Bug 1100584

Summary: [host-deploy] host-deploy should be able to work with (remote) /tmp as noexec
Product: [Retired] oVirt Reporter: Jiri Belka <jbelka>
Component: ovirt-engine-coreAssignee: Alon Bar-Lev <alonbl>
Status: CLOSED CURRENTRELEASE QA Contact: Jiri Belka <jbelka>
Severity: high Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: bazulay, bugs, dougsland, ecohen, gklein, iheim, lsurette, rbalakri, Rhev-m-bugs, yeylon
Target Milestone: ---   
Target Release: 3.5.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: infra
Fixed In Version: ovirt-engine-3.5.0_beta Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-17 12:39:35 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jiri Belka 2014-05-23 07:13:30 UTC 
Description of problem:
host-deploy should be able to work with (remote) /tmp as noexec. having /tmp with 'exec' is way to hell :)

I think what is needed is just to start setup with with interpreter instead of just current execution.

So...

/tmp/ovirt-$random/setup -> bash /tmp/ovirt-$random/setup

2014-05-23 07:02:58,529 ERROR [org.ovirt.engine.core.bll.InstallerMessages] (org.ovirt.thread.pool-6-thread-6) [49a701eb] Installation 10.34.63.223: Unexpected error during e
xecution: bash: /tmp/ovirt-iHEpBZBlYK/setup: Permission denied

2014-05-23 07:02:58,541 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (org.ovirt.thread.pool-6-thread-6) [49a701eb] Correlation ID: 49a701eb, C
all Stack: null, Custom Event ID: -1, Message: Failed to install Host rhel7. Unexpected error during execution: bash: /tmp/ovirt-iHEpBZBlYK/setup: Permission denied
.
2014-05-23 07:02:58,542 ERROR [org.ovirt.engine.core.bll.VdsDeploy] (org.ovirt.thread.pool-6-thread-6) [49a701eb] Error during host 10.34.63.223 install, prefering first exce
ption: java.io.IOException: Unexpected connection termination
        at org.ovirt.otopi.dialog.MachineDialogParser.nextEvent(MachineDialogParser.java:388) [otopi.jar:]
        at org.ovirt.otopi.dialog.MachineDialogParser.nextEvent(MachineDialogParser.java:405) [otopi.jar:]
        at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:762) [bll.jar:]
        at org.ovirt.engine.core.bll.VdsDeploy.access$1900(VdsDeploy.java:82) [bll.jar:]
        at org.ovirt.engine.core.bll.VdsDeploy$45.run(VdsDeploy.java:910) [bll.jar:]
        at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_55]

2014-05-23 07:02:58,546 ERROR [org.ovirt.engine.core.bll.InstallVdsInternalCommand] (org.ovirt.thread.pool-6-thread-6) [49a701eb] Host installation failed for host db22e8c0-9
192-4757-b3d0-3d6e668d1903, rhel7.: java.io.IOException: Unexpected connection termination
        at org.ovirt.otopi.dialog.MachineDialogParser.nextEvent(MachineDialogParser.java:388) [otopi.jar:]
        at org.ovirt.otopi.dialog.MachineDialogParser.nextEvent(MachineDialogParser.java:405) [otopi.jar:]
        at org.ovirt.engine.core.bll.VdsDeploy._threadMain(VdsDeploy.java:762) [bll.jar:]
        at org.ovirt.engine.core.bll.VdsDeploy.access$1900(VdsDeploy.java:82) [bll.jar:]
        at org.ovirt.engine.core.bll.VdsDeploy$45.run(VdsDeploy.java:910) [bll.jar:]
        at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_55]

Version-Release number of selected component (if applicable):
ovirt-host-deploy-1.2.2-0.0.master.20140502205535.gitf0ac297.el6.noarch

How reproducible:
100%

Steps to Reproduce:
1. make your /tmp 'noexec' (I hope you have /tmp at least on separate FS, hehe)
2. add host
3.

Actual results:
failure

Expected results:
should work

Additional info:
Comment 1 Alon Bar-Lev 2014-05-23 07:20:03 UTC 
host-deploy cannot guess where to put files.

you can always set TMPDIR environment to different directory on that host.

you can also modify the BootstrapCommand vdc_options to use alternate directory per your choice.

best I can do is allow OVIRT_TMPDIR environment and override TMPDIR at host.
Comment 2 Jiri Belka 2014-05-23 07:28:52 UTC 
This is probably easy fix:

# mount -o remount,noexec /tmp
# cat > /tmp/test
#!/bin/bash
echo Hello World!
# chmod u+x /tmp/test
# /tmp/test
-bash: /tmp/test: Permission denied
# bash /tmp/test
Hello World!
Comment 3 Alon Bar-Lev 2014-05-23 07:37:10 UTC 
(In reply to Jiri Belka from comment #2)
> This is probably easy fix:
> 
> # mount -o remount,noexec /tmp
> # cat > /tmp/test
> #!/bin/bash
> echo Hello World!
> # chmod u+x /tmp/test
> # /tmp/test
> -bash: /tmp/test: Permission denied
> # bash /tmp/test
> Hello World!

I would like to avoid assumption of:

1. scripts.
2. the interpreter that is used (switch from shell to python and similar).
Comment 4 Alon Bar-Lev 2014-06-12 19:20:07 UTC 
Added OVIRT_TMPDIR to allow override TMPDIR.

Example:

/etc/profile.d/ovirt-tmpdir.sh
---
export OVIRT_TMPDIR=/var/tmp
---
Comment 5 Jiri Belka 2014-07-14 12:54:10 UTC 
ok, ovirt-host-deploy-java-1.3.0-0.0.master.20140629072144.gitdc1f589.el6.noarch

setting env on host and re-added host into ovirt env.

Every 0.5s: ls -al /testovic                                                                                             Mon Jul 14 14:52:33 2014

total 12
drwxr-xr-x.  3 root root 4096 Jul 14 14:52 .
dr-xr-xr-x. 25 root root 4096 Jul 14 14:47 ..
drwx------.  4 root root 4096 Jul 14 11:35 ovirt-UkU56KVf3m
Comment 6 Sandro Bonazzola 2014-10-17 12:39:35 UTC 
oVirt 3.5 has been released and should include the fix for this issue.