persistent directories do not match the desired directory rights

Bug #1871231 reported by Jose Luis Franco
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tripleo
High
Jose Luis Franco

Bug Description

Most of the service templates create a persistent directory in the host where they run:

      host_prep_tasks:
        - name: create persistent directories
          file:
            path: "{{ item.path }}"
            state: directory
            setype: "{{ item.setype }}"
          with_items:
            - { 'path': /var/log/containers/rabbitmq, 'setype': container_file_t, 'mode': '0750' }
            - { 'path': /var/lib/rabbitmq, 'setype': container_file_t }

However, when checking the rights of the created directory, they don't seem to match with what is being specified in the directory creation:

(undercloud) [stack@undercloud-0 ~]$ sudo ls -larth /var/log/containers/rabbitmq
total 84K
drwxr-x---. 20 root root 4.0K Mar 31 16:29 ..
-rw-r--r--. 1 42439 42439 45K Apr 1 00:01 <email address hidden>
-rw-r--r--. 1 42439 42439 198 Apr 1 00:01 rabbit@undercloud-0_upgrade.log.1
-rw-r--r--. 1 42439 42439 0 Apr 1 00:01 rabbit@undercloud-0_upgrade.log
-rw-r--r--. 1 42439 42439 325 Apr 2 00:01 <email address hidden>
drwxr-xr-x. 3 42439 42439 233 Apr 6 10:01 .
-rw-r--r--. 1 42439 42439 7.0K Apr 6 10:01 <email address hidden>
-rw-r--r--. 1 42439 42439 14K Apr 6 10:49 <email address hidden>
drwxr-xr-x. 2 42439 42439 99 Apr 6 12:18 log

/var/log/containers/rabbitmq has 0755 rights instead of 0750. And the same happens for all the created directories.

It looks like the mode option wasn't taken into account at the time of invoking the file Ansible module.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (master)

Fix proposed to branch: master
Review: https://review.opendev.org/717861

Changed in tripleo:
status: Triaged → In Progress
tags: added: queens-backport-potential stein-backport-potential train-backport-potential
Changed in tripleo:
assignee: Jose Luis Franco (jfrancoa) → Bogdan Dobrelya (bogdando)
wes hayutin (weshayutin)
Changed in tripleo:
milestone: ussuri-3 → ussuri-rc3
Changed in tripleo:
assignee: Bogdan Dobrelya (bogdando) → Jose Luis Franco (jfrancoa)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (master)

Reviewed: https://review.opendev.org/717861
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=94bc023390fd34d1a7db4dddb2c92ebe3877b0fb
Submitter: Zuul
Branch: master

commit 94bc023390fd34d1a7db4dddb2c92ebe3877b0fb
Author: Jose Luis Franco Arza <email address hidden>
Date: Mon Apr 6 23:15:44 2020 +0200

    Add mode option when creating persistent directories.

    Almost every single tripleo service creates a persistent directory. To
    simplify the creation, a with_items structure was being used. In which
    many times, the mode option was being set. However, that mode option
    was not taken into account at the time of creating the file. As a
    consequence, the directory was being created with its father directory
    rights, instead of the ones being passed in the template.

    Change-Id: I215db2bb79029c19ab8c62a7ae8d93cec50fb8dc
    Closes-Bug: #1871231

Changed in tripleo:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tripleo-heat-templates (stable/train)

Fix proposed to branch: stable/train
Review: https://review.opendev.org/725543

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tripleo-heat-templates (stable/train)

Reviewed: https://review.opendev.org/725543
Committed: https://git.openstack.org/cgit/openstack/tripleo-heat-templates/commit/?id=56acca50780e0a1cf09fbf6c9706951a0f27b6aa
Submitter: Zuul
Branch: stable/train

commit 56acca50780e0a1cf09fbf6c9706951a0f27b6aa
Author: Jose Luis Franco Arza <email address hidden>
Date: Mon Apr 6 23:15:44 2020 +0200

    Add mode option when creating persistent directories.

    Almost every single tripleo service creates a persistent directory. To
    simplify the creation, a with_items structure was being used. In which
    many times, the mode option was being set. However, that mode option
    was not taken into account at the time of creating the file. As a
    consequence, the directory was being created with its father directory
    rights, instead of the ones being passed in the template.

    Change-Id: I215db2bb79029c19ab8c62a7ae8d93cec50fb8dc
    Closes-Bug: #1871231
    (cherry picked from commit 94bc023390fd34d1a7db4dddb2c92ebe3877b0fb)

tags: added: in-stable-train
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/tripleo-heat-templates 11.4.0

This issue was fixed in the openstack/tripleo-heat-templates 11.4.0 release.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers