Juju Charms Collection
openstack-dashboard package

cloud:trusty-updates/juno fails apt-get install openstack-dashboard -- bad /var/lib/openstack-dashboard/secret permissions

Bug #1386429 reported by Greg Lutostanski
This bug report is a duplicate of:  Bug #1382632: Insecure key file permissions. Edit Remove
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
openstack-dashboard (Juju Charms Collection)
New
Undecided
Unassigned

Bug Description

openstack-dashboard 2014.2-0ubuntu1~cloud0 from cloud:trusty-updates/juno fails install (exit status 1)

full stack trace:
2014-10-27 20:40:42 INFO install Setting up openstack-dashboard (1:2014.2-0ubuntu1~cloud0) ...
2014-10-27 20:40:43 INFO install Adding system user `horizon' (UID 106) ...
2014-10-27 20:40:43 INFO install Adding new user `horizon' (UID 106) with group `horizon' ...
2014-10-27 20:40:43 INFO install Not creating home directory `/usr/share/openstack-dashboard/'.
2014-10-27 20:40:43 INFO install Collecting and compressing static assets...
2014-10-27 20:40:45 INFO install Traceback (most recent call last):
2014-10-27 20:40:45 INFO install File "manage.py", line 25, in <module>
2014-10-27 20:40:45 INFO install execute_from_command_line(sys.argv)
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/core/management/__init__.py", line 399, in execute_from_command_line
2014-10-27 20:40:45 INFO install utility.execute()
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/core/management/__init__.py", line 392, in execute
2014-10-27 20:40:45 INFO install self.fetch_command(subcommand).run_from_argv(self.argv)
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/core/management/__init__.py", line 261, in fetch_command
2014-10-27 20:40:45 INFO install commands = get_commands()
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/core/management/__init__.py", line 107, in get_commands
2014-10-27 20:40:45 INFO install apps = settings.INSTALLED_APPS
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/conf/__init__.py", line 54, in __getattr__
2014-10-27 20:40:45 INFO install self._setup(name)
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/conf/__init__.py", line 49, in _setup
2014-10-27 20:40:45 INFO install self._wrapped = Settings(settings_module)
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/conf/__init__.py", line 128, in __init__
2014-10-27 20:40:45 INFO install mod = importlib.import_module(self.SETTINGS_MODULE)
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/django/utils/importlib.py", line 40, in import_module
2014-10-27 20:40:45 INFO install __import__(name)
2014-10-27 20:40:45 INFO install File "/usr/share/openstack-dashboard/openstack_dashboard/settings.py", line 316, in <module>
2014-10-27 20:40:45 INFO install from local.local_settings import * # noqa
2014-10-27 20:40:45 INFO install File "/usr/share/openstack-dashboard/openstack_dashboard/local/local_settings.py", line 98, in <module>
2014-10-27 20:40:45 INFO install SECRET_KEY = secret_key.generate_or_read_from_file('/var/lib/openstack-dashboard/secret_key')
2014-10-27 20:40:45 INFO install File "/usr/lib/python2.7/dist-packages/horizon/utils/secret_key.py", line 61, in generate_or_read_from_file
2014-10-27 20:40:45 INFO install raise FilePermissionError("Insecure key file permissions!")
2014-10-27 20:40:45 INFO install horizon.utils.secret_key.FilePermissionError: Insecure key file permissions!
2014-10-27 20:40:45 INFO install dpkg: error processing package openstack-dashboard (--configure):
2014-10-27 20:40:45 INFO install subprocess installed post-installation script returned error exit status 1

Looks like /var/lib/openstack-dashboard/secret_key is created without the correct permissions
using charm lp:~openstack-charmers/charms/trusty/openstack-dashboard/next to deploy currently -- doesnt seem as if that charm is writing anything to those locations before apt-get install, but I could be wrong.

