New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Systemd warns that "rockstor-hdparm.service is marked world-inaccessible" #1493

Closed
maxhq opened this Issue Oct 21, 2016 · 5 comments

Comments

Projects
None yet
3 participants
@maxhq
Contributor

maxhq commented Oct 21, 2016

As already mentioned before, systemd keeps logging this:

Oct 21 01:14:20 Sigurd systemd[1]: Configuration file /etc/systemd/system/rockstor-hdparm.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.

It can easily be fixed manually by executing:

chmod 0644 /etc/systemd/system/rockstor-hdparm.service

And it makes me feel much better :D

@maxhq maxhq changed the title from Easy to fix: systemd infos about service file rights to Easy to fix: systemd notices wrong service file rights Oct 21, 2016

@phillxnet

This comment has been minimized.

Show comment
Hide comment
@phillxnet

phillxnet Oct 21, 2016

Member

@maxhq Thanks for bringing this up again and nice to have it in an issue of it's own.

From a quick look I think where the rockstor-hdparm.service file is concerned we can apply the required chmod directly after moving the edited temp file over the live file with the following line:

run_command([CHMOD, '644', '/etc/systemd/system/rockstor-hdparm.service'])

along with a definition for CHMOD at the head of the file.

CHMOD = '/usr/bin/chmod'

Previously (in your linked reference) I had thought that this systemd overly restrictive rights warning affected many systemd files but upon looking just now it seems to only affect this one Rockstor created systemd file. Only had a quick look though so if you could confirm this that would be a help.

Do you fancy changing this issue's title to reference this one file if that is also your finding as then I can commit these changes against your issue and have the branch name used be more specific:
ie "hdparm systemd wrong rights warning" or some such thing.

Cheers. And yes this would also make me feel at least a little better :D.

Member

phillxnet commented Oct 21, 2016

@maxhq Thanks for bringing this up again and nice to have it in an issue of it's own.

From a quick look I think where the rockstor-hdparm.service file is concerned we can apply the required chmod directly after moving the edited temp file over the live file with the following line:

run_command([CHMOD, '644', '/etc/systemd/system/rockstor-hdparm.service'])

along with a definition for CHMOD at the head of the file.

CHMOD = '/usr/bin/chmod'

Previously (in your linked reference) I had thought that this systemd overly restrictive rights warning affected many systemd files but upon looking just now it seems to only affect this one Rockstor created systemd file. Only had a quick look though so if you could confirm this that would be a help.

Do you fancy changing this issue's title to reference this one file if that is also your finding as then I can commit these changes against your issue and have the branch name used be more specific:
ie "hdparm systemd wrong rights warning" or some such thing.

Cheers. And yes this would also make me feel at least a little better :D.

@maxhq maxhq changed the title from Easy to fix: systemd notices wrong service file rights to Systemd warns that "rockstor-hdparm.service is marked world-inaccessible" Oct 22, 2016

@maxhq

This comment has been minimized.

Show comment
Hide comment
@maxhq

maxhq Oct 22, 2016

Contributor

Hi @phillxnet, yes it only affects this one file. Of course you are right and I should have put in a more concrete title in the first place :-)
I guess that the problem might be the function update_hdparm_service where a new file is created without changing the access rights.

Contributor

maxhq commented Oct 22, 2016

Hi @phillxnet, yes it only affects this one file. Of course you are right and I should have put in a more concrete title in the first place :-)
I guess that the problem might be the function update_hdparm_service where a new file is created without changing the access rights.

@schakrava schakrava added this to the Pinnacles milestone Mar 24, 2017

@schakrava schakrava added the bug label Mar 24, 2017

@schakrava schakrava self-assigned this Mar 24, 2017

@phillxnet

This comment has been minimized.

Show comment
Hide comment
@phillxnet

phillxnet Mar 25, 2017

Member

@maxhq Do you fancy having a go at this one, since we have pretty much sorted it already in this issue. I can add it to my queue otherwise. Given the relatively harmless nature I don't think we need account for existing file permissions only the newly created. Users can always trivially adjust spin-down times and get the new perms that way.

No worries otherwise as it was my code and my omission so more than happy to get to it but must finish my current run before that.

Member

phillxnet commented Mar 25, 2017

@maxhq Do you fancy having a go at this one, since we have pretty much sorted it already in this issue. I can add it to my queue otherwise. Given the relatively harmless nature I don't think we need account for existing file permissions only the newly created. Users can always trivially adjust spin-down times and get the new perms that way.

No worries otherwise as it was my code and my omission so more than happy to get to it but must finish my current run before that.

@phillxnet

This comment has been minimized.

Show comment
Hide comment
@phillxnet

phillxnet Mar 25, 2017

Member

@maxhq Just noticed @schakrava has assigned himself on this one so if you start on it do make a note here just in case.

Member

phillxnet commented Mar 25, 2017

@maxhq Just noticed @schakrava has assigned himself on this one so if you start on it do make a note here just in case.

@phillxnet

This comment has been minimized.

Show comment
Hide comment
@phillxnet

phillxnet Mar 25, 2017

Member

@maxhq No worries, it looks like @schakrava has now fixed this in indicated pr. Sorry for noise folks.

Member

phillxnet commented Mar 25, 2017

@maxhq No worries, it looks like @schakrava has now fixed this in indicated pr. Sorry for noise folks.

@schakrava schakrava closed this in 18e6003 Mar 26, 2017

schakrava added a commit that referenced this issue Mar 26, 2017

Merge pull request #1680 from schakrava/1493_hdparm
rockstor-hdparm.service should be world readable. Fixes #1493
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment