| Summary: | oc cluster up creates directories as root user when provided --host-data-dir or --host-config-dir | ||
|---|---|---|---|
| Product: | OpenShift Container Platform | Reporter: | Eduardo Minguez <eminguez> |
| Component: | oc | Assignee: | Cesar Wong <cewong> |
| Status: | CLOSED EOL | QA Contact: | Xingxing Xia <xxia> |
| Severity: | low | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | aos-bugs, cewong, jokerman, maszulik, mmccomas, pweil, ramon.gordillo |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2020-02-26 19:09:46 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
Origin needs to run as root (and privileged). This is a limitation/requirement of the current state of origin. Because of this, even if we create the parent directories as the current user, child directories of those (especially in the data directory) will be created as root while origin runs, which means that the current user will not be able to delete them. From openshift documentation: "For masters, the openshift start command accepts options that indicate that it should simply write the configuration files that it would have used, then terminate. For nodes, a configuration file can be written using the oadm create-node-config command" So, it should be possible to run first origin for writting the config with a known user, then launch again with the configuration already written. |
Description of problem: When trying to up a test cluster with oc cluster up and store the config and/or data, it creates a few folders as the root user, so they cannot be deleted by the regular user that created the cluster Version-Release number of selected component (if applicable): latest How reproducible: Steps to Reproduce: 1. Download oc 2. mkdir -p ~/tmp/{config,data} 3. oc cluster up --host-data-dir=$HOME/tmp/data/ --host-config-dir=$HOME/tmp/config Actual results: $ ls -l ~/tmp/config/ total 8 drwxr-xr-x. 2 root root 4096 Oct 4 09:01 master drwxr-xr-x. 2 root root 4096 Oct 4 09:01 node-192.168.1.113 $ ls -l ~/tmp/config/master/ total 312 -rw-r--r--. 1 root root 1119 Oct 4 09:01 admin.crt -rw-------. 1 root root 1679 Oct 4 09:01 admin.key -rw-------. 1 root root 5654 Oct 4 09:01 admin.kubeconfig -rw-r--r--. 1 root root 1070 Oct 4 09:01 ca-bundle.crt -rw-r--r--. 1 root root 1070 Oct 4 09:01 ca.crt -rw-------. 1 root root 1675 Oct 4 09:01 ca.key -rw-r--r--. 1 root root 2 Oct 4 09:01 ca.serial.txt -rw-r--r--. 1 root root 2619 Oct 4 09:01 etcd.server.crt -rw-------. 1 root root 1679 Oct 4 09:01 etcd.server.key -rw-rw-r--. 1 root root 6042 Oct 4 09:01 master-config.yaml -rw-r--r--. 1 root root 1078 Oct 4 09:01 master.etcd-client.crt -rw-------. 1 root root 1679 Oct 4 09:01 master.etcd-client.key -rw-r--r--. 1 root root 1135 Oct 4 09:01 master.kubelet-client.crt -rw-------. 1 root root 1679 Oct 4 09:01 master.kubelet-client.key -rw-r--r--. 1 root root 1086 Oct 4 09:01 master.proxy-client.crt -rw-------. 1 root root 1679 Oct 4 09:01 master.proxy-client.key -rw-r--r--. 1 root root 2619 Oct 4 09:01 master.server.crt -rw-------. 1 root root 1679 Oct 4 09:01 master.server.key -rw-r--r--. 1 root root 1123 Oct 4 09:01 openshift-master.crt -rw-------. 1 root root 1675 Oct 4 09:01 openshift-master.key -rw-------. 1 root root 5702 Oct 4 09:01 openshift-master.kubeconfig -rw-r--r--. 1 root root 1131 Oct 4 09:01 openshift-registry.crt -rw-------. 1 root root 1679 Oct 4 09:01 openshift-registry.key -rw-------. 1 root root 5722 Oct 4 09:01 openshift-registry.kubeconfig -rw-r--r--. 1 root root 1123 Oct 4 09:01 openshift-router.crt -rw-------. 1 root root 1675 Oct 4 09:01 openshift-router.key -rw-------. 1 root root 5702 Oct 4 09:01 openshift-router.kubeconfig -rw-r--r--. 1 root root 168650 Oct 4 09:01 policy.json -rw-------. 1 root root 1679 Oct 4 09:01 serviceaccounts.private.key -rw-------. 1 root root 459 Oct 4 09:01 serviceaccounts.public.key -rw-r--r--. 1 root root 1115 Oct 4 09:01 service-signer.crt -rw-------. 1 root root 1679 Oct 4 09:01 service-signer.key Expected results: The folders created belong to the user Additional info: