Project

Profile

Help

Issue #7654

closed

Pulp2 overrides permissions set by pulp3

Added by ggainey about 4 years ago. Updated about 4 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
High
Assignee:
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version - Docker:
Platform Release:
2.21.4
Target Release - Docker:
OS:
Triaged:
Yes
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2
Sprint:
Sprint 83
Quarter:

Description

Imagine you have pulp2 and some data( in this case i had only ISO content), then pulp3 gets installed. Write permission for the pulp group is granted and setgid is set [0] Issue comes when new content gets synced into pulp2( in this case I synced an rpm repo) .Pulp2 overrides permissions, this makes is impossible to create a hardlink

$  ll /var/lib/pulp/content/units/
total 12
drwxrwsr-x. 173 apache pulp 4096 Sep  2 08:34 iso    <------------------    existing content by the time pulp3 installed
drwxr-sr-x.  12 apache pulp  106 Sep  2 08:35 modulemd  <----------------------   new content after pulp3 installed
drwxr-sr-x.   5 apache pulp   36 Sep  2 08:35 modulemd_defaults
drwxr-sr-x.  35 apache pulp 4096 Sep  2 08:35 rpm
(pulp) [vagrant@pulp2-nightly-pulp3-source-centos7 ~

$  ll /var/lib/pulp/content/units/modulemd
total 0
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 00
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 04
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 1b
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 41
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 66
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 78
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 8a
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 90
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 a8
drwxr-sr-x. 2 apache pulp 76 Sep  2 08:35 ea


Then i synced a new ISO repo.


$ ll /var//lib//pulp/content/units/iso/12
total 0
drwxr-sr-x. 2 apache pulp 19 Sep  2 08:33 3f7c65dc3598a59bbb867425c4e52cc54ecb66ff0f6db4656d349799b96594
(pulp) [vagrant@pulp2-nightly-pulp3-source-centos7 ~]$ ll /var//lib//pulp/content/units/iso/12/3f7c65dc3598a59bbb867425c4e52cc54ecb66ff0f6db4656d349799b96594/

All the content that appears after pulp3 is installed, does not have write permission for the pulp group. This makes it impossible to create hard link during the migration https://pulp.plan.io/issues/7244

[0] https://github.com/pulp/pulp_installer/blob/master/roles/pulp_common/tasks/install.yml#L107-L133


Related issues

Copied from Pulp - Issue #7445: Pulp2 overrides permissions set by pulp3CLOSED - CURRENTRELEASEggaineyActions
Actions #1

Updated by ggainey about 4 years ago

  • Copied from Issue #7445: Pulp2 overrides permissions set by pulp3 added

Added by ggainey about 4 years ago

Revision 69dbf8d8 | View on GitHub

Insure that makedirs() results in directories group can write to.

Tracked down a lot of makedirs() calls and replaced them with misc.mkdir()

Note: required-PR is needed to fix the permission problem, but the code will build/work without it.

fixes #7654 Required PR: https://github.com/pulp/pulp/pull/4000

Added by ggainey about 4 years ago

Revision 69dbf8d8 | View on GitHub

Insure that makedirs() results in directories group can write to.

Tracked down a lot of makedirs() calls and replaced them with misc.mkdir()

Note: required-PR is needed to fix the permission problem, but the code will build/work without it.

fixes #7654 Required PR: https://github.com/pulp/pulp/pull/4000

Actions #3

Updated by ggainey about 4 years ago

  • Status changed from ASSIGNED to POST
Actions #4

Updated by ggainey about 4 years ago

  • Status changed from POST to MODIFIED
Actions #5

Updated by ggainey about 4 years ago

  • Platform Release set to 2.21.4

Added by ggainey about 4 years ago

Revision 9f6570eb | View on GitHub

Insure that makedirs() results in directories group can write to.

Tracked down a lot of makedirs() calls and replaced them with misc.mkdir()

Note: required-PR is needed to fix the permission problem, but the code will build/work without it.

fixes #7654 Required PR: https://github.com/pulp/pulp/pull/4000

(cherry picked from commit 69dbf8d81d16406b6aba8034cf29a7bbf11bb5f2)

Added by ggainey about 4 years ago

Revision 9f6570eb | View on GitHub

Insure that makedirs() results in directories group can write to.

Tracked down a lot of makedirs() calls and replaced them with misc.mkdir()

Note: required-PR is needed to fix the permission problem, but the code will build/work without it.

fixes #7654 Required PR: https://github.com/pulp/pulp/pull/4000

(cherry picked from commit 69dbf8d81d16406b6aba8034cf29a7bbf11bb5f2)

Actions #6

Updated by ggainey about 4 years ago

  • Status changed from MODIFIED to CLOSED - CURRENTRELEASE

Also available in: Atom PDF