Hi, What is the conclusion on this issue? Thanks,
Pierre 2012/2/6 Pierre Casenove <[email protected]>: > Hello, > I was not very clear on my issue on my first post, apologies. > So, what happens exactly when the file is created with 600 access mode: > - When navigating to Systems --> Kickstart --> Profiles and selecting > a kickstart, the following msg appears on the top: > There are errors in your kickstart template. Please check the <a > href="/rhn/kickstart/KickstartFileDownload.do?ksid=2">template > errors</a> to determine the problem with the template. > - When opening the kickstart in a browser, here is the error: > <pre> > Mod_python error: "PythonHandler services" > Traceback (most recent call last): > File "/usr/lib64/python2.4/site-packages/mod_python/apache.py", line > 287, in HandlerDispatch > log=debug) > File "/usr/lib64/python2.4/site-packages/mod_python/apache.py", line > 464, in import_module > module = imp.load_module(mname, f, p, d) > File "/var/www/cobbler/svc/services.py", line 22, in ? > from cobbler.services import CobblerSvc > File "/usr/lib/python2.4/site-packages/cobbler/services.py", line 36, in ? > import remote > File "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 45, in ? > import api as cobbler_api > File "/usr/lib/python2.4/site-packages/cobbler/api.py", line 28, in ? > import action_sync > File "/usr/lib/python2.4/site-packages/cobbler/action_sync.py", line 36, in ? > import templar > File "/usr/lib/python2.4/site-packages/cobbler/templar.py", line 29, in ? > from template_api import Template > File "/usr/lib/python2.4/site-packages/cobbler/template_api.py", line 42, in > ? > raise CX("/etc/cobbler/settings is not a valid YAML file") > CX: '/etc/cobbler/settings is not a valid YAML file' > </pre> > > Here is the appache_error_log: > [Mon Feb 06 15:59:31 2012] [notice] mod_python: (Re)importing module > 'services' > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: Traceback (most recent call last): > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib64/python2.4/site-packages/mod_python/apache.py", line 287, > in HandlerDispatch\n log=debug) > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib64/python2.4/site-packages/mod_python/apache.py", line 464, > in import_module\n module = imp.load_module(mname, f, p, d) > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File "/var/www/cobbler/svc/services.py", > line 22, in ?\n from cobbler.services import CobblerSvc > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib/python2.4/site-packages/cobbler/services.py", line 36, in > ?\n import remote > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib/python2.4/site-packages/cobbler/remote.py", line 45, in ?\n > import api as cobbler_api > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib/python2.4/site-packages/cobbler/api.py", line 28, in ?\n > import action_sync > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib/python2.4/site-packages/cobbler/action_sync.py", line 36, in > ?\n import templar > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib/python2.4/site-packages/cobbler/templar.py", line 29, in ?\n > from template_api import Template > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: File > "/usr/lib/python2.4/site-packages/cobbler/template_api.py", line 42, > in ?\n raise CX("/etc/cobbler/settings is not a valid YAML file") > [Mon Feb 06 15:59:31 2012] [error] [client 10.120.193.15] > PythonHandler services: CX: '/etc/cobbler/settings is not a valid YAML > file' > > When setting 644 access mode on file /etc/cobbler/settings, everything > is correct > > I have ran 2 spacewalk upgrades, and this file permission issue is the > only one I encountered each time. The rest was correct. As > spacewalk-upgrade is run as root, it could also save the current umask > value at the beggining, change it to 0022 and returns to original > value at the end. > I checked a bit the upgrade script when I worked on the fix, and this > file is the only one created from scratch, this might be the real > issue. > > Anyway, I let you decide what's best. > > Pierre > > 2012/2/6 Jan Pazdziora <[email protected]>: >> On Wed, Jan 25, 2012 at 08:51:20AM +0100, Pierre Casenove wrote: >>> Hello, >>> I ran into an issue when I upgraded from SW 1.5 to SW 1.6: >>> - on my set up, root user has an umask of 0077 >>> - during setup, /etc/cobbler/settings is backuped and recreated... but >>> with permission set to root:root 600 >>> - Apache can't access the file until chmod 644 is performed >> >> What is the error produced by Apache? >> >>> Please find attached a patch that simply calls chmod after cobbler >>> file has been created in spacewalk-setup perl script. >>> I couldn't test it in all cases so please review it carrefully. >> >> The problem I see with this approach to fixing the issue is that >> there are likely other situations when umask 0077 will simply >> produce unexpected results. So I wonder if spacewalk-setup should >> instead refuse to run if it detects something more restrictive than >> 0022? >> >> -- >> Jan Pazdziora >> Principal Software Engineer, Satellite Engineering, Red Hat >> >> _______________________________________________ >> Spacewalk-list mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/spacewalk-list _______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
