Bug 1093370 - JON plugin for EAP 6 cannot create an admin user in a moved configuration directory
Summary: JON plugin for EAP 6 cannot create an admin user in a moved configuration dir...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: JBoss Operations Network
Classification: JBoss
Component: Plugin -- JBoss EAP 6
Version: JON 3.2
Hardware: Unspecified
OS: Unspecified
unspecified
low
Target Milestone: ER04
: JON 3.3.0
Assignee: Libor Zoubek
QA Contact: Filip Brychta
URL:
Whiteboard:
Depends On: 1093374
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-05-01 14:36 UTC by Tom Fonteyne
Modified: 2018-12-05 18:24 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A bug in HostConfiguration.java of the EAP 6 Plug-in prevented the Add User operation from succeeding in cases where EAP was started with the "configuration" directory set to a non-default location. The Add User operation was only ever intended for development using a default JBoss EAP standalone or domain installation. That being said, moving the directory should not have broken the functionality. A fix to the plug-in now correctly resolves the path to the "configuration" directory, which allows the Add User operation to succeed.
Clone Of:
Environment:
Last Closed: 2014-12-11 14:00:10 UTC
Type: Bug


Attachments (Terms of Use)

Description Tom Fonteyne 2014-05-01 14:36:26 UTC
After detecting/importing an EAP 6 instance, JON can execute an operation:

"install an RHQ user"

which is intended to add a user/password to the mgmt-users.properties file in "domain/configuration" or in "standalone/configuration"

EAP supports moving the base directory, for example "standalone" and up to a point JON supports that. However, EAP also supports moving the "configuration" directory either with a relative path or an absolute path.
The JON plugin does not cope with this.

The problem is located in

rhq/source/modules/plugins/jboss-as-7/src/main/java/org/rhq/modules/plugins/jbossas7/helper/HostConfiguration.java

"relative-to" is a so called "named path"; an alias for a directory.
"path" is either relative to the resolved "relative-to" setting, or when the latter is not set, an absolute path

example:
path: mgmt-users.properties
relative-to: jboss.server.config.dir

Full path:    /opt/jboss/standalone/configuration/mgmt-users.properties

However, if "jboss.server.config.dir" has been redefine, lets say "/var/jboss/config"; then the above resolved to

/var/jboss/config/mgmt-users.properties

JON code breaks on this:


217     public File getSecurityPropertyFile(File baseDir, AS7Mode mode, String realm) {
218         String fileName = obtainXmlPropertyViaXPath("//security-realms/security-realm[@name='" + realm
219             + "']/authentication/properties/@path");
220         String relDir = obtainXmlPropertyViaXPath("//security-realms/security-realm[@name='" + realm
221             + "']/authentication/properties/@relative-to");
222 
223         String dmode;
224         if (mode == AS7Mode.STANDALONE)
225             dmode = "server";
226         else
227             dmode = "domain";
228 
229         File configDir;
230         if (relDir.equals("jboss." + dmode + ".config.dir")) {
231             configDir = new File(baseDir, "configuration");
232         } else {
233             configDir = new File(relDir);
234         }
235         File securityPropertyFile = new File(configDir, fileName);
236 
237         return securityPropertyFile;
238     }

problematic lines are:

229         File configDir;
230         if (relDir.equals("jboss." + dmode + ".config.dir")) {
231             configDir = new File(baseDir, "configuration");
232         } else {
233             configDir = new File(relDir);
234         }
235         File securityPropertyFile = new File(configDir, fileName);
236 
237         return securityPropertyFile;
238     }

As (for now) I assume the plugin cannot resolve the relative-to named path, a first correction to the code should be:

230         if (relDir == null || relDir.isEmpty()) {
231             return new File(fileName);
232         } else {
233             return new File(baseDir, "configuration");
234         }
238     }

This at least allows customers to set "path" to a fully qualified pathname for the file (and remove relative-to)
thus allowing to have the configuration directory elsewhere.


A better solution would be:


230         if (relDir == null || relDir.isEmpty()) {
231             return new File(fileName);
232         } else {
233             return new File(resolveNamedPath(relDir));
234         }
238     }

resolveNamedPath(..) would need to be able to ask JBoss to resolve the named path of course.
I'm not sure if that is possible right now.
I presume "AS7Mode mode" would need to be extended to take the configuration directory

Comment 1 Larry O'Leary 2014-06-05 13:15:11 UTC
Reducing severity as this is an unsupported operation.

Users should be added and managed by the JBoss EAP security implementation. The Add User operation provided by the AS7 plug-in is intended for development using a default JBoss EAP standalone or domain installation.

Comment 2 Libor Zoubek 2014-07-10 15:40:45 UTC
Bug 1093374 is fixed in master - this BZ is it's product duplicate

Comment 3 Simeon Pinder 2014-07-31 15:52:14 UTC
Moving to ON_QA as available to test with brew build of DR01: https://brewweb.devel.redhat.com//buildinfo?buildID=373993

Comment 4 Jan Bednarik 2014-09-12 10:51:40 UTC
Moving to ASSIGNED.

I moved the ~/jboss-eap-6.3/standalone/configuration directory to new location: ~/jboss-eap-6.3/standalone/newdir/configuration. Then I started the eap standalone server using ./standalone.sh -Djboss.server.config.dir=~/jboss-eap-6.3/standalone/newdir/configuration. The server started with no errors and JON displays it as available resource. JON even displays the right new path in Configuration->Server environment->Config Dir property.

However an operation Install RHQ user fails as JON tries to search for the mgmt-users.properties file under the old location.

java.lang.Exception: Management users properties file [/home/hudson/jboss-eap-6.3/standalone/configuration/mgmt-users.properties] is not writable.
	at org.rhq.core.pc.operation.OperationInvocation.run(OperationInvocation.java:278)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:744)

Comment 5 Jan Bednarik 2014-09-12 10:58:40 UTC
Tested on:
Version:3.3.0.ER02
Build Number:4fbb183:7da54e2

Comment 6 Jan Bednarik 2014-09-15 14:59:13 UTC
Moving to VERIFIED.

After the configuration directory is moved to a new location and EAP is started again, the original EAP resource appears as UP again in the JON web UI, but it is not possible to perform the required operations (Install RHQ user).

Nevertheless the new EAP resource is discovered on which (after inventorying) it is possible to perform Install RHQ user operation. Therefore this BZ is verified. See also BZ 1141839 which describes the newly discovered bug.


Note You need to log in before you can comment on or make changes to this bug.