Bug 883124 - ovirt-guest-agent will not run with pam_namespace polyinstantiated directories
Summary: ovirt-guest-agent will not run with pam_namespace polyinstantiated directories
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-guest-agent
Version: unspecified
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
: 3.2.0
Assignee: Vinzenz Feenstra [evilissimo]
QA Contact: Luke Meyer
URL:
Whiteboard: virt
: 872613 (view as bug list)
Depends On:
Blocks: 922807
TreeView+ depends on / blocked
 
Reported: 2012-12-03 20:19 UTC by Luke Meyer
Modified: 2013-06-10 20:12 UTC (History)
6 users (show)

Fixed In Version: sf10
Doc Type: Bug Fix
Doc Text:
Cause: The ovirtagent user had their home on root (/) which was not writable for the user, so the login of the ovirtagent failed. Consequence: The ovirt-guest-agent service wasn't able to run. Fix: The ovirtagent user now get's a home directory in /usr/share/ovirt-guest-agent Result: The now successfully starts when polyinstanticated directories via pam_namespace are configured.
Clone Of:
Environment:
Last Closed: 2013-06-10 20:12:25 UTC
oVirt Team: ---
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2013:0914 0 normal SHIPPED_LIVE rhevm-guest-agent bug fix and enhancement update 2013-06-11 00:03:50 UTC
oVirt gerrit 12195 0 None None None Never

Description Luke Meyer 2012-12-03 20:19:13 UTC 
Description of problem:
Per bug 872613 - having a home directory of / causes problems under pam_namespace polyinstantiation, which causes the agent to fail with very little sign of what's going wrong.

Version-Release number of selected component (if applicable):
rhevm-guest-agent-1.0.5-3.el6ev.x86_64

Steps to Reproduce:
1. Install agent on guest VM
2. Install pam_openshift from the OpenShift Infrastructure channel or otherwise enable polyinstantiation with pam_namespace
3. Add to /etc/pam.d/runuser "session required pam_namespace.so no_unmount_on_close"
4. Try to (re)start the agent  

Actual results:
Starting ovirt-guest-agent: could not open session
                                                           [FAILED]

Expected results:
Normal startup

Additional info:
A simple fix for this is to give ovirtagent a home directory other than "/" - I changed it to /usr/share/ovirt-guest-agent in /etc/passwd and it started fine again.
Comment 1 Luke Meyer 2012-12-03 20:36:36 UTC 
*** Bug 872613 has been marked as a duplicate of this bug. ***
Comment 8 Vinzenz Feenstra [evilissimo] 2013-03-11 08:20:30 UTC 
Merged upstream as: 517cf4082f027e2496128e8bfe4fdf2149fa33a0

http://gerrit.ovirt.org/gitweb?p=ovirt-guest-agent.git;a=commit;h=517cf4082f027e2496128e8bfe4fdf2149fa33a0
Comment 10 Cheryn Tan 2013-04-09 04:17:18 UTC 
This bug is currently attached to errata RHEA-2013:14354. If this change is not to be documented in the text for this errata please either remove it from the errata, set the requires_doc_text flag to minus (-), or leave a "Doc Text" value of "--no tech note required" if you do not have permission to alter the flag.

Otherwise to aid in the development of relevant and accurate release documentation, please fill out the "Doc Text" field above with these four (4) pieces of information:

* Cause: What actions or circumstances cause this bug to present.

* Consequence: What happens when the bug presents.

* Fix: What was done to fix the bug.

* Result: What now happens when the actions or circumstances above occur. (NB: this is not the same as 'the bug doesn't present anymore')

Once filled out, please set the "Doc Type" field to the appropriate value for the type of change made and submit your edits to the bug.

For further details on the Cause, Consequence, Fix, Result format please refer to:

https://bugzilla.redhat.com/page.cgi?id=fields.html#cf_release_notes

Thanks in advance.
Comment 11 errata-xmlrpc 2013-06-10 20:12:25 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2013-0914.html
Note You need to log in before you can comment on or make changes to this bug.