search

appgate / sdp-tf-reference-architecture

Example reference architecture for Appgate deployment on AWS.
MIT License
5 stars 3 forks source link

permissions incorrect for '/mnt/state/config/current/remote.json' #8

Closed drewmullen closed 3 years ago

drewmullen commented 3 years ago 
$ /usr/share/admin-scripts/appgate-autoscale.py upscale \
>     ${controller_dns} \
>     --port 8443 \
>     --cacert /tmp/cacert.pem \
>     --username $USERNAME \
>     --site ${site_id} \
>     --share-client-hostname  \
>     --password-path /tmp/password-executable > /tmp/seed.json
Traceback (most recent call last):
  File "/usr/share/admin-scripts/appgate-autoscale.py", line 932, in <module>
    main()
  File "/usr/share/admin-scripts/appgate-autoscale.py", line 922, in main
    action_fn(sys.argv[2:])
  File "/usr/share/admin-scripts/appgate-autoscale.py", line 530, in upscale
    admin = _admin(args, peer_api_version=args.peer_api_version or get_current_version())
  File "/usr/share/admin-scripts/appgate-autoscale.py", line 515, in get_current_version
    with open('/mnt/state/config/current/remote.json') as f:
PermissionError: [Errno 13] Permission denied: '/mnt/state/config/current/remote.json'
$ sudo ls -la /mnt/state/config/current/
total 32
drwx------ 3 root root 4096 May 19 15:53 .
drwxr-xr-x 8 root root 4096 May 19 15:53 ..
drwx------ 4 root root 4096 May 19 15:53 compiled
-rw------- 1 root root 8951 May 19 15:53 local.json
-rw------- 1 root root 4613 May 19 15:53 remote.json

fix:

$ sudo chmod 0777 /mnt/state/config/current
$ sudo chmod 0777 /mnt/state/config/current/remote.json
thomascellerier commented 3 years ago

appgate-autoscale.py assumes its running as root on an appgate sdp instance. Which is the case when run from a startup script in a cloud instance.

So you shouldn't need to change file permissions.

drewmullen commented 3 years ago

you're absolutely right about this