search

ConSol-Monitoring / omd

OMD - Open Monitoring Distribution Labs Edition.
http://omd.consol.de
GNU General Public License v2.0
171 stars 35 forks source link

omd restore fails: home directory not owned by sitename #208

Closed rubaducks closed 2 weeks ago

rubaducks commented 2 weeks ago

Hello,

When executing the omd restore command, I get the following error: "ERROR: home directory (/omd/sites/test) is not owned by user test and group test" After the error, the command stops running.

Full command: omd restore --kill --reuse test /tmp/site_test.tgz

ll /omd/sites/ shows that the dir of my site is owned by user "test" and group "omd".

When manually setting the group of the site home dir to the sitename/user with command: chgrp test /omd/sites/test And then executing the omd restore command again I first get the following Python error, but the restore works for the most part: Traceback (most recent call last): File "/usr/bin/omd", line 5368, in cmd_spec.fn(main_args, args) File "/usr/bin/omd", line 4360, in main_restore if not site_is_stopped(g_sitename): File "/usr/bin/omd", line 575, in site_is_stopped return call_as_forked_site_user(site_is_stopped, [sitename], {}) == 1 File "/usr/bin/omd", line 5186, in call_as_forked_site_user set_environment() File "/usr/bin/omd", line 2712, in set_environment create_config_environment() File "/usr/bin/omd", line 2192, in create_config_environment for varname, value in list(g_site_conf.items()): AttributeError: 'NoneType' object has no attribute 'items'

lausser commented 2 weeks ago

At the top of /usr/bin/omd there is a line:

g_site_conf = None # { "CORE" : "naemon", ... } (contents of etc/omd/site.conf plus defaults from hooks)

can you replace this with g_site_conf = {}

and try again?

Gerhard

From: rubaducks @.> Sent: Wednesday, November 6, 2024 9:50 AM To: ConSol-Monitoring/omd @.> Cc: Subscribed @.***> Subject: [ConSol-Monitoring/omd] omd restore fails: home directory not owned by sitename (Issue #208)

Hello,

When executing the omd restore command, I get the following error: "ERROR: home directory (/omd/sites/test) is not owned by user test and group test" After the error, the command stops running.

Full command: omd restore --kill --reuse test /tmp/mcs_site_test.tgz

ll /omd/sites/ shows that the dir of my site is owned by user test and group "omd".

When manually setting the group of the site home dir to the sitename/user with command: chgrp test /omd/sites/test And then executing the omd restore command again I first get the following Python error, but the restore works for the most part: Traceback (most recent call last): File "/usr/bin/omd", line 5368, in cmd_spec.fn(main_args, args) File "/usr/bin/omd", line 4360, in main_restore if not site_is_stopped(g_sitename): File "/usr/bin/omd", line 575, in site_is_stopped return call_as_forked_site_user(site_is_stopped, [sitename], {}) == 1 File "/usr/bin/omd", line 5186, in call_as_forked_site_user set_environment() File "/usr/bin/omd", line 2712, in set_environment create_config_environment() File "/usr/bin/omd", line 2192, in create_config_environment for varname, value in list(g_site_conf.items()): AttributeError: 'NoneType' object has no attribute 'items'

— Reply to this email directly, view it on GitHubhttps://github.com/ConSol-Monitoring/omd/issues/208, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AABQSOAEHSUMRL5X3GGGKGDZ7HJ4BAVCNFSM6AAAAABRIJ4PWOVHI2DSMVQWIX3LMV43ASLTON2WKOZSGYZTONBSGE3TGNA. You are receiving this because you are subscribed to this thread.Message ID: @.***>

rubaducks commented 2 weeks ago

@lausser Yes that mitigates the Python error I am getting, but that is not the root cause of the problem. In previous OMD versions, the site dir (/omd/sites/) was owned by siteuser:siteuser. Now, the site dir is owned by siteuser:omd. At line 504: if not file_owner_verify(site_dir(name), user.pw_uid, user.pw_gid): This check will fail because user.pw_gid returns "test" (or the "sitename") instead of "omd". I think the line should be something like: if not file_owner_verify(site_dir(name), user.pw_uid, "omd"): or if not file_owner_verify(site_dir(name), user.pw_uid, group_id("omd")):

sni commented 2 weeks ago

that's not the case, the site folder has always been owned by the sitename and the sites group. All site users have the "omd" group, but the site folders group is not "omd".

rubaducks commented 2 weeks ago

These are my two sites: image My version is 5.41.20240923-labs-edition

sni commented 2 weeks ago

that's not how they were created initially:

https://github.com/ConSol-Monitoring/omd/blob/labs/packages/omd/omd#L3245-L3247

Initially they have 0755 permissions with owner siteuser and group sitegroup.

ketra commented 2 weeks ago

this is the status after creation, the site test is created in an earlier version image

rubaducks commented 2 weeks ago

See line 3182 https://github.com/ConSol-Monitoring/omd/blob/labs/packages/omd/omd#L3182-L3192

sni commented 2 weeks ago

thanks for pointing that out, seems like we changed that earlier this year. I totally forgot. Seems like we forgot to adopt the restart/reuse part handling the new permissions/owners.

sni commented 2 weeks ago

should be fine now. The default permissions are indeed 0750 with siteuser:omd ownership. I added some testcases as well.