Canonical Juju

controllers.yaml permission change from user to root when using "sudo juju status" or juju under sosreport

Bug #1747357 reported by Trent Lloyd
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Canonical Juju
Triaged
Low
Unassigned

Bug Description

When invoking "juju status" with sudo, the permissions are changed from the user, to root (uid=0) on ~/.local/share/juju/controllers.yaml

The particular use case this causes problems, is when using "sosreport" which calls juju status (and perhaps other commands) as part of it's information gathering. This causes future juju commands as the actual user to fail, since the file changed ownership.

As a simple fix, perhaps the permissions on existing files shouldn't be changed. However there is probably deeper thought to be had about this use case.

Additional to this, I noticed there is a persistent juju lock file created in /tmp (e.g. juju-store-lock-6133343039653034). In one particular case of testing this, the juju controller was shutdown and so the "juju status" command was hanging. I killed the juju client, but this left the lock file behind but owned as root and thus the user also could not execute juju until the file is manually removed. This is probably harder to solve but I mention it for completeness, as it is in a way related. I wouldn't consider it a primary part of this bug.

Trent Lloyd (lathiat)
summary: controllers.yaml permission change from user to root when using "sudo
- juju status"
+ juju status" or juju under sosreport
Revision history for this message
Tim Penhey (thumper) wrote :

This will be due to the way we update the controllers file atomically, but writing a new temp file and moving into place. We should look into this a bit deeper.

Changed in juju:
status: New → Triaged
importance: Undecided → Medium
tags: added: local-config ui
Revision history for this message
John A Meinel (jameinel) wrote : Re: [Bug 1747357] Re: controllers.yaml permission change from user to root when using "sudo juju status" or juju under sosreport

It seems like it would be possible to do a chown while we're creating the
temporary file (make sure it has the same owner and permissions as the
original file before we rename it into place).

On Tue, Feb 20, 2018 at 12:18 AM, Tim Penhey <email address hidden>
wrote:

> This will be due to the way we update the controllers file atomically,
> but writing a new temp file and moving into place. We should look into
> this a bit deeper.
>
> ** Changed in: juju
> Status: New => Triaged
>
> ** Changed in: juju
> Importance: Undecided => Medium
>
> ** Tags added: local-config ui
>
> --
> You received this bug notification because you are subscribed to juju.
> Matching subscriptions: juju bugs
> https://bugs.launchpad.net/bugs/1747357
>
> Title:
> controllers.yaml permission change from user to root when using "sudo
> juju status" or juju under sosreport
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/juju/+bug/1747357/+subscriptions
>

Revision history for this message
Canonical Juju QA Bot (juju-qa-bot) wrote :

This bug has not been updated in 2 years, so we're marking it Low importance. If you believe this is incorrect, please update the importance.

Changed in juju:
importance: Medium → Low
tags: added: expirebugs-bot
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.