Bug 734851 - service katello start - Permission denied
Summary: service katello start - Permission denied
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Packaging
Version: 6.0.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified vote
Target Milestone: Unspecified
Assignee: Lukas Zapletal
QA Contact: Katello QA List
URL:
Whiteboard:
Depends On:
Blocks: katello-blockers
TreeView+ depends on / blocked
 
Reported: 2011-08-31 15:54 UTC by Lukas Zapletal
Modified: 2019-09-26 13:20 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-08-22 17:54:52 UTC


Attachments (Terms of Use)

Description Lukas Zapletal 2011-08-31 15:54:50 UTC
/usr/lib/ruby/gems/1.8/gems/rack-1.1.0/lib/rack/server.rb:208:in `initialize': Permission denied - /usr/share/katello/tmp/pids/server.pid (Errno::EACCES)
        from /usr/lib/ruby/gems/1.8/gems/rack-1.1.0/lib/rack/server.rb:208:in `open'
        from /usr/lib/ruby/gems/1.8/gems/rack-1.1.0/lib/rack/server.rb:208:in `write_pid'
        from /usr/lib/ruby/gems/1.8/gems/rack-1.1.0/lib/rack/server.rb:154:in `start'
        from /usr/lib/ruby/gems/1.8/gems/railties-3.0.5/lib/rails/commands/server.rb:65:in `start'
        from /usr/lib/ruby/gems/1.8/gems/railties-3.0.5/lib/rails/commands.rb:30
        from /usr/lib/ruby/gems/1.8/gems/railties-3.0.5/lib/rails/commands.rb:27:in `tap'
        from /usr/lib/ruby/gems/1.8/gems/railties-3.0.5/lib/rails/commands.rb:27
        from /usr/share/katello/script/rails:81:in `require'
        from /usr/share/katello/script/rails:81
=> Booting WEBrick

Comment 1 Lukas Zapletal 2011-08-31 15:55:35 UTC
Do not run katello under root "by hand".

I will add check or erase pid prior starting to prevent from this behavior.

Comment 2 Lukas Zapletal 2011-08-31 16:05:07 UTC
Implemented a simple check:

4dff421 734851 - service katello start - Permission denied

check_privilege() {
    runuser -s /bin/sh ${KATELLO_USER} -c "echo x > /dev/null" 2> /dev/null || RETVAL=4
    if [ $RETVAL = 4 ]; then
        echo "User had insufficient privilege";
        exit $RETVAL
    fi
}

Example session:

[root@dea ~]# touch /var/lib/katello/tmp/pids/server.pid

[root@dea ~]# service katello start
Incorrect permissions, please do not run katello as root
Correct permission of all log files and pid file to 'katello' user:
chown katello:katello /usr/share/katello/tmp/pids/server.pid
chown -R katello:katello /var/lib/katello

[root@dea ~]# rm /var/lib/katello/tmp/pids/server.pid
rm: remove regular empty file `/var/lib/katello/tmp/pids/server.pid'? y

[root@dea ~]# service katello start
Starting katello: ....................................

Comment 3 Corey Welton 2011-09-23 17:30:23 UTC
QA Verified.


Note You need to log in before you can comment on or make changes to this bug.