This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours
Bug 534387 - (RHQ-1189) be able to boot agent as specific user
be able to boot agent as specific user
Status: CLOSED NEXTRELEASE
Product: RHQ Project
Classification: Other
Component: Launch Scripts (Show other bugs)
unspecified
All All
medium Severity medium (vote)
: ---
: ---
Assigned To: John Mazzitelli
Corey Welton
http://jira.rhq-project.org/browse/RH...
: Improvement
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-11-26 14:32 EST by John Mazzitelli
Modified: 2009-09-01 12:03 EDT (History)
2 users (show)

See Also:
Fixed In Version: 1.2
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
rhq-agent-wrapper.sh (4.67 KB, application/save)
2008-11-28 14:01 EST, Rafael Soares (Tuelho)
no flags Details

  None (edit)
Description John Mazzitelli 2008-11-26 14:32:00 EST
See:

http://www.jboss.com/index.html?module=bb&op=viewtopic&t=146350

Do the same thing on UNIX as we do on Windows - have an envvar that tells the agent script what user to use to run the agent.

RHQ_AGENT_RUN_AS=myuser
su - $RHQ_AGENT_RUN_AS -c ...the agent java command...
Comment 1 Rafael Soares (Tuelho) 2008-11-28 14:00:08 EST
I change the rhq-agent-wrapper.sh script like this:

in function start:

...
case "$1" in
'start')
        if [ "$RUNNING" = "1" ]; then
           echo $STATUS
           exit 0
        fi

        echo Starting RHQ Agent...

        # force start with a specifc user
        if [ "x${RHQ_AGENT_RUN_AS}" != "x" ]; then
           RHQ_AGENT_START_SCRIPT="su -m - ${RHQ_AGENT_RUN_AS} -c '${RHQ_AGENT_START_SCRIPT}'"

           # this is beacause "$RHQ_AGENT_START_SCRIPT > /dev/null 2>&1" hide any OS message
           echo Enter password for ${RHQ_AGENT_RUN_AS}
        fi
...

This work here!

My env:
OS: Linux Debian
Jopr 2.1
JDK: 1.5

With this when a non root user execute rhq-agent-wrapper.sh the OS will ask for password. But this workaround is just for OS boot and in this case a root user is used.
Comment 2 John Mazzitelli 2008-11-28 14:36:06 EST
Nice. I'll put this on the list for 1.2 to see if we can incorporate it in the next release. Looks simple enough, we just have to test it on a bunch of platforms and make sure we aren't missing anything. we need to test this when:

1) running in foreground in a shell as one user and wanting to run the server as another user
2) running in foreground in a shell as one user and wanting to run the server as the same user
3) running in background as a boot job as one user and wanting to run the server as another user
4) running in background as a boot job as one user and wanting to run the server as the same user
Comment 3 John Mazzitelli 2008-11-30 03:41:46 EST
attaching a new wrapper.sh - work in progress but shows what the final solution is probably gonna look like.
Comment 4 John Mazzitelli 2008-11-30 03:42:14 EST
rhq-agent-env.sh is attached - comments tell you about the new variables
Comment 5 John Mazzitelli 2008-11-30 03:43:36 EST
I tried to keep the variable names consistent between the .bat and .sh scripts.
Comment 6 John Mazzitelli 2008-11-30 19:24:27 EST
i deleted the attachments from earlier. code is now checked in so you can see it there.

you can run the agent as another user via rhq-agent-wrapper.sh - see the -comments in env.sh script for the different env vars that control this feature.
Comment 7 John Mazzitelli 2008-12-01 16:05:51 EST
see the wrapper script you would use to start as another user:

http://svn.rhq-project.org/repos/rhq/trunk/modules/enterprise/agent/src/etc/rhq-agent-wrapper.sh

here's the env.sh that have comments to describe the new vars:

http://svn.rhq-project.org/repos/rhq/trunk/modules/enterprise/agent/src/etc/rhq-agent-env.sh
Comment 8 John Mazzitelli 2008-12-15 15:19:03 EST
UNIX doesn't have the RUN_AS_ME, RUN_AS settings.  read the comments in the env.sh file for the new way to do this (RHQ_AGENT_START_COMMAND)
Comment 9 Corey Welton 2009-01-27 14:27:21 EST
QA Verified, this seems to work.  I have tried running the agent in a variety of different valid (and invalid...) manners, across root and non-root users, with the server running as the same or as a different user.

Comment 10 Red Hat Bugzilla 2009-11-10 15:27:41 EST
This bug was previously known as http://jira.rhq-project.org/browse/RHQ-1189
Imported an attachment (id=368511)
This bug relates to RHQ-1194
This bug relates to RHQ-1108
This bug relates to RHQ-1041
This bug relates to RHQ-2400

Note You need to log in before you can comment on or make changes to this bug.