Ambiguous error message when juju-store-lock is not removed and has restrictive permissions
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Triaged
|
Low
|
Unassigned |
Bug Description
Somehow I got into the state where juju client returns "cannot get current controller name: permission denied". The error is actually due to juju store lock having root:root owner set. If I remove the lock file juju client continues on without issues.
The bug is about making the error more user-friendly.
/snap/conjure-
2.3.7-artful-amd64
strace -f /snap/conjure-
...
[pid 12971] openat(AT_FDCWD, "/tmp/juju-
[pid 12980] <... select resumed> ) = 0 (Timeout)
[pid 12971] ioctl(2, TCGETS <unfinished ...>
[pid 12980] futex(0xc420562910, FUTEX_WAIT, 0, NULL <unfinished ...>
[pid 12971] <... ioctl resumed> , {B38400 opost isig icanon echo ...}) = 0
[pid 12971] write(2, "\33[91m", 5) = 5
[pid 12971] write(2, "ERROR", 5ERROR) = 5
[pid 12971] write(2, "\33[0m", 4) = 4
[pid 12971] write(2, " cannot get current controller n"..., 55 cannot get current controller name: permission denied
) = 55
➜ ~ stat /tmp/juju-
File: /tmp/juju-
Size: 0 Blocks: 0 IO Block: 4096 regular empty file
Device: 1ch/28d Inode: 27667636 Links: 1
Access: (0600/-rw-------) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2018-05-03 09:11:40.325220604 +0200
Modify: 2018-05-03 09:11:40.325220604 +0200
Change: 2018-05-03 09:11:40.325220604 +0200
Birth: -
➜ ~ sudo rm /tmp/juju-
➜ ~ sudo chown ubuntu:ubuntu /home/ubuntu/
➜ ~ juju status
Model Controller Cloud/Region Version SLA
default vmaas vmaas 2.3.6 unsupported
...
Most likely this is due to running some sort of "sudo juju XXX" (eg status) command. share/juju/ * should not end up owned as root after a "sudo juju *" command. (We update those files with atomic replace, but I think we missed chowning them before replacing).
You should never *need* sudo for any juju commands anymore (the only one you ever did was 'juju bootstrap' with juju 1.x).
There is already a bug about ~/.local/
/tmp/* could be tried to be nice, but certainly we should give a better error message.