Project

Profile

Help

Issue #7654

closed

Pulp2 overrides permissions set by pulp3

Added by ggainey about 4 years ago. Updated about 4 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Assignee:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version - Docker:
Platform Release:
2.21.4
Target Release - Docker:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Sprint 83
Quarter:

Description

Imagine you have pulp2 and some data( in this case i had only ISO content), then pulp3 gets installed. Write permission for the pulp group is granted and setgid is set [0] Issue comes when new content gets synced into pulp2( in this case I synced an rpm repo) .Pulp2 overrides permissions, this makes is impossible to create a hardlink

$  ll /var/lib/pulp/content/units/
total 12
drwxrwsr-x. 173 apache pulp 4096 Sep  2 08:34 iso    <------------------    existing content by the time pulp3 installed
drwxr-sr-x.  12 apache pulp  106 Sep  2 08:35 modulemd  <----------------------   new content after pulp3 installed
drwxr-sr-x.   5 apache pulp   36 Sep  2 08:35 modulemd_defaults
drwxr-sr-x.  35 apache pulp 4096 Sep  2 08:35 rpm
(pulp) [vagrant@pulp2-nightly-pulp3-source-centos7 ~

$  ll /var/lib/pulp/content/units/modulemd
total 0
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 00
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 04
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 1b
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 41
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 66
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 78
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 8a
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 90
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 a8
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 ea


Then i synced a new ISO repo.


$ ll /var//lib//pulp/content/units/iso/12
total 0
drwxr-sr-x. 2 apache pulp 19 Sep  2 08:33 3f7c65dc3598a59bbb867425c4e52cc54ecb66ff0f6db4656d349799b96594
(pulp) [vagrant@pulp2-nightly-pulp3-source-centos7 ~]$ ll /var//lib//pulp/content/units/iso/12/3f7c65dc3598a59bbb867425c4e52cc54ecb66ff0f6db4656d349799b96594/

All the content that appears after pulp3 is installed, does not have write permission for the pulp group. This makes it impossible to create hard link during the migration https://pulp.plan.io/issues/7244

[0] https://github.com/pulp/pulp_installer/blob/master/roles/pulp_common/tasks/install.yml#L107-L133


Related issues

Copied from Pulp - Issue #7445: Pulp2 overrides permissions set by pulp3CLOSED - CURRENTRELEASEggaineyActions

Also available in: Atom PDF