[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
This bug was fixed in the package maas - 0.1+bzr971+dfsg-0ubuntu1 --- maas (0.1+bzr971+dfsg-0ubuntu1) quantal; urgency=low * New upstream release (LP: #1044367) [ Julian Edwards ] * Fix 02-pserv-config.patch to handle new default tftp directory [ Andres Rodriguez ] * debian/maas.postinst: - include '/MAAS' for DEFAULT_MAAS_URL.(LP: #1033956) - Update bzr version to safely upgrade. * Add maas-dns package that configures DNS in MAAS (LP: #1030860) * Remove cobbler related bits - debian/maas.postinst: Drop cobbler configuration - debian/maas.install: Drop installation of snippets/preseeds. - debian/control: + Drop Depends on maas-provision. (LP: #975473) + Depends on bind9utils. + Depends on python-lockfile (LP: #1037400) Add necessary Conflicts/Replaces. Add conflicts to tftpd-hpa and dnsmasq. Depends on isc-dhcp-server for maas-dhcp, and syslinux-common. - debian/extras/maas-provision: Add missing $@ (LP: #1040462) - debian/patches: + 02-pserv-config.patch: Updated. Do not patch cobbler related bits. patch tftp config to default. * maas-dhcp: Re-add to handle initial configuration of MAAS DHCP server. * Allow restart of 'isc-dhcp-server' by adding a sudoers file: - debian/extras/99-maas-sudoers: Added. - debian/maas.install: Install 99-maas-sudoers * Minor improvements on dbconfig-common handling: - debian/maas.config: Only call dbc_go when scripts present. - debian/maas.postrm: Only call dbc_go when config file exists. * debian/maas.maas-celery.upstart: Enable Beat and set scheduler db file. * debian/maas-dns.postinst: Set correct permissions. (LP: #1042868) * debian/maas-dhcp.config: - Ask whether we want to enable DHCP (LP: #1044229) - Add debconf question for network interfaces * debian/maas.prerm: Stop services before removing database (LP: #1044559) -- Andres Rodriguez andres...@ubuntu.com Thu, 02 Aug 2012 09:01:43 -0400 ** Changed in: maas (Ubuntu) Status: Triaged = Fix Released -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
Ok so, this needs to be looked at. MAAS modifies the files and the permissions end up being: ubuntu@maas:/etc/bind/maas$ ls -l total 12 -rwxr--r-- 1 maas maas 99 Aug 31 10:44 named.conf.maas -rw-r--r-- 1 root root 193 Aug 31 10:12 named.conf.rndc.maas -rw--- 1 root root 539 Aug 31 10:12 rndc.conf.maas -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
** Changed in: maas (Ubuntu) Importance: Undecided = High ** Changed in: maas (Ubuntu) Status: New = Triaged -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
Andres said he'd make the directory writable by the package. ** Also affects: maas (Ubuntu) Importance: Undecided Status: New ** Changed in: maas Status: Incomplete = Invalid -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
Julian,
So I made the directory to be owned by maas user, root group, and this
is the outcome:
ubuntu@maas:/etc/bind$ ls -l maas/
total 12
-rw-r--r-- 1 root root 99 Aug 29 08:57 named.conf.maas
-rw-r--r-- 1 root root 193 Aug 29 08:57 named.conf.rndc.maas
-rw-r--r-- 1 root root 539 Aug 29 08:57 rndc.conf.maas
ubuntu@maas:/etc/bind$ sudo chown -R maas:root maas
ubuntu@maas:/etc/bind$ ls -l maas/
total 12
-rw-r--r-- 1 maas maas 99 Aug 29 09:05 named.conf.maas
-rw-r--r-- 1 maas root 193 Aug 29 08:57 named.conf.rndc.maas
-rw-r--r-- 1 maas root 539 Aug 29 08:57 rndc.conf.maas
Now, I re-enabled the DNS server from the WebUI , the following error
was seen in the celery.log. Additionally, I noticed that permissions on
named.conf.maas were changed, causing bind9 to fail reloading the
configuration file:
== Incorrect file permissions ==
ubuntu@maas:/etc/bind$ ls -l maas/
total 12
-rw--- 1 maas maas 99 Aug 29 09:05 named.conf.maas
-rw-r--r-- 1 maas root 193 Aug 29 08:57 named.conf.rndc.maas
-rw-r--r-- 1 maas root 539 Aug 29 08:57 rndc.conf.maas
=== bind failure (syslog) ===
Aug 29 09:05:33 maas named[23407]: received control channel command 'reload'
Aug 29 09:05:33 maas named[23407]: loading configuration from
'/etc/bind/named.conf'
Aug 29 09:05:33 maas named[23407]: /etc/bind/named.conf.local:9: open:
/etc/bind/maas/named.conf.maas: permission denied
Aug 29 09:05:33 maas named[23407]: reloading configuration failed: permission
denied
=== celery error log ===
[2012-08-29 09:05:33,405: INFO/MainProcess] Got task from broker:
provisioningserver.tasks.write_full_dns_config[3b7fe6ce-380f-442c-a9[67/784]
0e71313]
[2012-08-29 09:05:33,446: INFO/MainProcess] Got task from broker:
provisioningserver.tasks.rndc_command[86c0d418-cb60-4720-b051-212b0f891782]
