CLOUDSTACK-8633: Changing file permissions from 755 to 440#591
CLOUDSTACK-8633: Changing file permissions from 755 to 440#591sanju1010 wants to merge 1 commit into
Conversation
Reviewed-By: Raja
|
cloudstack-pull-rats #52 SUCCESS |
|
@bhaisaab @DaanHoogland @remibergsma could you have a look at this? Wasn't ACS management-server supposed to be executed as SUDO? If I'm right, there is no need to change the file permission so drastically. In that case, @sanju1010 , you need to be sudo to run it. AFAIK we all run our ACS environments, prod and tests, as sudo. Cheers, |
|
cloudstack-pull-requests #749 SUCCESS |
|
@wilderrodrigues currently I am on holiday and not able to look into stuff. As far as I know sudo was implemented for KVM agent only. See ya in about 10 days! Sent from my iPhone
|
|
I have tested this change and it works. |
|
@pvr9712 the question here is not if it works or not, because it's quite clear that once the permission changes it will suffice @sanju1010's need. The point is: is that the right thing to do? That's why I CCed @bhaisaab and @DaanHoogland . I don't think that the approach is completely right. It sound like something "oh, wait! I don't have permission to do that. Let's then change the file permissions.". To be honest, I haven't seen anyone running into such a problem. Could you perhaps describe better the environment you have, @sanju1010 ? Cheers, |
|
@wilderrodrigues if you look at the earlier commit, the code was refactored and I feel it is a miss. If this worked for someone, will be interested to know. |
|
BTW, here is my email on the Dev list with the details for this issues - including the earlier commit - Using Master builds, MS logs shows following error - After modifying the permissions - MS works fine. Apparently, this is related to a checkin ... I have created a defect, CLOUDSTACK-8633https://issues.apache.org/jira/browse/CLOUDSTACK-8633, to track this |
|
Hi @pvr9712 Thanks for the commit IDs, a bit of context always help. It would have saved us some time if the PR would have the commit ID which caused the bug. LGTM 👍 Cheers, |
|
Sanjeev N on dev@cloudstack.apache.org replies: |
|
Raja Pullela on dev@cloudstack.apache.org replies: |
|
LGTM, good catch |
|
Added same logic for fedora20/21 spec files as well. Merged on master now. |
Reviewed-By: Raja Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> This closes apache#591
With 0755 permissions on /etc/sudoers.d/cloudstack-management we are getting following error in bringing up CS:
Failed to start bean 'cloudStackLifeCycle'; nested exception is com.cloud.utils.exception.CloudRuntimeException: Failed to inject generated public key into systemvm iso sudo: /etc/sudoers.d/cloudstack-management is mode 0755, should be 0440sudo: sorry, you must have a tty to run sudo”
So I have changed the permissions to 440.