search

chef / chef

Chef Infra, a powerful automation platform that transforms infrastructure into code automating how infrastructure is configured, deployed and managed across any environment, at any scale
http://www.chef.io/chef/
Apache License 2.0
7.63k stars 2.51k forks source link

apt_repository.run_action and execute don't mix well #10941

Open axos88 opened 3 years ago

axos88 commented 3 years ago

Description

apt_repository('apt.postgresql.org').run_action(:add)
execute 'as other user' do
  command 'echo foo'
  user 'foo'
end

results in:

/opt/chef/embedded/lib/ruby/2.6.0/fileutils.rb:1277:in `open': Permission denied @ dir_initialize - /tmp/.gpg20210127-21969-1km22p1 (Errno::EACCES)
    from /opt/chef/embedded/lib/ruby/2.6.0/fileutils.rb:1277:in `children'
    from /opt/chef/embedded/lib/ruby/2.6.0/fileutils.rb:1277:in `entries'
    from /opt/chef/embedded/lib/ruby/2.6.0/fileutils.rb:1473:in `postorder_traverse'
    from /opt/chef/embedded/lib/ruby/2.6.0/fileutils.rb:758:in `remove_entry'
>>  from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.6.10/lib/chef/provider/apt_repository.rb:204:in `block in install_key_from_uri'
>>  from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/mixlib-shellout-3.0.7/lib/mixlib/shellout/unix.rb:321:in `fork'
    from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/mixlib-shellout-3.0.7/lib/mixlib/shellout/unix.rb:321:in `fork_subprocess'
    from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/mixlib-shellout-3.0.7/lib/mixlib/shellout/unix.rb:97:in `run_command'
    from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/mixlib-shellout-3.0.7/lib/mixlib/shellout.rb:270:in `run_command'
    from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.6.10/lib/chef/mixin/shell_out.rb:170:in `shell_out_command'
    from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.6.10/lib/chef/mixin/shell_out.rb:129:in `shell_out_compacted!'
    from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.6.10/lib/chef/mixin/shell_out.rb:64:in `shell_out!'
>>  from /opt/chef/embedded/lib/ruby/gems/2.6.0/gems/chef-15.6.10/lib/chef/provider/execute.rb:58:in `block in action_run'
....

due to the at_exit call here: https://github.com/chef/chef/blob/2900361916aa884ad8d54e98228aa3406964e8a3/lib/chef/resource/apt_repository.rb#L259

The execute as other user forks, and when terminating seems to also want to delete that directory, but probably as the user specified, which does not have permission to do it.

Chef Version

I'm using chef 15.6.10, but the culprit line is present in chef 17 as well.

Platform Version

ubuntu 20.04

axos88 commented 3 years ago

Correction: it happens without the run action as well. Workaround use sudo in the command...

manick-vel-11 commented 3 years ago

Hi, I tried running the recipe with sudo privilege and with uri option in the apt_repository and the recipe is running fine. Also, execute recipe seems to works good in combination with apt_repository along with sudo privileges too. Hereby pasting the recipe below. Please let me know incase of any issues with the recipe

apt_repository 'postgresql' do uri 'apt.postgresql.org' action :add end execute 'as other user' do command 'echo foo' user 'foo' end