Bug 1733247 - satellite-backup requires root sudo [NEEDINFO]
Summary: satellite-backup requires root sudo
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Backup & Restore
Version: 6.3.1
Hardware: All
OS: All
unspecified
medium vote
Target Milestone: Unspecified
Assignee: satellite6-bugs
QA Contact: Lucie Vrtelova
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2019-07-25 14:05 UTC by James
Modified: 2019-09-26 14:53 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-09-05 15:32:16 UTC
Target Upstream Version:
bbuckingham: needinfo? (jerickson)


Attachments (Terms of Use)

Description James 2019-07-25 14:05:00 UTC
Description of problem:


Version-Release number of selected component (if applicable):


How reproducible:
100%

Steps to Reproduce:
1. change /etc/nsswitch.conf to remove file auth for sudoers
<sudoers:        files sss
>sudoers:        sss

2. run 'satellite-backup /tmp' as root


Actual results:
Starting backup:
Creating backup folder /tmp/satellite-backup
root is not in the sudoers file.  This incident will be reported.
****cancelled****
Postgres user needs write access to the backup directory
Please select a directory, such as /tmp or /var/tmp which allows Postgres write access
Cleaning up backup folder and starting any stopped services...
Redirecting to /bin/systemctl start mongod.service
Redirecting to /bin/systemctl start postgresql.service
Redirecting to /bin/systemctl start tomcat.service
Redirecting to /bin/systemctl start pulp_workers.service
Redirecting to /bin/systemctl start pulp_resource_manager.service
Redirecting to /bin/systemctl start pulp_streamer.service
Redirecting to /bin/systemctl start pulp_celerybeat.service
Redirecting to /bin/systemctl start httpd.service
Redirecting to /bin/systemctl start foreman-tasks.service
Done.


Expected results:
Successful backup

Additional info:
There is no real reason to require sudo for root:
/usr/share/katello/backup.rb - 
if uid=0 su postgres -c <command>
else sudo -u postgres <command>

Comment 3 Brad Buckingham 2019-07-25 20:28:51 UTC
Hello James,

Can you confirm what release of Satellite you are observing this behavior on?

This should be solved in the most Satellite 6.5 (and possibly 6.4).  Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1572277#c7

Thanks!

Comment 4 Bryan Kearney 2019-09-05 15:32:16 UTC
No info was provided. Closing this out as CURRENT_RELEASE based on comment 3.


Note You need to log in before you can comment on or make changes to this bug.