Description of problem: The Aviary getJobData method seems to require group execute permission on directories in order for it to return data. Otherwise, it returns permission denied errors. In contrast, the corresponding QMF method will work with permissions restricted to the owner. Version-Release number of selected component (if applicable): How reproducible: 100% Steps to Reproduce: 1. Submit a job with output, error, and log paths (I set output, error, and log paths with full paths) 2. Restrict directory permissions to owner 3. Try get file data through Aviary getJobData calls (I used cumin), it should fail 4. Set group execute permission on the directory 5. Get data again, it should succeed this time. Repeat using QMF, operation should succeed with restricted permissions. Actual results: as above Expected results: Aviary should show the same behavior as QMF. Additional info: From operations on a job "sheep" on a VM with output, error, and log set accordingly. # ls -ltrd /home/tmckay/ drwx------ 24 tmckay tmckay 4096 Sep 16 14:29 /home/tmckay/ # ls -ltrd /home/tmckay/sheep.* -rw------- 1 tmckay tmckay 0 Sep 16 14:29 /home/tmckay/sheep.output -rw------- 1 tmckay tmckay 0 Sep 16 14:29 /home/tmckay/sheep.error -rw------- 1 tmckay tmckay 153 Sep 16 14:34 /home/tmckay/sheep.log Operations throgh Cumin with QMF succeed. Stop Cumin, restart using Aviary, same ops fail with errno 13. # chmod g+x /home/tmckay Now Operations succeed.
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Cause: Permission error when attempting to retrieve the contents of a file using Aviary getJobData operation. Consequence: User is unable to retrieve file through Aviary API whereby similar QMF version works. Fix: Code modified to adjust file permissions earlier in getJobData implementation. Result: User can retrieve file through QMF and Aviary interface.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,4 +1 @@ -Cause: Permission error when attempting to retrieve the contents of a file using Aviary getJobData operation. +Cause: Permission error when attempting to retrieve the contents of a file using Aviary getJobData operation. Consequence: User is unable to retrieve file through Aviary API whereby similar QMF version works. Fix: Code modified to adjust file permissions earlier in getJobData implementation. Result: User can retrieve file through QMF and Aviary interface.-Consequence: User is unable to retrieve file through Aviary API whereby similar QMF version works. -Fix: Code modified to adjust file permissions earlier in getJobData implementation. -Result: User can retrieve file through QMF and Aviary interface.
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1 +1,4 @@ -Cause: Permission error when attempting to retrieve the contents of a file using Aviary getJobData operation. Consequence: User is unable to retrieve file through Aviary API whereby similar QMF version works. Fix: Code modified to adjust file permissions earlier in getJobData implementation. Result: User can retrieve file through QMF and Aviary interface.+Cause: Permission error when attempting to retrieve the contents of a file using Aviary getJobData operation. +Consequence: User is unable to retrieve file through Aviary API whereby similar QMF version works. +Fix: Code modified to adjust file permissions earlier in getJobData implementation. +Result: User can retrieve file through QMF and Aviary interface.
Successfully reproduced with: $CondorVersion: 7.6.3 Jul 27 2011 BuildID: RH-7.6.3-0.3.el5 $ $CondorPlatform: X86_64-RedHat_5.6 $ Not accessible using aviary if there is no group execute permission.
Tested on: $CondorVersion: 7.6.5 Oct 31 2011 BuildID: RH-7.6.5-0.5.el5 $ $CondorPlatform: I686-RedHat_5.7 $ $CondorVersion: 7.6.5 Oct 31 2011 BuildID: RH-7.6.5-0.5.el5 $ $CondorPlatform: X86_64-RedHat_5.7 $ $CondorVersion: 7.6.5 Oct 31 2011 BuildID: RH-7.6.5-0.5.el6 $ $CondorPlatform: I686-RedHat_6.1 $ $CondorVersion: 7.6.5 Oct 31 2011 BuildID: RH-7.6.5-0.5.el6 $ $CondorPlatform: X86_64-RedHat_6.1 $ Files are accessible using aviary without group execute permission on directory. >>> VERIFIED
Technical note updated. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,4 +1 @@ -Cause: Permission error when attempting to retrieve the contents of a file using Aviary getJobData operation. +When attempting to retrieve the contents of a file using the Aviary getJobData() function, a permission error occurred and the user was unable to finish the operation through the Aviary API even though it was possible to do via QMF (Qpid Management Framework). With this update, the getJobData() code has been modified to adjust file permissions earlier, and users can now retrieve files both through QMF and Aviary interfaces.-Consequence: User is unable to retrieve file through Aviary API whereby similar QMF version works. -Fix: Code modified to adjust file permissions earlier in getJobData implementation. -Result: User can retrieve file through QMF and Aviary interface.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2012-0045.html