awstrial

awstrial writing to /tmp/lp

Bug #909299 reported by Tom Haddon
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
awstrial
Fix Released
Low
Māris Fogels

Bug Description

As part of RT#50049 we've switched the awstrial application on staging to a different user from www-data. During this, we discovered that the application is writing to /tmp/lp. This shouldn't be happening, as it may clash with other applications hosted on the same server and owned by a different user (such as we discovered here).

Tom Haddon (mthaddon)
tags: added: canonical-losa-isd
Revision history for this message
Matthew Nuzum (newz) wrote :

Hello, please check the LOG_PATH setting in local_settings.py. That value can be changed to whatever is preferred.

Revision history for this message
Tom Haddon (mthaddon) wrote :

On staging I see:

LOG_PATH = '/srv/awstrial.staging.ubuntu.com/staging-logs/www-logs/awstrial.log'

However, I still see things being written to /tmp/lp today:

isd_deploy@waxapple:/srv/awstrial.staging.ubuntu.com/staging/local_config$ ls -lh /tmp/lp/api.edge.launchpad.net/cache/
total 1.5M
-rw-r--r-- 1 isd_deploy www-data 2.0K 2012-02-01 07:47 api.edge.launchpad.net,1.0,-application,json,86bf0c5ee56db0150530022cccba0105
-rw-r--r-- 1 isd_deploy www-data 1.5M 2012-02-01 07:47 api.edge.launchpad.net,1.0,-application,vnd.sun.wadl+xml,bdc844cc1d5fca701b8351a25fa95a56
-rw-r--r-- 1 isd_deploy www-data 3.7K 2012-01-17 21:42 api.edge.launchpad.net,1.0,~newz-application,json,19deef35b1d5a42e315d680ad813fb8a
-rw-r--r-- 1 isd_deploy www-data 517 2012-01-17 21:42 api.edge.launchpad.net,1.0,~newz,sshkeys-application,json,695953c2407329d58140088e2c65ddf6

Māris Fogels (mars)
Changed in awstrial:
status: New → In Progress
importance: Undecided → Low
assignee: nobody → Māris Fogels (mars)
Canonical ISD bug wrangler (isd-bug-wrangler)
tags: added: kb-defect sp-1
Revision history for this message
Matthew Nuzum (newz) wrote :

It appears that this log file is being created by django-openid-auth not by awstrial. I'm not yet sure how to configure logging, looking into it though.

Revision history for this message
Matthew Nuzum (newz) wrote :

One possible culprit is the HTTPLib2Fetcher class in openid/fetches.py. Another is the oidutil in the same pacakge, though I think it less likely.

The log files are details about http requests dealing with the launchpad login. For example:
$ ls /tmp/lp/api.edge.launchpad.net/cache/
api.edge.launchpad.net,1.0,-application,json,86bf0c5ee56db0150530022cccba0105
api.edge.launchpad.net,1.0,-application,vnd.sun.wadl+xml,bdc844cc1d5fca701b8351a25fa95a56

The file name contains the type of file it is (see json, wadl in example above) and the contents of the file are a list of HTTP headers and then the body of a HTTP request.

Matthew Nuzum (newz)
Changed in awstrial:
status: In Progress → Fix Committed
Matthew Nuzum (newz)
Changed in awstrial:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.