You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The directory resource is unable to manage writable mountpoints inside a read-only file system.
Apparently the logic assumes that the parent directory has to be writable which is not the case here.
Software Version
chef 13.8.7-4 on Debian Buster (but logic in lib/chef/provider/directory.rb is unchanged in the current version)
Chef::Exceptions::InsufficientPermissions: directory[/tmp/ro/rw] (cookbook line 42) had an error: Chef::Exceptions::InsufficientPermissions: Cannot create directory[/tmp/ro/rw] at /tmp/ro/rw due to insufficient permissions
/usr/lib/ruby/vendor_ruby/chef/mixin/why_run.rb:240:in `run'
/usr/lib/ruby/vendor_ruby/chef/mixin/why_run.rb:321:in `block in run'
/usr/lib/ruby/vendor_ruby/chef/mixin/why_run.rb:320:in `each'
/usr/lib/ruby/vendor_ruby/chef/mixin/why_run.rb:320:in `run'
/usr/lib/ruby/vendor_ruby/chef/provider.rb:181:in `process_resource_requirements'
/usr/lib/ruby/vendor_ruby/chef/provider.rb:159:in `run_action'
/usr/lib/ruby/vendor_ruby/chef/resource.rb:591:in `run_action'
/usr/lib/ruby/vendor_ruby/chef/runner.rb:70:in `run_action'
/usr/lib/ruby/vendor_ruby/chef/runner.rb:98:in `block (2 levels) in converge'
/usr/lib/ruby/vendor_ruby/chef/runner.rb:98:in `each'
/usr/lib/ruby/vendor_ruby/chef/runner.rb:98:in `block in converge'
/usr/lib/ruby/vendor_ruby/chef/resource_collection/resource_list.rb:94:in `block in execute_each_resource'
[…]
Possible Solution
Test if the given directory exists and is writable. Only test the writability of the parent directory if the directory to be managed does not exist and actually has to be created.
Best
Christopher
The text was updated successfully, but these errors were encountered:
With all my understanding I checked all these scenarios where I was able to reproduce the issue.
Here are the following scenarios. (Screenshots attached below.)
Case 1:
When the parent directory exists.
If the parent directory exists and is writable as well then we won't face any issue. Everything will look good. Please refer the
Screenshot below.
Screenshot:
Case 2:
When the parent directory exists but having on "read only" permission.
In this case we will be facing insufficient permission issue which is correct.
Screenshot:
Case 3:
When the parent directory doesn't exists.
In this case also we are seeing the insufficient permission issue but I guess we should see the different error message like - "Parent Directory does not exists"
I have made these changes accordingly. Please refer the Screenshot
Screenshots:
PS: Earlier in case if the directory was does not exists, then also we were seeing the insufficient permissions error. But I have added one extra condition to show the parent directory does not exists error.
Case 2 is also triggered when the directory to be managed already exists and is writeable itself.
The permissions of the parent directory are completely irrelevant in that case – and should not make the resource fail.
The
directory
resource is unable to manage writable mountpoints inside a read-only file system.Apparently the logic assumes that the parent directory has to be writable which is not the case here.
Software Version
chef 13.8.7-4 on Debian Buster (but logic in
lib/chef/provider/directory.rb
is unchanged in the current version)Replication Case
λ › mkdir /tmp/ro λ › mount -t tmpfs tmpfs /tmp/ro λ › mkdir /tmp/ro/rw λ › mount -o remount,ro /tmp/ro λ › LANG=C touch /tmp/ro/test touch: cannot touch '/tmp/ro/test': Read-only file system λ › mount -t tmpfs tmpfs /tmp/ro/rw λ › touch /tmp/ro/rw/test λ ›
will fail
Stacktrace
Possible Solution
Test if the given directory exists and is writable. Only test the writability of the parent directory if the directory to be managed does not exist and actually has to be created.
Best
Christopher
The text was updated successfully, but these errors were encountered: