Bug 1814172

Summary: [ovirt] Cannot run openshift-install as a non-root user
Product: OpenShift Container Platform Reporter: Jan Zmeskal <jzmeskal>
Component: InstallerAssignee: Roy Golan <rgolan>
Installer sub component: OpenShift on RHV QA Contact: Jan Zmeskal <jzmeskal>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: unspecified CC: gshereme, rgolan
Version: 4.4   
Target Milestone: ---   
Target Release: 4.5.0   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1820492 (view as bug list) Environment:
Last Closed: 2020-08-04 18:05:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1820492, 1847968    

Description Jan Zmeskal 2020-03-17 09:24:55 UTC 
Description of problem:
When running openshift-install create cluster as a non-root user on linux, the installation fails with permission denied.

Version-Release number of the following components:
openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024

How reproducible:
100 %

Steps to Reproduce:
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ whoami
jan
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ echo $HOME
/home/jan
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ rm -rf ~/.ovirt
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ rm -rf ./test-cluster/
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ ls -la
total 346284
drwxr-xr-x.  2 jan jan      4096 Mar 17 10:14 .
drwxr-xr-x. 14 jan jan     12288 Mar 17 07:45 ..
-rwxr-xr-x.  1 jan jan 354574336 Mar 13 06:28 openshift-install
-rw-r--r--.  1 jan jan       706 Mar 13 06:28 README.md
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ mkdir test-cluster
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ ls -l test-cluster
total 0
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ ls -ld test-cluster
drwxrwxr-x. 2 jan jan 4096 Mar 17 10:14 test-cluster
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ ./openshift-install create cluster --dir=test-cluster
? SSH Public Key /home/jan/.ssh/id_rsa.pub
? Platform ovirt
? Enter oVirt's api endpoint URL https://<my_engine_fqdn>/ovirt-engine/api
? Is the installed oVirt certificate trusted? No
? Enter ovirt-engine username admin@internal
? Enter password ******
? Select the oVirt cluster golden_env_mixed_1
? Select the oVirt storage domain nfs_0
? Select the oVirt network ovirtmgmt
? Enter the internal API Virtual IP 10.0.0.1
? Enter the internal DNS Virtual IP 10.0.0.2
? Enter the ingress IP  10.0.0.3
? Base Domain ocp.org
? Cluster Name ocp
? Pull Secret [? for help] **********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to fetch dependency of "Bootstrap Ignition Config": failed to fetch dependency of "Master Machines": failed to generate asset "Platform Credentials Check": getting ovirt configuration: open /home/jan/.ovirt/ovirt-config.yaml: permission denied 
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ ls -ld /home/jan/.ovirt/
d-w-rwxr--. 2 jan jan 4096 Mar 17 10:15 /home/jan/.ovirt/
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ ls -l /home/jan/.ovirt/ovirt-config.yaml
ls: cannot access '/home/jan/.ovirt/ovirt-config.yaml': Permission denied
[jan@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]$ sudo su
[root@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]# ls -l /home/jan/.ovirt/ovirt-config.yaml
ls: cannot access '/home/jan/.ovirt/ovirt-config.yaml': No such file or directory
[root@localhost openshift-install-linux-4.4.0-0.nightly-2020-03-16-034024]# ls -l /home/jan/.ovirt/
total 0

Actual results:
FATAL failed to fetch Terraform Variables: failed to fetch dependency of "Terraform Variables": failed to fetch dependency of "Bootstrap Ignition Config": failed to fetch dependency of "Master Machines": failed to generate asset "Platform Credentials Check": getting ovirt configuration: open /home/jan/.ovirt/ovirt-config.yaml: permission denied 

Expected results:
As far as I know there's no reason openshift-install could not be executed as a non-root user, so we should allow for it.
Comment 4 Jan Zmeskal 2020-05-11 14:31:16 UTC 
Verified with: openshift-install-mac-4.5.0-0.nightly-2020-05-11-032504

Verification steps:
Running the whole IPI installation as a non-root user.
Comment 6 errata-xmlrpc 2020-08-04 18:05:41 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (OpenShift Container Platform 4.5 image release advisory), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:2409