[2012-08-29 09:05:33,451: INFO/MainProcess] Task
provisioningserver.tasks.write_full_dns_config[3b7fe6ce-380f-442c-a9fe-56fcd0e71313]
succeede
d in 0.0323147773743s: None
[2012-08-29 09:05:33,498: ERROR/MainProcess] Task
provisioningserver.tasks.rndc_command[86c0d418-cb60-4720-b051-212b0f891782]
raised exception
: UnpickleableExceptionWrapper('subprocess', 'CalledProcessError', (),
'CalledProcessError()')
Traceback (most recent call last):
File /usr/lib/python2.7/dist-packages/celery/execute/trace.py, line 47, in
trace
return cls(states.SUCCESS, retval=fun(*args, **kwargs))
File /usr/lib/python2.7/dist-packages/celery/app/task/__init__.py, line
247, in __call__
return self.run(*args, **kwargs)
File /usr/lib/python2.7/dist-packages/celery/app/__init__.py, line 175, in
run
return fun(*args, **kwargs)
File /usr/lib/python2.7/dist-packages/provisioningserver/tasks.py, line
165, in rndc_command
execute_rndc_command(arguments)
File /usr/lib/python2.7/dist-packages/provisioningserver/dns/config.py,
line 110, in execute_rndc_command
stdout=devnull)
File /usr/lib/python2.7/subprocess.py, line 511, in check_call
raise CalledProcessError(retcode, cmd)
CalledProcessError: CalledProcessError()
Traceback (most recent call last):
File /usr/lib/python2.7/dist-packages/celery/execute/trace.py, line 47, in
trace
return cls(states.SUCCESS, retval=fun(*args, **kwargs))
File /usr/lib/python2.7/dist-packages/celery/app/task/__init__.py, line
247, in __call__
return self.run(*args, **kwargs)
File /usr/lib/python2.7/dist-packages/celery/app/__init__.py, line 175, in
run
return fun(*args, **kwargs)
File /usr/lib/python2.7/dist-packages/provisioningserver/tasks.py, line
165, in rndc_command
execute_rndc_command(arguments)
File /usr/lib/python2.7/dist-packages/provisioningserver/dns/config.py,
line 110, in execute_rndc_command
stdout=devnull)
File /usr/lib/python2.7/subprocess.py, line 511, in check_call
raise CalledProcessError(retcode, cmd)
CalledProcessError: CalledProcessError()
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to maas in Ubuntu.
https://bugs.launchpad.net/bugs/1042868
Title:
MAAS doesn't have permissions to write in /etc/bind/maas
To manage notifications about this bug go to:
https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
ARGH. The umask is messing us around again, it's the same problem for maas- import-ephemerals. The reason it changes on an existing file is because it gets renamed from a temp file (for atomic write purposes). Do you know where the umask is getting set for the maas user? -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
Julian, we do not set a umask for the maas user. It uses the default on user creation. however, we should not rely on changing the umask for the maas user, but rather, this should be fixed setting the correct permissions when copying over the file. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
Also not that on maas-dns install, I had to fix those permissions, but they keep being changed: # fix permissions if [ -f /etc/bind/maas/named.conf.maas ]; then chmod 644 /etc/bind/maas/named.conf.maas fi -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
On Wednesday 29 August 2012 14:43:31 you wrote: Also not that on maas-dns install, I had to fix those permissions, but they keep being changed: # fix permissions if [ -f /etc/bind/maas/named.conf.maas ]; then chmod 644 /etc/bind/maas/named.conf.maas fi Yeah that's due to the atomic way of writing with a temp rename. We'll make it chmod. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
Re: [Bug 1042868] Re: MAAS doesn't have permissions to write in /etc/bind/maas
Hi Julian Already proposed a branch to fix that! :-) Cheers On Aug 29, 2012 8:15 PM, Julian Edwards 1042...@bugs.launchpad.net wrote: On Wednesday 29 August 2012 14:43:31 you wrote: Also not that on maas-dns install, I had to fix those permissions, but they keep being changed: # fix permissions if [ -f /etc/bind/maas/named.conf.maas ]; then chmod 644 /etc/bind/maas/named.conf.maas fi Yeah that's due to the atomic way of writing with a temp rename. We'll make it chmod. -- You received this bug notification because you are subscribed to the bug report. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to maas in Ubuntu. https://bugs.launchpad.net/bugs/1042868 Title: MAAS doesn't have permissions to write in /etc/bind/maas To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1042868/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
