Re: [devel] [PATCH 1/1] amf: remove hard-coding in amfnd [#3205]

[minhchau]

Hi Anand,

I think you need to try the non-root feature, there are many failures if 
I enabled the option provided by this patch.

Most of them is that amfnd will no more have privileges to manage the 
components. The components themselves normally will drop/change their 
privileges after amfnd forked them off, one of them as Thang reported.

I don't have any objection to this patch since it's configurable, but 
just wonder who will be using it unless opensaf/all components are the 
same gid/uid.

I will push it with title: "amf: provide configuration option to run 
amfnd as non-root"?

Thanks

Minh

On 6/8/20 4:13 am, Anand Sundararaj wrote:
Hi Thang/Minh/Mathi,
It is more than 2 weeks since the patch was published, we are holding a 
minor/harmless fix for a long time.
Till now, all the concerns have been addressed, I think. Please comment if you 
have any other concerns.
I will push it by Friday if I don't get any comment.

Thanks
Anand Sundararaj
Senior Solutions Architect | +1 480 686 4772
www.GetHighAvailability.com 
(https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com)
Get High Availability Today!
NJ, USA: +1 508-507-6507

On 07/30/2020 6:33 PM Anand Sundararaj <s.an...@gethighavailability.com> wrote:

  
Hi Thang/Minh/Mathi,
Please share your comment. This is a minor/harmless fix.
@Minh: Can you please push it by today EOD if you are good with it and others 
don't give any comment.

Thanks
Anand Sundararaj
Senior Solutions Architect | +1 480 686 4772
www.GetHighAvailability.com 
(https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com)
Get High Availability Today!
NJ, USA: +1 508-507-6507

On 07/29/2020 3:40 PM Anand Sundararaj <s.an...@gethighavailability.com> wrote:

  
Hi Mathi,
Great, thanks.
Though I haven't tested non-root feature, this fix give a quick access to the 
user to run amfnd as non-root. Those users, who only uses Amf and not uses Smf, 
this fix will help them quickly running amfnd in non-root mode.
Though this is not a great fix(ticket itself is raised as minor), but in my 
opinion, provides some support to the users, so should be committed.
If you have any major/serious objections, else good to commit ??
Please let me know.

Thanks
Anand Sundararaj
Senior Solutions Architect | +1 480 686 4772

www.GetHighAvailability.com 
https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com
Get High Availability Today!
NJ, USA: +1 508-507-6507

     On 07/29/2020 11:20 AM Mathi N P <mathi.np....@gmail.com> wrote:
      
      
     That description sounds fine to me. Nevertheless, I still can't see the problem you are trying to solve when it is already possible to run OpenSAF as a non-root user.
      
     Cheers,
     Mathi.

     On Tue, Jul 28, 2020 at 9:56 PM Anand Sundararaj 
<s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com > wrote:

         > >         Thanks Mathi. I can change it to  "amf: provide configuration 
option to run amfnd as non-root [##205]", is that ok?
          
         Thanks
         Anand Sundararaj
         Senior Solutions Architect | +1 480 686 4772
          
         www.GetHighAvailability.com https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com
         Get High Availability Today!
         NJ, USA: +1 508-507-6507

             > > >             On 07/28/2020 12:24 PM Mathi N P 
<mathi.np....@gmail.com mailto:mathi.np....@gmail.com > wrote:
              
              
             Hi Anand,
              
             For some background, It is not merely a hard coding that you are looking at, but it is rather by design.
             I think you should at the least change the commit message of your 
patch and describe the actual change that you are intending to introduce.
             FYI,
             Mathi.

             On Tue, Jul 28, 2020 at 6:01 PM Anand Sundararaj 
<s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com > wrote:

                 > > > > Hi Minh/Thang/Nagendra/Paul,
                 I am planning to push the patch by 30th July(thursday).
                 Please kindly find some time to review by 29th July(tomorrow) 
and
                 send your comments or Ack.

