teemerson
commented
4 days ago Am no long baffled, I missed this in the rpmbuild output:
mangling shebang in /usr/bin/amazon-efs-mount-watchdog from /usr/bin/env python3 to #!/usr/bin/python3 *** WARNING: ./usr/lib/systemd/system/amazon-efs-mount-watchdog.service is executable but has no shebang, removing executable bit
mangling shebang in /sbin/mount.efs from /usr/bin/env python3 to #!/usr/bin/python3
WARNING: ./etc/amazon/efs/efs-utils.conf is executable but has no shebang, removing executable bit WARNING: ./etc/amazon/efs/efs-utils.crt is executable but has no shebang, removing executable bit
We solved our immediate issue by adding to provisioning: ansible.builtin.shell: chmod 755 /sbin/mount.efs /usr/bin/amazon-efs-mount-watchdog
NAME="AlmaLinux" VERSION="9.4 (Seafoam Ocelot)"
The "make build" command produces a valid RPM. The RPM amazon-efs-utils-2.0.4-2.el9.x86_64.rpm installs properly with an exception: -rw-------. 1 root root 142737 Sep 11 19:41 /sbin/mount.efs -rw-------. 1 root root 79540 Sep 11 19:41 /usr/bin/amazon-efs-mount-watchdog
The efs-proxy has correct permissions: -rwxr-xr-x. 1 root root 4610128 Sep 11 19:43 /sbin/efs-proxy
Looking at the rpm build, I see:
install -p -m 755 /source/efs-utils/build/rpmbuild/BUILD/amazon-efs-utils/src/mount_efs/init.py /source/efs-utils/build/rpmbuild/BUILDROOT/amazon-efs-utils-2.0.4-2.el9.x86_64/sbin/mount.efs
install -p -m 755 /source/efs-utils/build/rpmbuild/BUILD/amazon-efs-utils/src/watchdog/init.py /source/efs-utils/build/rpmbuild/BUILDROOT/amazon-efs-utils-2.0.4-2.el9.x86_64/usr/bin/amazon-efs-mount-watchdog
install -p -m 755 /source/efs-utils/build/rpmbuild/BUILD/amazon-efs-utils/src/proxy/target/release/efs-proxy /source/efs-utils/build/rpmbuild/BUILDROOT/amazon-efs-utils-2.0.4-2.el9.x86_64/sbin/efs-proxy (Include this last efs-proxy to demonstrate the use of "install -p -m 755" was successful here.)
efs-utils/build/rpmbuild/BUILDROOT/amazon-efs-utils-2.0.4-2.el9.x86_64/sbin -rwxr-xr-x 1 root root 4610128 Sep 13 00:39 efs-proxy -rw------- 1 root root 142737 Sep 13 00:36 mount.efs
efs-utils/build/rpmbuild/BUILDROOT/amazon-efs-utils-2.0.4-2.el9.x86_64/usr/bin -rw------- 1 root root 79540 Sep 13 00:36 amazon-efs-mount-watchdog
These 600 permission are also seen in the packaged RPM: -rw------- 1 root root 142737 Sep 13 00:36 /sbin/mount.efs -rw------- 1 root root 79540 Sep 13 00:36 /usr/bin/amazon-efs-mount-watchdog
The successful efs-proxy is a compiled binary. The incorrect permissions on mount.efs and amazon-efs-mount-watchdog, these are Python scripts. Which should matter not at all to the "install" command.
Our workaround will be to locally revise the spec file to ensure the two Python scripts install with the correct permissions.
I am truly baffled, the spec file looks correct, the build log looks correct.
If I find anything further regarding why "install -p -m 755" was successful for a binary but failed for a Python script, I'll post back.
Sincerely, Baffled.