784601 – Content sync fails if /var/lib/pulp/packages is a separate disk partition

Red Hat Satellite engineering is moving the tracking of its product development work on Satellite to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "Satellite project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs will be migrated starting at the end of May. If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "Satellite project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/SAT-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 784601 - Content sync fails if /var/lib/pulp/packages is a separate disk partition

Summary: Content sync fails if /var/lib/pulp/packages is a separate disk partition

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Installation
Sub Component:
Version:	6.0.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	Unspecified
Assignee:	Lukas Zapletal
QA Contact:	Garik Khachikyan
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2012-01-25 14:31 UTC by James Laska
Modified:	2019-09-25 21:08 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2012-08-22 18:22:41 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description James Laska 2012-01-25 14:31:17 UTC

Description of problem:

Attempting to sync content fails when /var/lib/pulp/packages is a separate disk partition.  I have the follwing /etc/fstab configuration ...

/dev/mapper/vg_yttrium-lv_root /                       ext4    defaults        1 1
UUID=75c73fb7-0f00-4441-b0ee-a5417c2a4ac3 /boot                   ext4    defaults        1 2
/dev/mapper/vg_yttrium-lv_pulp /var/lib/pulp/packages  ext4    defaults        1 2
/dev/mapper/vg_yttrium-lv_swap swap                    swap    defaults        0 0


Version-Release number of selected component (if applicable):
 * candlepin-0.5.10-1.el6.src.rpm
 * katello-0.1.193-2.el6.src.rpm
 * katello-certs-tools-1.0.2-2.el6.src.rpm
 * katello-cli-0.1.40-2.el6.src.rpm
 * katello-configure-0.1.54-2.el6.src.rpm
 * katello-httpd-ssl-key-pair-1.0-1.src.rpm
 * katello-qpid-broker-key-pair-1.0-1.src.rpm
 * katello-selinux-0.1.3-1.el6.src.rpm
 * katello-trusted-ssl-cert-1.0-1.src.rpm
 * pulp-0.0.256-1.el6.src.rpm

How reproducible:


Steps to Reproduce:
1. Install a system that has /var/lib/pulp/packages as a separate disk partition.
2. Register to RHN, or enable appropriate repositories
3. Install katello-all
4. Run katello-configure
5. Login to webui, import manifest, create custom providers/products/repos
6. Attempt to sync content

  
Actual results:

 * The sync fails with a *NASTY* long failure traceback

There were errors with one of the syncs: tracebackTraceback (most recent call last): File "/usr/lib/python2.6/site-packages/grinder/ParallelFetch.py", line 294, in run result = self.fetcher.fetchItem(itemInfo) File "/usr/lib/python2.6/site-packages/grinder/activeobject.py", line 82, in __call__ return self.object(self, *args, **kwargs) File "/usr/lib/python2.6/site-packages/grinder/activeobject.py", line 267, in __call__ return self.__call(method, args, kwargs) File "/usr/lib/python2.6/site-packages/grinder/activeobject.py", line 243, in __call return self.__rmi(method.name, args, kwargs) File "/usr/lib/python2.6/site-packages/grinder/activeobject.py", line 136, in __rmi raise Exception(ex)Exception: Traceback (most recent call last): File "/usr/lib/python2.6/site-packages/grinder/activeobject.py", line 429, in process retval = method(*args, **kwargs) File "/usr/lib/python2.6/site-packages/grinder/RepoFetch.py", line 51, in fetchItem verify_options=self.verify_options) File "/usr/lib/python2.6/site-packages/grinder/BaseFetch.py", line 181, in fetch self.makeDirSafe(tempDirPath) File "/usr/lib/python2.6/site-packages/grinder/BaseFetch.py", line 103, in makeDirSafe raise eOSError: [Errno 13] Permission denied: '/var/lib/pulp//packages/sigar-javadoc'error_typeerrorTraceback (most recent call last): File "/usr/lib/python2.6/site-packages/grinder/activeobject.py", line 429, in process retval = method(*args, **kwargs) File "/usr/lib/python2.6/site-packages/grinder/RepoFetch.py", line 51, in fetchItem verify_options=self.verify_options) File "/usr/lib/python2.6/site-packages/grinder/BaseFetch.py", line 181, in fetch self.makeDirSafe(tempDirPath) File "/usr/lib/python2.6/site-packages/grinder/BaseFetch.py", line 103, in makeDirSafe raise e OSError: [Errno 13] Permission denied: '/var/lib/pulp//packages/sigar-javadoc' in repository: se-rhel-6-candidate. See the log for more details.

 * /var/log/pulp/grinder.log fills up (along with 2 rotated logs)
4.5M -rw-r--r--. 1 apache apache 4.5M Jan 24 10:09 /var/log/pulp/grinder.log
9.6M -rw-r--r--. 1 apache apache 9.6M Jan 24 10:02 /var/log/pulp/grinder.log.1
9.6M -rw-r--r--. 1 apache apache 9.6M Jan 24 10:01 /var/log/pulp/grinder.log.2

Expected results:

 * While this is a customized installation, I'm not aware of any restrictions on system partitioning.  I might have expected either ..

