Bug 835892 - agetn rpm - logs in "/usr/share/jboss-on-version/agent/logs" doesn't always belong to jbosson-agent user.
agetn rpm - logs in "/usr/share/jboss-on-version/agent/logs" doesn't always ...
Status: CLOSED CURRENTRELEASE
Product: RHQ Project
Classification: Other
Component: Configuration (Show other bugs)
unspecified
x86_64 Linux
high Severity medium (vote)
: ---
: JON 3.1.0
Assigned To: Stefan Negrea
Mike Foley
:
Depends On:
Blocks: 837381
  Show dependency treegraph
 
Reported: 2012-06-27 09:06 EDT by Armine Hovsepyan
Modified: 2015-09-02 20:01 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-09-03 11:18:36 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
logs permissions (108.68 KB, image/png)
2012-06-27 09:06 EDT, Armine Hovsepyan
no flags Details

  None (edit)
Description Armine Hovsepyan 2012-06-27 09:06:20 EDT
Created attachment 594769 [details]
logs permissions

Description of problem:
While installing agent through rpm and starting under root user with agent wrapper script, all logs in agent/logs directory belong root while should have belong to jbosson-agent, which leads to permission denied for all users besides root to start agent.

Version-Release number of selected component (if applicable):
org.jboss.on-jboss-on-parent-3.1.0.GA-8

How reproducible:
always

Steps to Reproduce:
1. install rhq agent through rpm
2. start service jon-agent as root
3. kill service jon-agent
4. log in with some other user
5. sudo service jon-agent start
  
Actual results:
access is denied to wrapper log, agent cannot be started

Expected results:
agent should be started, all logs should belong to jbosson-agent user

Additional info:
please get attached screenshot ot logs files permissions
Comment 1 Mike Foley 2012-07-02 10:49:47 EDT
bz triage by loleary, asantos, stefan, viet, armine, zjin .... 

expected behavior ... similar behavior as apache.  

this should be documented.
Comment 2 Mike Foley 2012-07-02 10:55:21 EDT
rechown needs to be done ... this is a development issue.  assigning to stefan.  and configurable user.
Comment 3 Stefan Negrea 2012-07-03 18:29:00 EDT
The reproduction steps are outside of the normal/recommended RPM and service use case. However, a couple of steps could be taken to avoid these problems:

1) Part of the startup script update file ownership for agent files to match the user that executes the service before the service is started
2) Allow users to easily configure the user that runs the service
3) Update the documentation with regards to the typical RPM usage
Comment 4 Stefan Negrea 2012-07-06 11:24:13 EDT
Updated init script for non-ec2 agent RPM to chown all files before attempting to start the agent. Also, moved the user/group configuration variables prominently at the top of the script.
Comment 5 Armine Hovsepyan 2012-07-12 06:50:55 EDT
all the files now belong to jbosson-agent:jbosson.

verified!
Comment 6 Heiko W. Rupp 2013-09-03 11:18:36 EDT
Bulk closing of old issues in VERIFIED state.

Note You need to log in before you can comment on or make changes to this bug.