                 Thanks
                 Anand Sundararaj
                 Senior Solutions Architect | +1 480 686 4772
                 http://www.GetHighAvailability.com
                 
(https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com)
                 Get High Availability Today!
                 NJ, USA: +1 508-507-6507

                 > On 07/23/2020 9:38 PM s.an...@gethighavailability.com 
mailto:s.an...@gethighavailability.com <s.an...@gethighavailability.com 
mailto:s.an...@gethighavailability.com > wrote:
                 >
                 >
                 > Hi Thang,
                 > Good catch !
                 > Can you please let me know if you were starting pm 
monitoring on a component pid, which is in root or non-root?
                 >
                 > The issue, you are reporting, Thang, may come when Amfnd' 
(kill) doesn't have permission to send signal to the pid.
                 > I am assuming that you are getting EPERM as a return.
                 > Can you please verify, Thang(by logging, just like done in mon.cc at 
"switch (kill(mon_rec->pid, 0)) {"), if the return is EPERM or something else?
                 > If it is correct, then ideally, the user shouldn't be using 
pm monitoring on such pid and that means no change is needed in the patch.
                 > can you please confirm, Thang.
                 >
                 > Thanks
                 >
                 > Anand Sundararaj
                 > Senior Solutions Architect | 480 686 4772
                 >
                 >
                 >http://www.GetHighAvailability.com
                 >
                 > Get High Availability Today!
                 > NJ, USA: +1 508-507-6507
                 >
                 > > On 07/20/2020 9:11 PM Thang Duc Nguyen 
<thang.d.ngu...@dektech.com.au mailto:thang.d.ngu...@dektech.com.au > wrote:
                 > >
                 > >
                 > > I missed one info.  I tested with NON_ROOT user.
                 > > export AMFND_NON_ROOT=1
                 > >
                 > > -----Original Message-----
                 > > From: Thang Duc Nguyen <thang.d.ngu...@dektech.com.au 
mailto:thang.d.ngu...@dektech.com.au >
                 > > Sent: Tuesday, July 21, 2020 11:02 AM
                 > > To: s.an...@gethighavailability.com 
mailto:s.an...@gethighavailability.com ; Minh Hon Chau <minh.c...@dektech.com.au 
mailto:minh.c...@dektech.com.au >; nagen...@gethighavailability.com; 
p...@gethighavailability.com
                 > > Cc: opensaf-devel@lists.sourceforge.net 
mailto:opensaf-devel@lists.sourceforge.net
                 > > Subject: Re: [devel] [PATCH 1/1] amf: remove hard-coding 
in amfnd [#3205]
                 > >
                 > > Hi Sundararaj,
                 > >
                 > > The Opensaf can start but it may not run correctly.
                 > > I tested your patch. During passive mornitoring process of 
copoenent, this patch cuases the coredump in function avnd_comp_pm_param_val() when 
invoking saAmfPmStop()/saAmfPmStart().
                 > >
                 > > Snipest code indicate the crash in cpm.cc file void 
avnd_comp_pm_param_val( ) { ...
                 > >       if (kill(pm_start->pid, 0) == -1) {
                 > >         osafassert(errno == ESRCH); //Crash here due to 
retured error: Operation not permitted
                 > >         *o_amf_rc = SA_AIS_ERR_NOT_EXIST;
                 > >         return;
                 > >       }
                 > > }
                 > >
                 > > B.R/Thang
                 > > -----Original Message-----
                 > > From: s.an...@gethighavailability.com 
mailto:s.an...@gethighavailability.com <s.an...@gethighavailability.com 
mailto:s.an...@gethighavailability.com >
                 > > Sent: Tuesday, July 21, 2020 9:22 AM
                 > > To: Minh Hon Chau <minh.c...@dektech.com.au 
mailto:minh.c...@dektech.com.au >; Thang Duc Nguyen <thang.d.ngu...@dektech.com.au 
mailto:thang.d.ngu...@dektech.com.au >; nagen...@gethighavailability.com; 
p...@gethighavailability.com
