OpenStack RabbitMQ Server Charm

collect_rabbitmq_stats.sh creates /var/lib/rabbitmq/data/{}_queue_stats.dat with 600 perms

Bug #1730604 reported by Xav Paice
14
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack RabbitMQ Server Charm
Fix Released
Medium
Liam Young
OpenStack RabbitMQ Server Charm 18.02

Bug Description

On my newly deployed test (xenial) unit with charm ver 17.08, I add the nrpe subordinate and get a crontab which runs /usr/local/bin/collect_rabbitmq_stats.sh every 5 mins.

This crontab generates files for analysis by =/usr/local/lib/nagios/plugins/check_rabbitmq_queues.py, which is run by nrpe, which runs under the 'nagios' user account.

The stats file for queue_stats lands with perm 600 and therefore the nagios user can't read it. If I change the perms for a+r, the nrpe check works fine.

ubuntu@juju-aed625-4:/etc/nagios/nrpe.d$ ls -l /var/lib/rabbitmq/data
total 8
-rw-r--r-- 1 root root 53 Nov 7 08:05 juju-aed625-4_general_stats.dat
-rw------- 1 root root 179 Nov 7 08:05 juju-aed625-4_queue_stats.dat

Liam Young (gnuoy)
Changed in charm-rabbitmq-server:
status: New → Incomplete
status: Incomplete → Confirmed
importance: Undecided → Medium
assignee: nobody → Liam Young (gnuoy)
milestone: none → 18.02
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to charm-rabbitmq-server (master)

Fix proposed to branch: master
Review: https://review.openstack.org/530741

Changed in charm-rabbitmq-server:
status: Confirmed → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to charm-rabbitmq-server (master)

Reviewed: https://review.openstack.org/530741
Committed: https://git.openstack.org/cgit/openstack/charm-rabbitmq-server/commit/?id=0024aefd135dcc78f669f36f11c655ae439b245d
Submitter: Zuul
Branch: master

commit 0024aefd135dcc78f669f36f11c655ae439b245d
Author: Liam Young <email address hidden>
Date: Tue Jan 2 13:42:46 2018 +0000

    Fix perms on queue_stats

    collect_rabbitmq_stats.sh creates
    /var/lib/rabbitmq/data/{}_queue_stats.dat with 600 perms which
    cannot be read by the monitoring user. This bug was introduced by
    a8f7dea1 which uses mktemp which creates the file with restricted
    permissions.

    Change-Id: Idf3022bf925dd02b4bb6c979980ec1c6211b6923
    Closes-Bug: #1730604

Changed in charm-rabbitmq-server:
status: In Progress → Fix Committed
Revision history for this message
Tejeev Patel (tejeevpatel) wrote :

Fixing file perms doesn't work as work around. File is rewritten without the read perms:

ubuntu@juju-machine-1-lxc-21:~$ ls -l /var/lib/rabbitmq/data
total 152
-rw-r--r-- 1 root root 54 Mar 1 05:00 juju-machine-1-lxc-21_general_stats.dat
-rw------- 1 root root 150382 Mar 1 05:00 juju-machine-1-lxc-21_queue_stats.dat

ubuntu@juju-machine-1-lxc-21:~$ sudo chmod a+r /var/lib/rabbitmq/data/juju-machine-1-lxc-21_queue_stats.dat

ubuntu@juju-machine-1-lxc-21:~$ ls -l /var/lib/rabbitmq/data
total 152
-rw-r--r-- 1 root root 54 Mar 1 05:00 juju-machine-1-lxc-21_general_stats.dat
-rw-r--r-- 1 root root 150382 Mar 1 05:00 juju-machine-1-lxc-21_queue_stats.dat

ubuntu@juju-machine-1-lxc-21:~$ ls -l /var/lib/rabbitmq/data
total 152
-rw-r--r-- 1 root root 54 Mar 1 05:05 juju-machine-1-lxc-21_general_stats.dat
-rw------- 1 root root 150273 Mar 1 05:05 juju-machine-1-lxc-21_queue_stats.dat

Ryan Beisner (1chb1n)
Changed in charm-rabbitmq-server:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.