Description of problem: Latest Stefan's changes in content system added new feature: RHQ-Sha256 value is being written into manifest of deployed WAR once it becomes managed by content subsystem. My WAR is deployed exploded and it is as simple as it does not have manifest. I run server under user eap and agent under root. I come in to troubles when I need to undeploy my app (using JON UI). Agent tries to add RHQ-Sha256 to manifest and when it does not exist, it creates it, with root's permissions. Version-Release number of selected component (if applicable): Version: 3.0.1.GA Build Number: dd8a001:c5270fb How reproducible:always Steps to Reproduce: 1.have JON server, agent (run under root), EAP 5 (run under any non-privileged user) 2. deploy WAR without manifest to EAP as exploded 3. updateBackingContent of your WAR using CLI (I suppose that this action triggers writing RHQ-SHA256 to manifest) 4. remove WAR from server using JON UI Actual results: remove operation seems to succeed, but deployment is rediscovered and maked as offline, on server, manifest created by JON remains in deployment's dir Expected results: not sure, maybe agent could read and use permissions of deployment dir when creating manifest Additional info: This is not a common usecase. Most WARs have manifest and also running agent under root is not recommended.
Changing severity to high, because it actually makes sense to run agent under different user than EAP. I have tomcat6 under user tomcat and eap5 under user eap, running agent under root is one solution or having user agent being member of some group having write access to eap and tomcat dirs.
setting target release to JON 3.1
There is a general requirement that managed resources and the agent run under the same user. This extends to JBoss and Tomcat servers too. In AS5's case, the deployment process is handled half by the JBoss instance and half by the RHQ agent. The manifest file is created by the agent if missing or updated by the agent if present. Because in your test case the manifest file is missing, it is created but with ownership and permissions for user that started the agent. The removal process is handled exclusively by the JBoss instance. The JBoss server cannot remove cleanly the previous deployment because there are files/folders created by the agent user during deployment. So the operations fails partially leaving behind the files it does not have permissions to remove (eg. the manifest file and it's parent folder). Running the agent under a different user than the JBoss instance also leads to deployment issues. The removal of the original application will fail for the reasons mentioned above. When removal process fails, then agent will request a redeployment of the original application. This is just one type of failure for running managed resources and the agent under different users. There are other types of failures for AS4 and Tomcat servers not captured by this ticket (... and outside the scope of changes for the content system). The recommendation is to run the agent and any managed resource under the same user.
triage 2/27/2012 asantos, loleary, crouch, mfoley may need documentation or explanation JON 3.01 timeframe.
Two issues: 1) rhq-agent users needs write access 2) EAP user needs to be able to delete files created by rhq-agent user
The preferable option here is to not to require the agent have write access at all to the EAP instance.
This BZ already had a partial fix prior to the releas of RHQ 4.4. The only case not in the original solution was storing the SHA256 for exploded deployments when creating a webapp as new child of the server. This has now been fixed. master branch commits: http://git.fedorahosted.org/git/?p=rhq/rhq.git;a=commit;h=b458447208ec5207eea6f29eaafcd3ca9e5371a6 http://git.fedorahosted.org/git/?p=rhq/rhq.git;a=commit;h=c3bbd873832ec7df6d9db4b24190fabad7d1b48f
Bulk closing of items that are on_qa and in old RHQ releases, which are out for a long time and where the issue has not been re-opened since.