| Summary: | Lack of pre-allocated uid/gid causes problems when e.g an NFS backend is used. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Steve Traylen <steve.traylen> |
| Component: | myproxy | Assignee: | Steve Traylen <steve.traylen> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 19 | CC: | andrew.elwell, jbasney, steve.traylen |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-08-05 08:46:59 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle. Changing version to '19'. (As we did not run this process for some time, it could affect also pre-Fedora 19 development cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.) More information and reason for this action is here: https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora19 This was was fixed with Dec 17 2012 with release 5.9-1.
# uid:gid 178:178 now reserved for myproxy. rhbz#733671
%pre server
getent group myproxy >/dev/null || groupadd -g 178 -r myproxy
getent passwd myproxy >/dev/null || \
useradd -u 178 -r -g myproxy -d %{_var}/lib/myproxy -s /sbin/nologin \
-c "User to run the MyProxy service" myproxy
exit 0
|
The myproxy user running the myproxy service has allocated a the uid/gid pair dynamically with: %pre server getent group myproxy >/dev/null || groupadd -r myproxy getent passwd myproxy >/dev/null || \ useradd -r -g myproxy -d %{_var}/lib/myproxy -s /sbin/nologin \ -c "User to run the MyProxy service" myproxy exit 0 This causes problems potentially in the common deployment option where the credentials are stored on a nfs volume for high availability. To resolve this a reservation has now been made for the user myproxy via Bug #733671 in the setup package. The myproxy user should be created with uid:gid 178:178 The logic above should be preserved such that the account (and group) are created only if they do not already exist. Steve.