One known instance of this is in nimbus-edit-user when the gridmap file is edited. It first creates a modified copy of the gridmap in a tempfile (in $NIMBUS_HOME/var/) then deletes the existing file and uses os.rename() to move the new one in place. This fails if the source and destination are not on the same partition:
WARNING! user not found in /O=Auto/OU=FermiCloudNimbus/CNfirstname.lastname@example.org
Traceback (most recent call last):
File "/opt/nimbus/libexec/nimbus_edit_user.py", line 251, in <module>
rc = main()
File "/opt/nimbus/libexec/nimbus_edit_user.py", line 242, in main
File "/opt/nimbus/libexec/nimbus_edit_user.py", line 219, in edit_user
File "/opt/nimbus/libexec/nimbus_edit_user.py", line 144, in remove_gridmap
OSError: [Errno 18] Invalid cross-device link
More importantly, this failure leaves the installation without a gridmap. Because there could be other failures, we should avoid deleting the gridmap and instead move the modified copy over top of it. I think shutil.move() will accomplish this (as well as allow cross-partition move).
I expect the same bug is in the other user tools as they also edit a gridmap. We should also check the group-authz file writing for this bug.
patch for GH-65