Red Hat Bugzilla – Full Text Bug Listing
|Summary:||agetn rpm - logs in "/usr/share/jboss-on-version/agent/logs" doesn't always belong to jbosson-agent user.|
|Product:||[Other] RHQ Project||Reporter:||Armine Hovsepyan <ahovsepy>|
|Component:||Configuration||Assignee:||Stefan Negrea <snegrea>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:||Mike Foley <mfoley>|
|Version:||unspecified||CC:||hrupp, mfoley, snegrea|
|Target Release:||JON 3.1.0|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2013-09-03 11:18:36 EDT||Type:||Bug|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:|
Description Armine Hovsepyan 2012-06-27 09:06:20 EDT
Created attachment 594769 [details] logs permissions Description of problem: While installing agent through rpm and starting under root user with agent wrapper script, all logs in agent/logs directory belong root while should have belong to jbosson-agent, which leads to permission denied for all users besides root to start agent. Version-Release number of selected component (if applicable): org.jboss.on-jboss-on-parent-3.1.0.GA-8 How reproducible: always Steps to Reproduce: 1. install rhq agent through rpm 2. start service jon-agent as root 3. kill service jon-agent 4. log in with some other user 5. sudo service jon-agent start Actual results: access is denied to wrapper log, agent cannot be started Expected results: agent should be started, all logs should belong to jbosson-agent user Additional info: please get attached screenshot ot logs files permissions
Comment 1 Mike Foley 2012-07-02 10:49:47 EDT
bz triage by loleary, asantos, stefan, viet, armine, zjin .... expected behavior ... similar behavior as apache. this should be documented.
Comment 2 Mike Foley 2012-07-02 10:55:21 EDT
rechown needs to be done ... this is a development issue. assigning to stefan. and configurable user.
Comment 3 Stefan Negrea 2012-07-03 18:29:00 EDT
The reproduction steps are outside of the normal/recommended RPM and service use case. However, a couple of steps could be taken to avoid these problems: 1) Part of the startup script update file ownership for agent files to match the user that executes the service before the service is started 2) Allow users to easily configure the user that runs the service 3) Update the documentation with regards to the typical RPM usage
Comment 4 Stefan Negrea 2012-07-06 11:24:13 EDT
Updated init script for non-ec2 agent RPM to chown all files before attempting to start the agent. Also, moved the user/group configuration variables prominently at the top of the script.
Comment 5 Armine Hovsepyan 2012-07-12 06:50:55 EDT
all the files now belong to jbosson-agent:jbosson. verified!
Comment 6 Heiko W. Rupp 2013-09-03 11:18:36 EDT
Bulk closing of old issues in VERIFIED state.