Bug 852216 - zend /sandbox should be root owned if possible
zend /sandbox should be root owned if possible
Status: CLOSED CURRENTRELEASE
Product: OpenShift Origin
Classification: Red Hat
Component: Containers (Show other bugs)
2.x
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Ram Ranganathan
libra bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-27 17:36 EDT by Mike McGrath
Modified: 2015-05-14 18:58 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-09-17 17:29:35 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike McGrath 2012-08-27 17:36:44 EDT
Stuff in /sandbox should be owned by the cartridge and should probably be fully namespaced to avoid collisions in the future.

If the user goes and changes stuff in /sandbox/ that means we can't make any assumptions about it when doing migrations and it might make migrations impossible in the future.
Comment 1 Mike McGrath 2012-08-27 17:43:10 EDT
actually a follow up on this, /sandbox/zend/ is probably the correct namespace.  We're deprecating the cartridge-version spacing in the new cartridge style.  It should still be root owned though.
Comment 2 Meng Bo 2012-08-28 03:46:44 EDT
Currently, the /sandbox is owned by user.

[zend-bmengdev.dev.rhcloud.com ~]\> ls -Zd /sandbox/
drwxrwxrwt. e46b1387514546769fb1e8e46b762033 root system_u:object_r:libra_tmp_t:s0:c0,c537 /sandbox/
Comment 3 Meng Bo 2012-09-03 05:43:00 EDT
Checked on latest devenv_2108, the /sandbox is still user owned.

[zend-bmengdev.dev.rhcloud.com ~]\> ls -Zd /sandbox/
drwxrwxrwt. 804e89dd57d34b998941cf5e16e2ff71 root system_u:object_r:libra_tmp_t:s0:c0,c501 /sandbox/
Comment 4 Ram Ranganathan 2012-09-04 22:30:17 EDT
Fixed with pull requests: 
https://github.com/openshift/crankcase/pull/452
https://github.com/openshift/li/pull/342

waiting for merge+test.

/sandbox is root owned.
Comment 5 Meng Bo 2012-09-05 03:48:19 EDT
Checked on devenv_2114, issue has been fixed. 
/sandbox is root owned.

[zend-bmengdev.dev.rhcloud.com ~]\> ls -Zd /sandbox/
drwxr-xr-t. root root unconfined_u:object_r:libra_tmp_t:s0:c0,c1001 /sandbox/

Note You need to log in before you can comment on or make changes to this bug.