juju 3.5 wrong uid for pebble daemon
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
New
|
Undecided
|
Unassigned |
Bug Description
Deploying a charm on juju 3.5.1 fails because pebble daemon does not have admin access.
New feature was added in 3.5, allowing to specify an uid for the pebble process: https:/
This broke existing charm that had a Rock image specifying `run-user`. This made pebble start with the `_daemon_` (584792) while the `uid` and `gid` were not specified in charmcraft.yaml container definition.
This broke the charm because the charm operator tries to modify apache2 files in /etc, which requires more rights than `584792` has.
Juju: 3.5.1
Microk8s: 1.28
openstack-
Reproduction step:
- have a juju 3.5.1 controller on a k8s cloud
- juju deploy <attached bundle> --trust
- once ready, openstack-
-------
juju ssh -m testing --container openstack-
_daemon_
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
_daemon_ 1 0.0 0.0 1234868 10392 ? Ssl 07:50 0:00 /charm/bin/pebble run --create-dirs --hold --http :38813 --verbose
_daemon_ 23 0.0 0.0 2892 1600 pts/0 Ss 07:54 0:00 sh -c bash
_daemon_ 30 0.0 0.0 4628 3520 pts/0 S 07:54 0:00 bash
_daemon_ 32 0.0 0.0 7064 2720 pts/0 R+ 07:54 0:00 ps aux