Bug 731856

Summary: luci supports configuration via /etc/sysconfig/luci from RHEL6.1 on, not covered in doc
Product: Red Hat Enterprise Linux 6 Reporter: Jan Pokorný [poki] <jpokorny>
Component: doc-Cluster_AdministrationAssignee: Steven J. Levine <slevine>
Status: CLOSED NEXTRELEASE QA Contact: ecs-bugs
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.1CC: pkennedy, slevine
Target Milestone: rcKeywords: Documentation
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-11-14 21:46:22 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 733753    
Deadline: 2011-09-02   

Description Jan Pokorný [poki] 2011-08-18 19:59:18 UTC 
RHEL 6.1 brought luci 0.23 (originally luci-0.23.0-13.el6), which initially
provides a mean of user configuration via /etc/sysconfig/luci.  This is
quite a notable feature, new in this RHEL release.  It originated in
upstream change related to RFE/bug #661386.

There were plentiful internal changes around that time with this one,
exceptionally having external impact, being amongst them.  That's why
these changes got into RHEL 6.1 luci release in a batch and because
I originally (by mistake and maybe partly by circumstances) hadn't
qualified this change as worth documenting, it went in silently.

So I am rectifying this now, ex-post but still...

As I am responsible for respective code change, I am stating notable
details below and feel free to ask additional questions.


Details
=======

(insert the very first sentence from above here)
This file can be used to configure some aspects of luci behavior.
Specifically, those are initscript/auxiliary configuration, server
configuration and an application one as also reflected by file structure [1].
In addition, configuration file is very verbose about particular items,
so there is no need to document them item-by-item.

Perhaps most notable one, which would deserve documenting, is the ability
to change a port luci being served at by uncommenting:
---
#port = 4443
---
and inserting a desired port number (higher then or equal to 1024, i.e. not
a privileged port), e.g.:
---
port = 7084
---
Non-configuration lines should not be changed to protect the intended format.
Also one should pay attention to the syntax required (initscript section
is more strict: no spaces around equal sign and quoting strings with white
spaces; this may be applied with other sections too but more relaxed syntax
is also fine there).

It should probably also be noted that "who.auth_tkt_timeout" configuration
item is not effective on RHEL 6.1 since there is not enough up-to-date
python-repoze-who package ("requires repoze.who >= 1.0.14" note applies).
This may change in subsequent RHEL releases.

Another thing good to mention is note that with changing some configuration
item here (i.e. redefining a default value), one has to be careful and
adjust documentation instructions accordingly (e.g. port enabled on firewall,
URL where to access luci instance etc.).


Sidenotes
=========

1. There is possibility for users to configure a subset of configuration
items (port amongst them) with older luci v0.22 on RHEL 6.0 too (via
/var/lib/luci/etc/luci.ini), but this is discouraged/not guaranteed
and (luckily) not documented [2].

2. First-gen luci on RHEL 5 (and maybe 4; luci < 0.20 which was maybe only
a part of conga package, not a standalone package that came later on) did
also allow to be configured by /etc/sysconfig/luci [3], but there is no
connection, although items may be similar.

3. The support of /etc/sysconfig/luci will continue through RHEL 6.2
further and nothing should change dramatically in this regard.


[1] http://git.fedorahosted.org/git/?p=luci.git;a=blob_plain;f=input_files/sysconfig/sysconfig.in
[2] http://www.redhat.com/search?q=%2Fvar%2Flib%2Fluci%2Fetc%2Fluci.ini&site=redhat_docs
[3] http://www.redhat.com/search?q=%2Fetc%2Fsysconfig%2Fluci&site=redhat_docs
Comment 2 Jan Pokorný [poki] 2011-08-26 17:36:09 UTC 
(In reply to comment 0)
> It should probably also be noted that "who.auth_tkt_timeout" configuration
> item is not effective on RHEL 6.1 since there is not enough up-to-date
> python-repoze-who package ("requires repoze.who >= 1.0.14" note applies).
> This may change in subsequent RHEL releases.