                 > > Cc: opensaf-devel@lists.sourceforge.net 
mailto:opensaf-devel@lists.sourceforge.net ; Anand Sundararaj 
<s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com >
                 > > Subject: [PATCH 1/1] amf: remove hard-coding in amfnd 
[#3205]
                 > >
                 > > From: Anand Sundararaj <s.an...@gethighavailability.com 
mailto:s.an...@gethighavailability.com >
                 > >
                 > > ---
                 > >  src/amf/amfnd/amfnd.conf | 3 +++
                 > >  src/amf/amfnd/main.cc    | 9 ++++++++-
                 > >  2 files changed, 11 insertions(+), 1 deletion(-)
                 > >
                 > > diff --git a/src/amf/amfnd/amfnd.conf 
b/src/amf/amfnd/amfnd.conf index 07bc0ba..4e8b07a 100644
                 > > --- a/src/amf/amfnd/amfnd.conf
                 > > +++ b/src/amf/amfnd/amfnd.conf
                 > > @@ -34,3 +34,6 @@ export AVND_PM_MONITORING_RATE=1000  # 
It can be disabled if set THREAD_TRACE_BUFFER as 0, the maximum value  # can be set 
as 65535.
                 > >  # export THREAD_TRACE_BUFFER=10240
                 > > +
                 > > +#AMFND run as root. Uncomment next line to run as a user 
mentioned in nid.conf.
                 > > +#export AMFND_NON_ROOT=1
                 > > diff --git a/src/amf/amfnd/main.cc b/src/amf/amfnd/main.cc 
index d7857fa..6d9ee95 100644
                 > > --- a/src/amf/amfnd/main.cc
                 > > +++ b/src/amf/amfnd/main.cc
                 > > @@ -164,6 +164,7 @@ static void new_handler() {
                 > >
                 > >  int main(int argc, char *argv[]) {
                 > >    uint32_t error;
                 > > +  char *val;
                 > >
                 > >    // function to be called if new fails. The alternative 
of using catch of
                 > >    // std::bad_alloc will unwind the stack and thus no 
call chain will be @@ -179,7 +180,13 @@ int main(int argc, char *argv[]) {
                 > >      goto done;
                 > >    }
                 > >
                 > > -  daemonize_as_user("root", argc, argv);
                 > > +  if ((val = getenv("AMFND_NON_ROOT")) != nullptr) {
                 > > +    daemonize(argc, argv);
                 > > +    TRACE("AMFND will run as non-root");  } else {
                 > > +    daemonize_as_user("root", argc, argv);
                 > > +    TRACE("AMFND will run as root");
                 > > +  }
                 > >
                 > >    // Enable long DN
                 > >    if (setenv("SA_ENABLE_EXTENDED_NAMES", "1", 1) != 0) {
                 > > --
                 > > 2.7.4
                 > >
                 > >
                 > >
                 > > _______________________________________________
                 > > Opensaf-devel mailing list
                 > > Opensaf-devel@lists.sourceforge.net 
mailto:Opensaf-devel@lists.sourceforge.net
                 > > https://lists.sourceforge.net/lists/listinfo/opensaf-devel
                 >
                 >
                 > _______________________________________________
                 > Opensaf-devel mailing list
                 > Opensaf-devel@lists.sourceforge.net 
mailto:Opensaf-devel@lists.sourceforge.net
                 > https://lists.sourceforge.net/lists/listinfo/opensaf-devel


                 _______________________________________________
                 Opensaf-devel mailing list
                 Opensaf-devel@lists.sourceforge.net 
mailto:Opensaf-devel@lists.sourceforge.net
                 https://lists.sourceforge.net/lists/listinfo/opensaf-devel

             > > >
         > >
     >
_______________________________________________
Opensaf-devel mailing list
Opensaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensaf-devel

_______________________________________________
Opensaf-devel mailing list
Opensaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensaf-devel


_______________________________________________
Opensaf-devel mailing list
Opensaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensaf-devel