apt-cacher files have incorrect owners
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack-Ansible |
Fix Released
|
Undecided
|
Kyle L. Henderson |
Bug Description
The repo-cacher.yml that was added to Newton sets up the apt-cacher-ng service to cache apt packages. It also setups up haproxy to provide a master and backup services on the repo hosts. These backup repo hosts are not completely functional however because the cache directory structure and packages don't have the correct authorities for apt-cacher-ng to operate on them.
Here is a sample of the master files:
ls -lah /var/www/
total 68K
drwxrwsr-x 8 apt-cacher-ng www-data 4.0K Dec 12 07:58 .
drwxr-sr-x 8 nginx www-data 4.0K Dec 11 08:38 ..
drwxr-sr-x 2 apt-cacher-ng www-data 4.0K Dec 12 07:58 changelogs.
-rw-r--r-- 1 apt-cacher-ng www-data 0 Dec 12 06:25 _expending_damaged
-rw-r--r-- 1 apt-cacher-ng www-data 33K Dec 12 06:25 _expending_dat
drwxr-sr-x 3 apt-cacher-ng www-data 4.0K Dec 11 09:08 mirror.
drwxr-sr-x 3 apt-cacher-ng www-data 4.0K Dec 11 10:08 ports.ubuntu.com
drwxr-sr-x 3 apt-cacher-ng www-data 4.0K Dec 11 09:05 security.ubuntu.com
drwxr-sr-x 3 apt-cacher-ng www-data 4.0K Dec 11 09:41 ubuntu-
drwxr-sr-x 4 apt-cacher-ng www-data 4.0K Dec 11 09:05 uburep
Here is a sample of the files on a backup repo host:
~# ls -lah /var/www/
total 72K
drwxrwsr-x 8 apt-cacher-ng www-data 4.0K Dec 12 07:58 .
drwxr-sr-x 8 nginx www-data 4.0K Dec 11 08:38 ..
drwxr-sr-x 2 nginx www-data 4.0K Dec 12 07:58 changelogs.
-rw-r--r-- 1 apt-cacher-ng www-data 11 Dec 12 06:25 _exfail_cnt
-rw-r--r-- 1 nginx www-data 0 Dec 12 06:25 _expending_damaged
-rw-r--r-- 1 nginx www-data 33K Dec 12 06:25 _expending_dat
drwxr-sr-x 3 nginx www-data 4.0K Dec 11 09:08 mirror.
drwxr-sr-x 3 nginx www-data 4.0K Dec 11 10:08 ports.ubuntu.com
drwxr-sr-x 3 nginx www-data 4.0K Dec 11 09:05 security.ubuntu.com
drwxr-sr-x 3 nginx www-data 4.0K Dec 11 09:41 ubuntu-
drwxr-sr-x 4 nginx www-data 4.0K Dec 11 09:05 uburep
The difference in the owner is caused by using lsyncd to sync the files from the master to the backups. The backups can serve existing packages but any attempt install an non-cached package will fail with a 503 error.
For instance, if you take the master down and then go into one of the containers and try to load a new package (pick a small one without many new dependencies like atop or tmux) you'll see something like:
~# apt-get install atop
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
atop
0 upgraded, 1 newly installed, 0 to remove and 8 not upgraded.
Need to get 90.0 kB of archives.
After this operation, 237 kB of additional disk space will be used.
Err:1 http://
503 Cache storage error - No such file or directory
E: Failed to fetch http://
E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
Fixing the permissions be the same as the master allows apt-cacher-ng to be fully functional on the backups but then screws up lsyncd because it can no longer maintain the directories/
Changed in openstack-ansible: | |
assignee: | nobody → Kyle L. Henderson (kyleh) |
summary: |
- apt-cacher files have incorrect authorities + apt-cacher files have incorrect owners |
Worth of interest: /github. com/openstack/ openstack- ansible- repo_server/ blob/master/ tasks/repo_ cacher. yml#L47 /github. com/openstack/ openstack- ansible- repo_server/ blob/master/ tasks/repo_ sync_manager. yml
- https:/
- https:/
I'd be enclined to have this consistent across all nodes.