The referred change might (hopefully) come with RHEL 6.3, please see bug 733753
(I set it being dependent on this one + added Documentation keyword).
Comment 3 Steven J. Levine 2011-08-26 17:51:34 UTC 
Jan:

---------
It should probably also be noted that "who.auth_tkt_timeout" configuration
item is not effective on RHEL 6.1 since there is not enough up-to-date
python-repoze-who package ("requires repoze.who >= 1.0.14" note applies).
This may change in subsequent RHEL releases.
--------

I will add a small section on this file to the Conga chapter of the Cluster Administration Guide for RHEL 6.2, summarizing the information contained in this BZ. But as to this feature: The general documentation is not the place to note what does not work -- that is, in a 6.2 document I can't really point to a feature and say "this does not work in 6.2". But I looked at the /etc/sysconfig/luci file and, as you note, the repoze.who note applies so that should probably be enough I think.

When I write up the new section (in a matter of days -- it's the very end of rhel6.2 doc time) I will send it to you for review.

Thanks.

-Steven
Comment 4 Steven J. Levine 2011-08-26 17:52:35 UTC 
I submitted Comment 3 before I saw Comment 2.

But for now I'm still not really sure that I can point to this in the rhel 6.2 documentation -- it seems more something for the release notes.
Comment 5 Jan Pokorný [poki] 2011-08-29 14:09:16 UTC 
TBH, I just wanted this piece of work to reach its "happy end" because
it got stuck in the middle (my bad, at least partly).

I completety agree it does not contribute to a good image stating what
does not currently work, yet exposed.  Release notes are okay, too;
in fact I do not care much about the form, I do care about general
awareness of /etc/sysconfig/luci feature by the target audience.
Comment 7 Steven J. Levine 2011-08-29 14:20:03 UTC 
Jan: 

I'll try to write something up today (Monday August 29) and get it to you for review -- it should be straightforward (I hope). Documenting the existence of /etc/sysconfig/luci easily belongs with the general luci/Conga documentation. The issue for the NEEDINFO is where (or even whether) lack of current support for who.auth_tkt_timeout in RHEL 6.2 should be mentioned.

0Steven
Comment 16 Steven J. Levine 2011-09-02 18:26:29 UTC 
I've made the indicated updates to my working draft.
Comment 17 Steven J. Levine 2011-09-09 15:01:52 UTC 
I've made the changes from Jan's review (in comments 10, 11, and 15) and checked them in, but this BZ is still in NEEDINFO since Jan set it for Lon to ask his opinion on whether we need to call out lack of current support for who.auth_tkt_timeout in RHEL 6.2 should be mentioned, as noted in Comment 7.

IMO, that's not really something that should go in the document but, rather, should go in the Release Notes -- it's a mention of lack of support. So as a matter of status the documentation in Cluster Administration on this feature is complete for 6.2 (and reviewed by Jan) and I'll move this into ON_QA when we resolve the issue of where/if to explicitly document lack of support of who.auth_tkt_timeout.
Comment 18 Steven J. Levine 2011-09-13 20:23:50 UTC 
Removing the NEEDINFO because that's holding this BZ up from a pubs point of view, but I have final review from Jan for the document, and Jan has gotten Lon's input on IRC.
Comment 35 Steven J. Levine 2011-09-29 21:19:25 UTC 
I'm not sure what you mean by your question about whether your point 4 in comment 26 was improper. You wrote "when enabling IP port that runs luci" and that needs an article:  "when enabling an IP port that runs luci". But then we changed the phrase a couple of times and it now says "when you enable an IP port for luci".
Comment 40 Steven J. Levine 2011-11-14 21:46:22 UTC 
Latest build for 6.2 GA:
Red_Hat_Enterprise_Linux-Cluster_Administration-6-web-en-US-0-114_el6eng

Moving to CLOSED.