Make write/push and make-dir chown intermediate dirs when setting user #130
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Per user report, write/push and make-dir are not setting the user/group on intermediate directories when the user and group is set. This can lead to the file being unreachable when Pebble is running a workload with a specific user:group. Fix these API calls to chown the intermediate directories as needed. Use the existing osutil.MkdirAllChown where appropriate. Add tests for the above, including integration tests that require root. Fixes canonical#124
hpidcock
approved these changes
Jul 28, 2022
Per review feedback, this is so we can reuse the MkdirAllChown mutex and the create/rename approach.
hpidcock
approved these changes
Jul 29, 2022
hpidcock
reviewed
Jul 29, 2022
benhoyt
added a commit
to benhoyt/juju
that referenced
this pull request
Jul 29, 2022
This picks up three recent changes: * Explicitly set HOME and USER env vars if service user+group set: canonical/pebble#129: * Make write/push and make-dir chown intermediate dirs when setting user: canonical/pebble#130 * Make exec checks consistently not inherit parent environment variables: canonical/pebble#131
5 tasks
jujubot
added a commit
to juju/juju
that referenced
this pull request
Jul 29, 2022
#14393 This picks up three recent bug fixes (the first two were reported by users): * canonical/pebble#129: * canonical/pebble#130 * canonical/pebble#131 ## Checklist - [ ] ~Code style: imports ordered, good names, simple structure, etc~ - [ ] ~Comments saying why design decisions were made~ - [ ] ~Go unit tests, with comments saying what you're testing~ - [ ] ~[Integration tests](https://github.com/juju/juju/tree/develop/tests), with comments saying what you're testing~ - [ ] ~[doc.go](https://discourse.charmhub.io/t/readme-in-packages/451) added or updated in changed packages~ ## QA steps ```sh $ juju bootstrap microk8s $ juju deploy snappass-test $ juju status # browse to http://<ip address>:5000 to ensure it's working ```
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Per user report, write/push and make-dir are not setting the user/group
on intermediate directories when the user and group is set. This can
lead to the file being unreachable when Pebble is running a workload
with a specific user:group.
Fix these API calls to chown the intermediate directories as needed.
Use the existing osutil.MkdirAllChown where appropriate.
Add tests for the above, including integration tests that require root.
Fixes #124