Eucalyptus

Eucalyptus should not run 'sudo'

Bug #614488 reported by C de-Avillez on 2010-08-06

6

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Eucalyptus	Fix Released	Undecided	Dmitrii Zagorodnov
	eucalyptus (Ubuntu)	Fix Released	High	Dave Walker	Ubuntu ubuntu-10.10-beta
	Maverick	Fix Released	High	Dave Walker	Ubuntu ubuntu-10.10-beta

Bug Description

On 2.0~bzr1219-0ubuntu1 eucalyptus now calls 'sudo' for -- at least -- tgtadm and gtgd:

13:04:18 DEBUG [SystemUtil:main] Running command: sudo tgtadm --help
13:04:18 DEBUG [SystemUtil:main] Running command: sudo tgtadm --lld iscsi --mode target --op show
13:04:18 WARN [ISCSIManager:main] Unable to connect to tgt daemon. Is tgtd loaded?
13:04:18 INFO [ISCSIManager:main] Attempting to start tgtd ISCSI daemon
13:04:18 DEBUG [SystemUtil:main] Running command: sudo tgtd

This is not good. Since eucalyptus is running in the background (via 'start'), it does not have a pseudo-terminal allocated. As a result, we get a fatal error on startup:

sudo: no tty present and no askpass program specified

and eucalyptus dies.

I temporarily bypassed this by adding the following line to /etc/sudoers:

eucalyptus ALL=(ALL) NOPASSWD: ALL

Instead, these calls should be rootwrapped.

Related branches

lp:~ubuntu-virt/ubuntu/maverick/eucalyptus/2.0

lp:ubuntu/maverick/eucalyptus

Revision history for this message

Ye Wen (wenye) wrote on 2010-08-06:

#1

Dmitrii has a modified version of Canonical patch for euca_rootwrap which eliminates the need of sudo. We are waiting for the resolve of license issue.

Revision history for this message

C de-Avillez (hggdh2) wrote on 2010-08-06:

#2

Thank you, Ye. That was really fast ;-)

Changed in eucalyptus:
status:	New → Invalid
status:	Invalid → New

Revision history for this message

Dave Walker (davewalker) wrote on 2010-08-06:

#3

@Ye, Thanks for the update. Just for info, C de-Avillez is testing against your current trunk with our existing euca_rootwrap made by Kees.

Changed in eucalyptus (Ubuntu):
status:	New → Triaged
importance:	Undecided → High

Thierry Carrez (ttx) on 2010-08-11

Changed in eucalyptus (Ubuntu Maverick):
milestone:	none → ubuntu-10.10-beta
assignee:	nobody → Dave Walker (davewalker)

Revision history for this message

C de-Avillez (hggdh2) wrote on 2010-08-11:

#4

r1224 has this fixed.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-08-11:

#5

This bug was fixed in the package eucalyptus - 2.0~bzr1225-0ubuntu1

---------------
eucalyptus (2.0~bzr1225-0ubuntu1) maverick; urgency=low

  [ Dave Walker (Daviey) ]
  * New upstream snapshot, -r1225
  * debian/patches/18-priv_security.patch: Added tgtadm and tgtd
    to util/wrappers.conf. (LP: #614488)

  [ Clint Byrum ]
  * debian/control:
    - Recommending munin-node for eucalyptus-nc, eucalyptus-sc, and eucalyptus-walrus
    - Recommending munin for eucalyptus-cloud
  * debian/patches/23-add-munin-monitor.patch: adds munin capabilities to ganglia.sh
  * debian/eucalyptus-common.links:
    - copy ganglia.sh to munin plugins directory as euca_ -- it cannot be a symlink
      because of munin's rules for wildcard plugins
-- Dave Walker (Daviey) <email address hidden> Wed, 11 Aug 2010 18:39:40 +0100

Changed in eucalyptus (Ubuntu Maverick):
status:	Triaged → Fix Released

Dmitrii Zagorodnov (dmitrii) on 2010-08-25

Changed in eucalyptus:
status:	New → Fix Released
assignee:	nobody → Dmitrii Zagorodnov (dmitrii)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.