Tags: oil
Revision history for this message
Greg Lutostanski (lutostag) wrote :

Looks like it installed fine on a clean trusty lxc with cloud:trusty-updates/juno -- so moving it this bug to the charm.

affects: horizon (Ubuntu) → openstack-dashboard (Juju Charms Collection)
summary: - openstack-dashboard 2014.2-0ubuntu1~cloud0 from cloud:trusty-
- updates/juno fails install (exit status 1)
+ cloud:trusty-updates/juno fails apt-get install openstack-dashboard --
+ bad /var/lib/openstack-dashboard/secret permissions
Revision history for this message
Greg Lutostanski (lutostag) wrote :

example juju_deployer yaml:

  overrides:
    openstack-origin: cloud:trusty-juno
    source: cloud:trusty-updates/juno
  relations:
  - - keystone
    - mysql
  - - nova-cloud-controller
    - glance
  - - nova-cloud-controller
    - keystone
  - - nova-cloud-controller
    - mysql
  - - nova-cloud-controller
    - rabbitmq-server
  - - glance
    - keystone
  - - glance
    - mysql
  - - cinder
    - glance
  - - cinder
    - keystone
  - - cinder
    - nova-cloud-controller
  - - cinder
    - mysql
  - - cinder
    - rabbitmq-server
  - - openstack-dashboard
    - keystone
  - - heat
    - mysql
  - - heat
    - rabbitmq-server
  - - heat
    - keystone
  - - ceilometer
    - keystone
  - - ceilometer
    - rabbitmq-server
  - - ceilometer
    - mongodb
  - - ceilometer-agent
    - nova-compute
  - - ceilometer-agent
    - ceilometer
  - - nova-compute:amqp
    - rabbitmq-server:amqp
  - - nova-compute
    - nova-cloud-controller
  - - nova-compute
    - glance
  - - ceph
    - glance
  - - ceph
    - nova-compute
  - - ceph
    - cinder
  series: trusty
  services:
    ceilometer:
      branch: lp:charms/ceilometer
      to:
      - lxc:ceph=0
    ceilometer-agent:
      branch: lp:charms/ceilometer-agent
    ceph:
      branch: lp:~lutostag/charms/trusty/ceph/add-source-distro-option
      num_units: 3
      options:
        fsid: 6547bd3e-1397-11e2-82e5-53567c8d32dc
        monitor-count: 3
        monitor-secret: AQCXrnZQwI7KGBAAiPofmKEXKxu5bUzoYLVkbQ==
        osd-devices: /dev/sdc /dev/sdd /srv/ceph
        osd-reformat: 'yes'
    cinder:
      branch: lp:~openstack-charmers/charms/trusty/cinder/next
      options:
        block-device: None
        glance-api-version: 2
        remove-missing: true
    glance:
      branch: lp:~openstack-charmers/charms/trusty/glance/next
      to:
      - lxc:ceph=1
    heat:
      branch: lp:~openstack-charmers/charms/trusty/heat/next
      to:
      - lxc:ceph=2
    keystone:
      branch: lp:~gnuoy/charms/trusty/keystone/next-1385105
      options:
        admin-password: openstack
        admin-token: ubuntutesting
      to:
      - lxc:cinder=0
    mongodb:
      branch: lp:charms/mongodb
      to:
      - lxc:nova-cloud-controller=0
    mysql:
      branch: lp:charms/trusty/mysql
      to:
      - lxc:ceph=0
    nova-cloud-controller:
      branch: lp:~openstack-charmers/charms/trusty/nova-cloud-controller/next
      network-manager: FlatDHCPManager
    nova-compute:
      branch: lp:~openstack-charmers/charms/trusty/nova-compute/next
      num_units: 3
      options:
        virt-type: lxc
      to:
      - ceph=0
      - ceph=1
      - ceph=2
    openstack-dashboard:
      branch: lp:~openstack-charmers/charms/trusty/openstack-dashboard/next
      to:
      - lxc:ceph=1
    rabbitmq-server:
      branch: lp:charms/rabbitmq-server
      to:
      - lxc:ceph=2

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.