Hide Forgot
Description of problem: pulp-admin node sync command can only be called by root because the command imports a constant from a module that reads /etc/pulp/server.conf. Running as non-root user raises permission-denied. Version-Release number of selected component (if applicable): 2.4.0-0.23.beta How reproducible: Always. Steps to Reproduce: 1. Run pulp-admin node sync ... 2. 3. Actual results: permission denied reading /etc/pulp/server.conf. Expected results: No errors. Additional info:
The easiest fix for this is to move PRIMARY_ID to constants.py and have all modules import from there.
The best fix is for the offending module to not read a config file at import time, but that is likely a longer-term fix.
I think there's something else really important to note here: pulp-admin can't be assumed to have an /etc/pulp/server.conf on the machine it is running on. Remember that pulp-admin connects over the REST API, so it's not necessarily on a machine that has pulp-server installed. Also, even if it does have a server.conf, that's no guarantee that it's the same server.conf for the server that pulp-admin is connecting to.
Two things need to happen here: 1. PRIMARY_ID to constants.py as suggested in #1. 2. Fix server/config.py Number 2 should be a separate BZ.
Bug opened against server/config.py https://bugzilla.redhat.com/show_bug.cgi?id=1160369.
The fix for issue #1 in comment 4 is merged to 2.5-dev and master. Marking BZ as MODIFIED since issue #2 has its own BZ now.
fixed in pulp 2.6.0-0.2.beta
On parent: >> rpm -qa pulp-server pulp-server-2.6.0-0.2.beta.el6.noarch >> [ec2-user@host ~]$ pulp-admin rpm repo create --repo-id gatto --feed https://repos.fedorapeople.org/repos/pulp/pulp/demo_repos/zoo/cat-1.0-1.noarch.rpm Successfully created repository [gatto] >> [ec2-user@host ~]$ pulp-admin node repo enable --repo-id gatto Repository enabled. Note: Repository [ gatto ] will not be available for node synchronization until published. See: the 'node repo publish' command. Warning: enabling with auto-publish may degrade repository synchronization performance. >> [ec2-user@host ~]$ pulp-admin node repo publish --repo-id gatto This command may be exited via ctrl+c without affecting the request. [\] Running... Publish succeeded. >> [ec2-user@host ~]$ pulp-admin node bind --node-id zoo --repo-id gatto Node bind succeeded. Note: Repository [ gatto ] will be included in node synchronization. >>[ec2-user@host ~]$ pulp-admin node sync run --node-id zoo This command may be exited via ctrl+c without affecting the request. (1/2) Repository: gatto [==================================================] 100% Synchronization succeeded +----------------------------------------------------------------------+ Child Node Synchronization +----------------------------------------------------------------------+ Repository: Action: Added Content Sources: Downloads: Total Sources: 0 Id: gatto Units: Added: 0 Removed: 0 Updated: 0 On child: >> find /var/lib/pulp/ -name "*.rpm" /var/lib/pulp/published/yum/https/repos/repos/pulp/pulp/demo_repos/zoo/cat-1.0-1.noarch.rpm
Moved to https://pulp.plan.io/issues/467