the kiwi file, unfortunatly to id 103 for historic reasons, which can conflict meanwhile. However, it should still work, I will test it using a 2.1 appliance and update afterwards with 2.2 .. bye adrian -- Adrian Schroeter SUSE Linux Products GmbH email: adrian@suse.de -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
I do so in the kiwi file, unfortunatly to id 103 for historic reasons, which can conflict meanwhile.
However, it should still work, I will test it using a 2.1 appliance and update afterwards with 2.2 ..
linux:~ # grep messagebus /etc/passwd messagebus:x:103:107:User for D-Bus:/var/run/dbus:/bin/false linux:~ # grep obsrun /etc/passwd obsrun:x:104:105:User for build service backend:/usr/lib/obs:/bin/false linux:~ # grep ntp /etc/group ntp:!:106: linux:~ # ls -alh /srv/obs/ total 108K drwxr-xr-x 21 obsrun obsrun 4,0K Mär 23 17:01 . drwxr-xr-x 23 root root 4,0K Mär 24 10:01 .. drwxr-xr-x 4 obsrun obsrun 4,0K Mär 20 17:52 build drwx------ 2 root root 4,0K Mär 20 19:27 certs drwxr-xr-x 4 messagebus ntp 4,0K Mär 18 16:21 db drwxr-xr-x 8 obsrun obsrun 4,0K Mär 18 16:08 events drwx------ 3 root root 4,0K Mär 21 14:22 gnupg drwxr-xr-x 2 obsrun obsrun 4,0K Mär 23 22:46 info drwxr-xr-x 5 obsrun obsrun 4,0K Mär 21 14:22 jobs drwxr-xr-x 2 obsrun obsrun 4,0K Mär 23 23:22 log drwx------ 2 root root 16K Mär 18 14:35 lost+found drwx------ 6 mysql root 4,0K Mär 24 10:01 MySQL -rw-r--r-- 1 root root 1,4K Mär 18 14:49 obs-default-gpg.asc drwxr-xr-x 6 obsrun obsrun 4,0K Mär 20 17:52 projects drwxr-xr-x 2 messagebus ntp 12K Mär 21 14:43 remotecache drwxr-xr-x 4 messagebus ntp 4,0K Mär 18 17:58 repos drwxr-xr-x 2 messagebus ntp 4,0K Mär 21 14:22 repos_sync drwxr-xr-x 2 obsrun obsrun 4,0K Mär 24 10:01 run drwxr-xr-x 6 messagebus ntp 4,0K Mär 18 17:22 sources drwxr-xr-x 8 messagebus ntp 4,0K Mär 18 17:22 trees drwxr-xr-x 2 messagebus ntp 4,0K Mär 21 14:22 upload drwxr-xr-x 4 obsrun obsrun 4,0K Mär 18 16:09 workers Looks like this depends on the installation order during imaging - the next appliance has this changed again. linux:/srv/obs # grep obsrun /etc/passwd obsrun:x:103:105:User for build service backend:/usr/lib/obs:/bin/false Ok, suggestions ? * move to safe number vs. backward compatibility * register id numbers/user earlier Best, Jan-Simon -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
Am 03/24/11, schrieb Adrian Schröter
Am Donnerstag, 24. März 2011, 08:58:43 schrieb Jan-Simon Moeller:
Am Donnerstag, 24. März 2011, 08:05:25 schrieb Adrian Schröter:
Am Mittwoch, 23. März 2011, 23:23:13 schrieb OBS build-service: [...]
/obs/{,build,db,events,info,jobs,log,projects,remotecache,repos,repos_sync, run,sources,trees,upload,workers}
Uh, isn't that a bit too agressive ? Someone might have done a chown to root to be sure that OBS does not touch certain binaries anymore.
Actually the entire chown should not be needed, the appliances should have always the same userid.
If that is not the case we have a bug ...
We have a bug. Lets me revert this commit and hunt the other. On appliance change, we had a lot of messagebus:messagebus ownerships. This might depend on installation-order in kiwi ? May be better to find a fixed numeric id to assign to obs user.
I do so in the kiwi file, unfortunatly to id 103 for historic reasons, which can conflict meanwhile.
I think you are hitting: https://bugzilla.novell.com/show_bug.cgi?id=550318 Regards, Stefan -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org
participants (4)
-
"Stefan Brüns"
-
Adrian Schröter
-
Jan-Simon Moeller
-
Jan-Simon Möller