Description of problem: Currently, on an OpenShift Online node, a non-root user cannot run facter under ruby 1.9.3, because openshift_facts.rb is in /opt/rh/ruby193/root/usr/share/ruby/vendor_ruby/facter/ , and it tries to read /etc/openshift/resource_limits.conf , which is only readable by root. You could fix this problem by changing this check: if File.exists?('/etc/openshift/resource_limits.conf') to if File.exists?('/etc/openshift/resource_limits.conf') and File.readable?('/etc/openshift/resource_limits.conf') but it would be more acceptable to place this file in a separate directory, and to set FACTERLIB appropriately for scripts which need the information it provides. For example, puppet places its facter libs in /var/lib/puppet/lib/facter/ Version-Release number of selected component (if applicable): openshift-origin-msg-node-mcollective-1.13.10-1.el6oso.noarch How reproducible: Always Steps to Reproduce: 1. rhc app create rb2 ruby-1.9 "http://cartreflect-claytondev.rhcloud.com/reflect?github=a13m/openshift-puppet-cartridge" --from-code https://github.com/a13m/openshift-puppet-demo (Note that you cannot test this by simply logging into a gear and running "facter" due to https://bugzilla.redhat.com/show_bug.cgi?id=985526 ) Actual results: Could not run: Could not retrieve facts for ex-std-node1.stg.rhcloud.com: Permission denied - /etc/openshift/resource_limits.conf is not readable An error occurred executing 'gear postreceive' (exit code: 1) Expected results: app creation should succeed.
I was fixed the issue with the platform code attempting to access the '/etc/openshift/resource_limits.conf' while running `gear deploy` in the gear user's context. I was not able correct the example cartridge/template application's puppet script targeting the system's facter vs. the facter provided in the cartridge. I notified the reporter of this. The new expected error is: Could not run: Could not retrieve facts for ip-10-114-157-11.ec2.internal: undefined method `enum_lsdev' for Facter::Util::Processor:Module An error occurred executing 'gear deploy' (exit code: 1) Error message: Failed to execute action hook 'deploy' for 22a5510c5f531347c00001c application rb2
Commit pushed to master at https://github.com/openshift/origin-server https://github.com/openshift/origin-server/commit/296f59ebc9ae4ab763b6522961f51125bba23351 Bug 1005364 - Restore gear user usage of facter * Being unable to access /etc/openshift/resource_limits.conf should not be a failure condition
It's fixed, verified on devenv_3758, please refer to the following results: # rhc app create rb2 ruby-1.9 "http://cartreflect-claytondev.rhcloud.com/reflect?github=a13m/openshift-puppet-cartridge" --from-code https://github.com/a13m/openshift-puppet-demo The cartridge 'http://cartreflect-claytondev.rhcloud.com/reflect?github=a13m/openshift-puppet-cartridge' will be downloaded and installed Application Options ------------------- Namespace: ccy Cartridges: ruby-1.9, http://cartreflect-claytondev.rhcloud.com/reflect?github=a13m/openshift-puppet-cartridge Source Code: https://github.com/a13m/openshift-puppet-demo Gear Size: default Scaling: no Creating application 'rb2' ... The initial build for the application failed: Shell command '/sbin/runuser -s /bin/sh 522d6abac7c23d318d000136 -c "exec /usr/bin/runcon 'unconfined_u:system_r:openshift_t:s0:c0,c1013' /bin/sh -c \"gear postreceive >> /tmp/initial-build.log 2>&1\""' returned an error. rc=255 .Last 10 kB of build output: Stopping Ruby cartridge Syntax error on line 10 of /var/lib/openshift/522d6abac7c23d318d000136/ruby/etc/conf.d/openshift.conf: DocumentRoot must be a directory httpd (no pid file) not running Building Ruby cartridge Starting application rb2 /opt/rh/ruby193/root/usr/share/rubygems/rubygems/custom_require.rb:36:in `require': iconv will be deprecated in the future, use String#encode instead. Could not run: Could not retrieve facts for ip-10-147-219-9.ec2.internal: undefined method `enum_lsdev' for Facter::Util::Processor:Module An error occurred executing 'gear postreceive' (exit code: 1) Error message: Failed to execute action hook 'deploy' for 522d6abac7c23d318d000136 application rb2 For more details about the problem, try running the command again with the '--trace' option.