Red Hat Bugzilla – Bug 790753
unable to remove deployment without manifest file when agent runs under different user as server
Last modified: 2015-11-01 19:42:22 EST
Description of problem: Latest Stefan's changes in content system added new feature: RHQ-Sha256 value is being written into manifest of deployed WAR once it becomes managed by content subsystem. My WAR is deployed exploded and it is as simple as it does not have manifest. I run server under user eap and agent under root. I come in to troubles when I need to undeploy my app (using JON UI). Agent tries to add RHQ-Sha256 to manifest and when it does not exist, it creates it, with root's permissions.
Version-Release number of selected component (if applicable):
Build Number: dd8a001:c5270fb
Steps to Reproduce:
1.have JON server, agent (run under root), EAP 5 (run under any non-privileged user)
2. deploy WAR without manifest to EAP as exploded
3. updateBackingContent of your WAR using CLI (I suppose that this action triggers writing RHQ-SHA256 to manifest)
4. remove WAR from server using JON UI
Actual results: remove operation seems to succeed, but deployment is rediscovered and maked as offline, on server, manifest created by JON remains in deployment's dir
Expected results: not sure, maybe agent could read and use permissions of deployment dir when creating manifest
Additional info: This is not a common usecase. Most WARs have manifest and also running agent under root is not recommended.
Changing severity to high, because it actually makes sense to run agent under different user than EAP. I have tomcat6 under user tomcat and eap5 under user eap, running agent under root is one solution or having user agent being member of some group having write access to eap and tomcat dirs.
setting target release to JON 3.1
There is a general requirement that managed resources and the agent run under the same user. This extends to JBoss and Tomcat servers too.
In AS5's case, the deployment process is handled half by the JBoss instance and half by the RHQ agent. The manifest file is created by the agent if missing or updated by the agent if present. Because in your test case the manifest file is missing, it is created but with ownership and permissions for user that started the agent. The removal process is handled exclusively by the JBoss instance. The JBoss server cannot remove cleanly the previous deployment because there are files/folders created by the agent user during deployment. So the operations fails partially leaving behind the files it does not have permissions to remove (eg. the manifest file and it's parent folder).
Running the agent under a different user than the JBoss instance also leads to deployment issues. The removal of the original application will fail for the reasons mentioned above. When removal process fails, then agent will request a redeployment of the original application.
This is just one type of failure for running managed resources and the agent under different users. There are other types of failures for AS4 and Tomcat servers not captured by this ticket (... and outside the scope of changes for the content system).
The recommendation is to run the agent and any managed resource under the same user.
triage 2/27/2012 asantos, loleary, crouch, mfoley
may need documentation or explanation
JON 3.01 timeframe.
1) rhq-agent users needs write access
2) EAP user needs to be able to delete files created by rhq-agent user
The preferable option here is to not to require the agent have write access at all to the EAP instance.
This BZ already had a partial fix prior to the releas of RHQ 4.4. The only case not in the original solution was storing the SHA256 for exploded deployments when creating a webapp as new child of the server. This has now been fixed.
master branch commits:
Bulk closing of items that are on_qa and in old RHQ releases, which are out for a long time and where the issue has not been re-opened since.