Bug 1214823 - rgw attempts to start using "apache" UID
Summary: rgw attempts to start using "apache" UID
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: Build
Version: 1.2.3
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: rc
: 1.2.4
Assignee: Ken Dreyer (Red Hat)
QA Contact: ceph-qe-bugs
URL:
Whiteboard:
Depends On: 1271774
Blocks: 1203926
TreeView+ depends on / blocked
 
Reported: 2015-04-23 15:28 UTC by Ken Dreyer (Red Hat)
Modified: 2022-02-21 18:20 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of: 1214518
Environment:
Last Closed: 2015-12-08 16:26:15 UTC
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Ceph Project Bug Tracker 11453 0 None None None Never
Red Hat Issue Tracker RHCEPH-3369 0 None None None 2022-02-21 18:20:35 UTC

Description Ken Dreyer (Red Hat) 2015-04-23 15:28:06 UTC
RGW's init script on RHEL runs the daemon as the "apache" UID, but it's clear that this configuration was not as well-tested as it should have been.

During the 1.2.3 release cycle we had multiple bugs crop up due to this configuration:
- bug 1184588
- bug 1202784
- others I am probably forgetting about

Still outstanding issues unfixed in 1.2.3:

- bug 1203926 , problem with log file permissions
- bug where the socket directory gets removed on every reboot in RHEL 7

Other aspects to consider:

- Debian's init systems have always run RGW as root. There was a brief change upstream, but it was quickly reverted (see http://tracker.ceph.com/issues/9001)

- We will have to switch to running RGW as root anyway to support Civetweb in 1.3. (bug 1214518)

Comment 1 Ken Dreyer (Red Hat) 2015-10-19 17:27:20 UTC
https://github.com/ceph/ceph/pull/4638 shipped in Ceph v0.80.10 upstream, so we'll take in in as part of the RHCS 1.2 rebase to Ceph v0.80.11 (bz 1271774)

Comment 2 Tamil 2015-10-20 23:57:15 UTC
Ken, what is the list of things that has to be covered as part of this bug verification?

Comment 3 Ken Dreyer (Red Hat) 2015-10-21 00:08:20 UTC
Basically sanity-test that "service ceph-radosgw start" works on RHEL 6 and RHEL 7, both before and after rebooting, etc.

`ps -elf | grep radosgw` should show that the radosgw service is running as root, not apache.

Comment 4 Ken Dreyer (Red Hat) 2015-12-08 16:26:15 UTC
Closing all RHCS 1.2 bugs, since we are not planning to do a formal RHCS 1.2.4 release.

This particular issue was already fixed in RHCS 1.3, in https://bugzilla.redhat.com/show_bug.cgi?id=1214518


Note You need to log in before you can comment on or make changes to this bug.