Bug 835892

Summary: agetn rpm - logs in "/usr/share/jboss-on-version/agent/logs" doesn't always belong to jbosson-agent user.
Product: [Other] RHQ Project Reporter: Armine Hovsepyan <ahovsepy>
Component: ConfigurationAssignee: Stefan Negrea <snegrea>
Status: CLOSED CURRENTRELEASE QA Contact: Mike Foley <mfoley>
Severity: medium Docs Contact:
Priority: high    
Version: unspecifiedCC: hrupp, mfoley, snegrea
Target Milestone: ---   
Target Release: JON 3.1.0   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-03 11:18:36 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On:    
Bug Blocks: 837381    
Attachments:
Description Flags
logs permissions none

Description Armine Hovsepyan 2012-06-27 09:06:20 EDT
Created attachment 594769 [details]
logs permissions

Description of problem:
While installing agent through rpm and starting under root user with agent wrapper script, all logs in agent/logs directory belong root while should have belong to jbosson-agent, which leads to permission denied for all users besides root to start agent.

Version-Release number of selected component (if applicable):
org.jboss.on-jboss-on-parent-3.1.0.GA-8

How reproducible:
always

Steps to Reproduce:
1. install rhq agent through rpm
2. start service jon-agent as root
3. kill service jon-agent
4. log in with some other user
5. sudo service jon-agent start
  
Actual results:
access is denied to wrapper log, agent cannot be started

Expected results:
agent should be started, all logs should belong to jbosson-agent user

Additional info:
please get attached screenshot ot logs files permissions
Comment 1 Mike Foley 2012-07-02 10:49:47 EDT
bz triage by loleary, asantos, stefan, viet, armine, zjin .... 

expected behavior ... similar behavior as apache.  

this should be documented.
Comment 2 Mike Foley 2012-07-02 10:55:21 EDT
rechown needs to be done ... this is a development issue.  assigning to stefan.  and configurable user.
Comment 3 Stefan Negrea 2012-07-03 18:29:00 EDT
The reproduction steps are outside of the normal/recommended RPM and service use case. However, a couple of steps could be taken to avoid these problems:

1) Part of the startup script update file ownership for agent files to match the user that executes the service before the service is started
2) Allow users to easily configure the user that runs the service
3) Update the documentation with regards to the typical RPM usage
Comment 4 Stefan Negrea 2012-07-06 11:24:13 EDT
Updated init script for non-ec2 agent RPM to chown all files before attempting to start the agent. Also, moved the user/group configuration variables prominently at the top of the script.
Comment 5 Armine Hovsepyan 2012-07-12 06:50:55 EDT
all the files now belong to jbosson-agent:jbosson.

verified!
Comment 6 Heiko W. Rupp 2013-09-03 11:18:36 EDT
Bulk closing of old issues in VERIFIED state.