Description of problem: When logging in as a non-root user permission denied errors fill screen. Output: ==================================================== rm: cannot remove `/var/www/miq/vmdb/Gemfile.lock': Permission denied ln: creating symbolic link `/var/www/miq/vmdb/Gemfile.lock': File exists rm: cannot remove `/var/www/miq/vmdb/.bundle': Permission denied ln: creating symbolic link `/var/www/miq/vmdb/.bundle/.bundle': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/xsd2ruby.rb': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/ri': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/ziyafy': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/fission': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/thin': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/rake': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/aws-rb': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/httpclient': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/nokogiri': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/tt': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/rubyrep': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/oauth': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/fog': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/scss': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/rdoc': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/thor': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/lessc': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/restclient': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/user_agent_parser': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/sprockets': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/techbook': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/sass': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/bundler': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/rackup': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/rails': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/haml': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/wsdl2ruby.rb': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/erubis': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/sass-convert': Permission denied rm: cannot remove `/var/www/miq/vmdb/bin/tilt': Permission denied cp: cannot create directory `/var/www/miq/vmdb/bin/bin': Permission denied ==================================================== The file under /etc/profile.d called evm.sh: [test@test_01 profile.d]$ cat evm.sh [[ -s "/etc/default/evm" ]] && source "/etc/default/evm" # Aliases: alias vmdb='cd /var/www/miq/vmdb' Under /etc/default/evm there are three scripts ==================================================== [test@test_01 default]$ ls -lrth total 8.0K -rw-------. 1 root root 119 Mar 27 2015 useradd -rw-r--r--. 1 root root 1.8K Aug 26 06:07 nss lrwxrwxrwx. 1 root root 40 Oct 29 18:00 evm -> /var/www/miq/system/LINK/etc/default/evm lrwxrwxrwx. 1 root root 55 Oct 29 18:00 evm_productization -> /var/www/miq/system/LINK/etc/default/evm_productization lrwxrwxrwx. 1 root root 48 Oct 29 18:00 evm_bundler -> /var/www/miq/system/LINK/etc/default/evm_bundler ==================================================== When digging deeper and sourcing /etc/default/evm_productization it appears that sourcing /opt/rh/cfme-gemset/enable is the culprit (shown below) ==================================================== [test@dhcp181-37 default]$ cat evm_productization [[ -s /opt/rh/ruby200/enable ]] && source /opt/rh/ruby200/enable [[ -s /opt/rh/v8314/enable ]] && source /opt/rh/v8314/enable [[ -s /opt/rh/cfme-gemset/enable ]] && source /opt/rh/cfme-gemset/enable ==================================================== It seems that this file should not be sourced and should not be run on every user login as this could cause issues. Also, why is this being run while logging in as a non-root user? Version-Release number of selected component (if applicable): 5.4 How reproducible: 100%
Jared, What is the use case for logging in as a non-root user?
Root logins are disabled on there systems, users log in and issue commands via sudo.
Related to BZ1278076 Fixed in our cfme-gemset RPM spec by separating the parts of the enable script that are really for one-time setup into a setup script, and calling the setup script from the kickstart. http://pkgs.devel.redhat.com/cgit/rpms/cfme-gemset/commit/?h=cfme-rh-ruby22-5.5-rhel-7&id=1786f29bfbd65ad2306a993b6c9d2fb467fb9cf8 http://pkgs.devel.redhat.com/cgit/rpms/cfme-appliance/commit/?h=cfme-5.5-rhel-7&id=68780064a4dd1259a35d3794a16cd05ac0a32111
Verified in 5.5.0.11
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2015:2551