Fix Permissions #196
Fix Permissions #196
Conversation
All files and directories in /opt/zookeeper are being installed as root. This updates them to use the zookeeper user. Files being owned by root is causing the following issue in https://github.com/evertrue/exhibitor-cookbook ``` 2017-02-08_11:07:50.94238 java.io.FileNotFoundException: /opt/zookeeper-3.4.9/conf/zoo.cfg (Permission denied) 2017-02-08_11:07:50.94238 at java.io.FileOutputStream.open(Native Method) 2017-02-08_11:07:50.94239 at java.io.FileOutputStream.<init>(FileOutputStream.java:221) 2017-02-08_11:07:50.94239 at java.io.FileOutputStream.<init>(FileOutputStream.java:171) 2017-02-08_11:07:50.94240 at com.netflix.exhibitor.core.processes.StandardProcessOperations.prepConfigFile(StandardProcessOperations.java:167) 2017-02-08_11:07:50.94240 at com.netflix.exhibitor.core.processes.StandardProcessOperations.startInstance(StandardProcessOperations.java:109) 2017-02-08_11:07:50.94240 at com.netflix.exhibitor.core.state.KillRunningInstance.completed(KillRunningInstance.java:41) 2017-02-08_11:07:50.94240 at com.netflix.exhibitor.core.activity.ActivityQueue$1.run(ActivityQueue.java:127) 2017-02-08_11:07:50.94240 at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) 2017-02-08_11:07:50.94240 at java.util.concurrent.FutureTask.run(FutureTask.java:262) 2017-02-08_11:07:50.94240 at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) 2017-02-08_11:07:50.94241 at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) 2017-02-08_11:07:50.94241 at java.lang.Thread.run(Thread.java:745) ```
|
@davidsayers oh my goodness, thanks for chasing that down! |
|
@davidsayers hm. The |
| @@ -72,6 +72,8 @@ | |||
| prefix_root install_dir | |||
| prefix_home install_dir | |||
| checksum new_resource.checksum if new_resource.checksum | |||
| owner username | |||
| group username | |||
There was a problem hiding this comment.
Ahhh, I see. This is the trick, right here.
| owner user | ||
| group user | ||
| owner new_resource.user | ||
| group new_resource.user |
There was a problem hiding this comment.
This is not part of the fix, since the user value and new_resource.user are the same, in this case.
There was a problem hiding this comment.
user was being passed in as nil when using:
owner user
group user
| @@ -46,7 +46,8 @@ | |||
| env_vars_hash['JVMFLAGS'] = java_opts if java_opts | |||
|
|
|||
| file "#{conf_dir}/zookeeper-env.sh" do | |||
| owner user | |||
| owner new_resource.user | |||
| group new_resource.user | |||
There was a problem hiding this comment.
Adding the group here is a good call.
|
It looked to me like the exhibitor cookbook will need to use zookeeper_config. Currently there is an issue in where java_opts are being ignored. |
|
@davidsayers it doesn’t use That said, you’re right; that’s tricky. Once upon a time, this & the exhibitor cookbook were tightly coupled. |
|
@davidsayers this is tricky for me to help out with; I’m not actually using ZooKeeper at my current job. @eherot is still using it at EverTrue. Doing my best to keep contributing to this cookbook! That said, I think that Exhibitor’s Perhaps the |
|
What things are you trying to configure via the |
|
I'm not sure if it is the way I will go but I was testing Zookeeper authentication as described here This requires a JVM setting. |
|
What about setting Exhibitor’s Based on what I can tell, you’d populate that config with what you want the contents of a Java environment file to contain. So if you want that to pass along override['exhibitor']['config']['java-environment'] = "JVMFLAGS=#{your_flags}"That is entirely guesswork, but give it a go in your wrapper cookbook! |
|
I’ve got to get back to other things now unfortunately. I’ll ship this ownership fix though. |
|
I did try java.env but it didn't work. Maybe I didn't spend enough time on it. Will try again. If that ends up being the recommended approach, https://github.com/evertrue/exhibitor-cookbook/blob/master/recipes/default.rb#L25 should be removed as it is confusing. |
|
@davidsayers good point; that is confusing. I’ll nix that, since it doesn’t have any effect anymore (it used to, long ago). |
All files and directories in /opt/zookeeper are being installed as root. This updates them to use the zookeeper user.
Files being owned by root is causing the following issue in https://github.com/evertrue/exhibitor-cookbook