Problem: Pulp 2 stops working after installing Pulp 3 #128
Conversation
We could introduce a PULP_GROUP and have it default to 'pulp'. We introduced a group called 'pulp' in Pulp 2.20[0]. These changes are intended to allow installing Pulp 3 on the same machine as Pulp 2. I am interested in hearing other suggestions |
|
@ekohl @sbernhard I updated the PR with your great suggestion. |
roles/pulp/tasks/install.yml
Outdated
| @@ -41,6 +41,12 @@ | |||
| check_mode: False | |||
| register: result | |||
|
|
|||
| - name: Make sure {{ pulp_group }} group exists | |||
| group: | |||
| name: pulp | |||
There was a problem hiding this comment.
Missed one:
| name: pulp | |
| name: '{{ pulp_group }}' |
| @@ -41,6 +41,12 @@ | |||
| check_mode: False | |||
| register: result | |||
|
|
|||
| - name: Make sure {{ pulp_group }} group exists | |||
There was a problem hiding this comment.
I don't if Ansible properly interpolates here or if you need to quote. Still a bit of magic to me.
roles/pulp/tasks/install.yml
Outdated
| @@ -49,20 +55,30 @@ | |||
| system: true | |||
| when: developer_user is not defined | |||
|
|
|||
| - name: Add user {{ pulp_user }} to 'pulp' group | |||
There was a problem hiding this comment.
Haven't looked at the details, but would this still happen if developer_user is set? Should it add the developer user to the pulp group?
There was a problem hiding this comment.
We usually set 'developer_user' to the same thing as 'pulp_user'. And that value is usually 'vagrant'.
There was a problem hiding this comment.
'Usually' sounds like it'd be safer to also do it for developer_user. Ansible should be idempotent so it shouldn't hurt when they do match.
There was a problem hiding this comment.
Just pushed again with this change.
| append: true | ||
| when: developer_user is defined | ||
|
|
||
| - name: Reset ssh conn to allow user changes to affect when ssh user and pulp user are the same |
There was a problem hiding this comment.
I tried that, but got a warning saying that it is not allowed with the 'reset_connection' metatask.
| @@ -8,6 +8,9 @@ pulp_install_dir: '/usr/local/lib/pulp' | |||
| pulp_install_plugins: {} | |||
| pulp_install_api_service: true | |||
| pulp_user: pulp | |||
| pulp_user_id: | |||
| pulp_group: pulp | |||
| pulp_group_id: | |||
There was a problem hiding this comment.
Please add these to the role README.
Also, what is the behavior when blank like this?
There was a problem hiding this comment.
The behavior is that the operating system assigns the UID. However, if it is provided, that number will be used. unless it's taken and tehn an error will occur.
Solution: make use of the 'pulp' group when setting permissions Pulp 2.20 changed ownership of /var/lib/pulp and /etc/pulp from group 'apache' to group 'pulp'. This change to the installer ensures that the permissions on these directories remain the same after the installer runs on a machine that already has Pulp 2 installed. This patch introduces 3 new pulp settings called 'pulp_group', 'pulp_group_id', and 'pulp_user_id'. The 'pulp_group' defaults to 'pulp'. The 'pulp_user' is added to the 'pulp_ group' group. The connection is reset after this to support installations where the ssh user being used for ansible is the same as the pulp_user. This allows the user changes to take affect. The defaults for 'pulp_user_id' and 'pulp_group_id' are empty. When specified, the installer will use values to set 'uid' and 'gid' respectively. closes: #5104 https://pulp.plan.io/issues/5104
Solution: make use of the 'pulp' group when setting permissions
Pulp 2.20 changed ownership of /var/lib/pulp and /etc/pulp from group 'apache' to group
'pulp'. This change to the installer ensures that the permissions on these directories
remain the same after the installer runs on a machine that already has Pulp 2 installed.
This patch ensures that the 'pulp_user' is added to the 'pulp' group. The connection is
reset after this to support installations where the ssh user being used for ansible is the
same as the pulp_user. This allows the user changes to affect.
closes: #5104
https://pulp.plan.io/issues/5104