Description of problem: Creation of log files by the root user causes permission problems for the cumin service later on. This occurs when an app running as root attempts to log and finds that the particular log file needs to be created. In this case, the log file is owned by root and cannot be written by the cumin user later on. Version-Release number of selected component (if applicable): I believe the possibility for this appeared in cumin-0.1.4410-2.el5 when the rpm was changed to add the "cumin" user. How reproducible: 100% Steps to Reproduce: 1. rm -rf /var/log/cumin/data.log 2. run cumin-data manually as root user from command line 3. ctrl-C 4. ls -ltr /var/log/cumin to see that data.log is owned by root. 5. /sbin/service cumin start Actual results: The cumin-data process will get exceptions trying to access the log file. ps -ef | grep -i cumin-data should show a defunct process. /usr/bin/cumin will continue to try to start new instances, which will fail. Expected results: Cumin should run normally. Additional info: This could happen with cumin-web and the web.log file as well. As long as the log files exist and are owned by "cumin" before root runs anything, the problem will not be seen.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause If a cumin application such as cumin-admin or cumin-web is run as the "root" user and it creates a log file in $CUMIN_HOME/log, the log file will be owned by the "root" user and will not be writable by the "cumin" user. Consequence Cumin applications run as the "cumin" user that write to such log files will raise exceptions and exit. This applies to the cumin service when started with /sbin/service cumin start. Fix If a cumin application run as the "root" user creates a log file, the file's ownership will be changed to match the ownership of the containing directory. Result Since the ownership of $CUMIN_HOME/log is set to the "cumin" user at installation, any cumin applications that create log files in $CUMIN_HOME/log will set ownership of those log files to the "cumin" user.
Also added logging for cumin-admin back in, which had been removed because of this problem. cumin-admin now logs to admin.log, instead of data.log as previous.
Verified in all versions since cumin-0_1_4552-1_el5 up to cumin-0.1.4683-1.el5
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2011-0889.html