   1. katello-configure to complain that /var/lib/pulp/packages isn't read/write
   2. katello-configure to chmod+chown /var/lib/pulp/packages appropriately
   3. documentation advising against this setup, or suggesting the administrator manually chown /var/lib/pulp/packages to apache:apache


Additional info:

# ls -ltd /var/lib/pulp/*
drwxr-xr-x. 5 apache apache 4096 Jan 24 10:10 /var/lib/pulp/published
drwxr-xr-x. 3 apache apache 4096 Jan 24 09:59 /var/lib/pulp/distributions
drwxr-xr-x. 3 apache apache 4096 Jan 24 09:59 /var/lib/pulp/cache
drwxr-xr-x. 3 apache apache 4096 Jan 24 09:34 /var/lib/pulp/repos
-rw-r--r--. 1 root   root      0 Jan 24 09:21 /var/lib/pulp/init.flag
drwxr-xr-x. 6 apache apache 4096 Jan 24 08:46 /var/lib/pulp/plugins
drwxr-xr-x. 3 root   root   4096 Jan 24 07:14 /var/lib/pulp/packages <--- DOH!

Comment 1 Lukas Zapletal 2012-01-26 10:48:32 UTC

It really looks like mis-configuration and pulp issue :-)

[root@ofed ~]# rpm -qf /var/lib/pulp         
pulp-0.0.261-1.el6.noarch

[root@ofed ~]# ls -lad /var/lib/pulp/packages
drwxr-xr-x. 10 apache apache 4096 Jan 26 09:53 /var/lib/pulp/packages

But yeah, I understand. I can add a rule to our installer that corrects permissions.

46afc6a 784601 - sync fails if /var/lib/pulp/packages is separate mount
* [new tag]         katello-configure-0.1.55-1 -> katello-configure-0.1.55-1

Comment 2 James Laska 2012-01-26 12:48:06 UTC

(In reply to comment #1)
> It really looks like mis-configuration and pulp issue :-)

It seems that way on the surface, but I believe it's a really a packaging/installation problem.  During system installation, I setup /var/lib/pulp/packages as a separate disk partition.  This creates the directory /var/lib/pulp/packages, which defaults to root:root (as is common when creating any mount via anaconda).  The pulp package is later installed, but since /var/lib/pulp/packages already exists, the directory is not created according to the default directory (%defattr) perms in pulp.spec.

pulp.spec does not explicitly provide permissions for /var/lib/pulp/packages, only it's parent directory.  I'll confirm whether an explicit stmt here would improve matters.

I would be less inclined to file a bug for this if there was some warning/error emitted during installation of the pulp package.  But inspection of /var/log/yum.log (and yum history) doesn't yield anything.

> But yeah, I understand. I can add a rule to our installer that corrects
> permissions.
> 
> 46afc6a 784601 - sync fails if /var/lib/pulp/packages is separate mount
> * [new tag]         katello-configure-0.1.55-1 -> katello-configure-0.1.55-1

Thanks!  Until I can figure out if there is room for any improvements in pulp.spec, that will most certainly catch any misconfiguration problems.

Comment 4 Corey Welton 2012-02-17 20:52:59 UTC

46afc6a 784601 - sync fails if /var/lib/pulp/packages is separate mount

Comment 6 Garik Khachikyan 2012-02-27 13:09:35 UTC

# VERIFIED

Fixed now. Having a separate lvm partition for /var/lib/pulp/packages before Katello install makes possible now repo sync of RHEL (and custom) products.

---
df -h
Filesystem            Size  Used Avail Use% Mounted on
/dev/mapper/vg_hostname-lv_root
                       26G  2.7G   22G  12% /
tmpfs                1004M     0 1004M   0% /dev/shm
/dev/sda1             485M   51M  409M  12% /boot
/dev/mapper/vg_pulp-lv_pulp_packages
                      5.8G  160M  5.4G   3% /var/lib/pulp/packages
---

drwxr-xr-x. apache apache system_u:object_r:httpd_sys_rw_content_t:s0 .
drwxr-xr-x. root   root   system_u:object_r:var_lib_t:s0   ..
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 cache
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 distributions
-rw-r--r--. root   root   unconfined_u:object_r:httpd_sys_rw_content_t:s0 init.flag
drwxr-xr-x. apache apache system_u:object_r:httpd_sys_rw_content_t:s0 packages
drwxr-xr-x. apache apache system_u:object_r:httpd_sys_rw_content_t:s0 plugins
drwxr-xr-x. apache apache system_u:object_r:httpd_sys_rw_content_t:s0 published
drwxr-xr-x. apache apache unconfined_u:object_r:httpd_sys_rw_content_t:s0 repos

Checked against: 
---
katello-0.2.2-1.git.1.080ec8e.el6.noarch
pulp-1.0.0-2.el6.noarch
candlepin-0.5.22-1.el6.noarch

Note You need to log in before you can comment on or make changes to this bug.