Bug 1101516
| Summary: | SQLite database created with bad permission/ownership | ||
|---|---|---|---|
| Product: | Red Hat OpenStack | Reporter: | Tomas Rusnak <trusnak> |
| Component: | openstack-sahara | Assignee: | Elise Gafford <egafford> |
| Status: | CLOSED ERRATA | QA Contact: | Luigi Toscano <ltoscano> |
| Severity: | urgent | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | dnavale, egafford, kbasil, ltoscano, matt |
| Target Milestone: | z4 | Keywords: | ZStream |
| Target Release: | 5.0 (RHEL 7) | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | openstack-sahara-2014.1.3-3.el7ost | Doc Type: | Bug Fix |
| Doc Text: |
Previously, SQLite database was created by a user who ran the database management script, resulting in Sahara being unable to read the default database without changing ownership of the database.
With this update, the file is not touched and the ownership is assigned to Sahara (for only the default file location). As a result, Sahara now has access to its database in the default flow.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-04-16 14:37:11 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
The openstack-sahara package now ships an empty SQLite3 database in /var/lib/sahara/sahara-server.db whose owner/group owner are sahara/sahara, and the permissions are 0700. This configuration allows users to properly configure the database without additional steps. (This issue is relevant only when a SQLite3 db is used). Verified on openstack-sahara-2014.1.3-3.el7ost.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0825.html |
Description of problem: Sahara database migration is creating sahara-server.db in /var/lib/sahara. As the sahara directory have sahara.sahara owner/group, the database file have root.root as an owner set by sahara-db-manage. Due to this, any write (INSERT) attempt to the database ends with error like: OperationalError: (OperationalError) attempt to write a readonly database u'INSERT INTO node_group_templates (created_at, updated_at, id, name, description, tenant_id, flavor_id, image_id, plugin_name, hadoop_version, node_processes, node_configs, volumes_per_node, volumes_size, volume_mount_prefix, floating_ip_pool) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)' ('2014-05-27 11:32:26.741107', None, u'a7591a2a-de8b-4d1f-9909-c66a1e885e16', u'node-group-template', u'', u'6809bd3836de4440a06a6c89a865cdc4', u'1', None, u'vanilla', u'1.2.1', '["namenode", "datanode", "secondarynamenode", "oozie", "tasktracker", "jobtracker", "hiveserver"]', '{"HDFS": {}, "JobFlow": {}, "MapReduce": {}, "Hive": {}}', 0, 0, '/volumes/disk', None) Version-Release number of selected component (if applicable): openstack-sahara.noarch-2014.1.0-13.fc20 How reproducible: 100% Steps to Reproduce: 1. configure sahara to use sqlite 2. create/migrate database with sahara-db-manage --config-file /etc/sahara/sahara.conf upgrade head 3. # ls -la /var/lib/sahara/sahara-server.db -rw-r--r--. 1 root root 46080 May 22 10:26 /var/lib/sahara/sahara-server.db Actual results: database with bad owner/group is in read-only mode for sahara daemon Expected results: database file should have sahara.sahara owner