Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: ensure landscape homedir and broker.bpickle are owned by landscape (LP: #2065879) #264

Merged
merged 2 commits into from
Aug 29, 2024
Merged

fix: ensure landscape homedir and broker.bpickle are owned by landscape (LP: #2065879) #264

merged 2 commits into from
Aug 29, 2024

Conversation

Perfect5th
Copy link
Contributor

This addresses an issue where setting umask 027 would not allow for registration.

@Perfect5th
Copy link
Contributor Author

Testing steps are pretty clearly laid out in the body of https://bugs.launchpad.net/landscape-client/+bug/2065879 but I'll copy them here to be safe.

How to reproduce:

# umask 027
# landscape-config --computer-title test--account-name standalone --url https://test.net/message-system --ping-url http://test.net/> ping --ssl-public-key /etc/landscape/test.pem

Fails with:

Traceback (most recent call last):

Failure: twisted.internet.error.ConnectError: An error occurred while connecting: 2: No such file or directory.

# ls -l /var/lib/landscape/client/
total 52
drwxr-xr-x 2 landscape landscape 4096 May 16 13:53 annotations.d
-rw-r----- 1 root root 33 May 16 13:54 broker.bpickle
-rw-r----- 1 root root 47 May 16 13:53 broker.bpickle.old
drwxr-xr-x 2 landscape root 4096 May 16 13:53 custom-graph-scripts
-rw-r--r-- 1 root root 12288 May 16 13:53 manager.database
drwxr-xr-x 2 landscape root 4096 May 16 13:53 messages
-rw-r--r-- 1 landscape landscape 23 May 16 13:53 monitor.bpickle
-rw-r--r-- 1 landscape landscape 23 May 16 13:53 monitor.bpickle.old
drwxr-xr-x 5 landscape root 4096 May 16 13:53 package
drwxr-x--- 2 landscape root 4096 May 16 13:53 sockets
-rwxr-xr-x 1 landscape root 100 May 16 13:52 user-update-flag

I'll add that normal functionality should work - registration and regular message exchange.

@astok astok self-requested a review August 28, 2024 19:35
@astok
Copy link
Contributor

astok commented Aug 28, 2024

Here is the process I followed to try to reproduce the original issue:

  1. Clone my fork of the repo which does not contain the fix in this PR
  2. $ cd landscape-client
  3. $ dev_lxc create --config ./.dev-lxc/config.yaml jammy
  4. Edit landscape-client.conf to remove the data_path and log_dir lines
  5. $ dev_lxc shell jammy
  6. ubuntu$ sudo pro attach <guid>
  7. ubuntu$ sudo apt update && sudo apt install -y landscape-client
  8. exit
  9. lxc exec landscape-client-jammy -- bash
  10. cd /home/ubuntu/landscape-client
  11. # umask 027
  12. # ./scripts/landscape-config --computer-title test-lndeng-1111-fail --account-name onward --url http://10.112.115.46:8080/message-system --ping-url http://10.112.115.46:8081/ping

I see the message "Registration request sent successfully".

ls -l /var/lib/landscape/ shows:
drwxr-xr-x 7 landscape root 4096 Aug 28 20:16 client
and the contents of the directory are:

drwxr-xr-x 2 landscape landscape  4096 Aug 28 20:15 annotations.d
-rw-r----- 1 root      root        100 Aug 28 20:15 broker.bpickle
drwxr-xr-x 2 landscape root       4096 Aug 28 20:15 custom-graph-scripts
-rw-r--r-- 1 root      root      12288 Aug 28 20:16 manager.database
drwxr-xr-x 2 landscape root       4096 Aug 28 20:15 messages
-rw-r--r-- 1 landscape landscape    23 Aug 28 20:16 monitor.bpickle
-rw-r--r-- 1 landscape landscape    23 Aug 28 20:16 monitor.bpickle.old
drwxr-xr-x 5 landscape root       4096 Aug 28 20:15 package
drwxr-x--- 2 landscape root       4096 Aug 28 20:16 sockets
-rwxr-xr-x 1 landscape root        100 Aug 28 20:06 user-update-flag

Running # journalctl shows me the errors:
Aug 28 20:16:00 landscape-client-jammy landscape-client[5181]: PermissionError: [Errno 13] Permission denied: '/var/lib/landscape/client/broker.bpickle' and ultimately...
Aug 28 20:16:02 landscape-client-jammy systemd[1]: landscape-client.service: Deactivated successfully.

I believe this gives me a tight repro of the original problem.

@astok
Copy link
Contributor

astok commented Aug 29, 2024

With the PR applied, the contents of the /var/lib/landscape/client directory are:

drwxr-xr-x 2 landscape landscape  4096 Aug 29 13:00 annotations.d
-rw-r--r-- 1 landscape landscape   121 Aug 29 13:00 broker.bpickle
-rw-r----- 1 landscape landscape   100 Aug 29 13:00 broker.bpickle.old
drwxr-xr-x 2 landscape root       4096 Aug 29 13:00 custom-graph-scripts
-rw-r--r-- 1 root      root      12288 Aug 29 13:00 manager.database
drwxr-xr-x 2 landscape root       4096 Aug 29 13:00 messages
-rw-r--r-- 1 landscape landscape   725 Aug 29 13:01 monitor.bpickle
-rw-r--r-- 1 landscape landscape    23 Aug 29 13:00 monitor.bpickle.old
drwxr-xr-x 5 landscape root       4096 Aug 29 13:00 package
drwxr-x--- 2 landscape root       4096 Aug 29 13:00 sockets
-rwxr-xr-x 1 landscape root        100 Aug 29 12:57 user-update-flag

which is correct.

Running # journalctl shows Broker started with config /etc/landscape/client.conf with none of the permissions errors seen previously.

@astok
Copy link
Contributor

astok commented Aug 29, 2024

LGTM.

@Perfect5th Perfect5th merged commit 9b6719c into canonical:main Aug 29, 2024
5 checks passed
@Perfect5th Perfect5th deleted the lndeng-1111-umask-errors branch August 29, 2024 18:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@astok astok astok approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Perfect5th @astok