Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Homes permission in NFS #58

Closed
Vladislaff opened this issue Feb 8, 2021 · 6 comments
Closed

Homes permission in NFS #58

Vladislaff opened this issue Feb 8, 2021 · 6 comments

Comments

@Vladislaff
Copy link

Hi,

I created a cluster with storage_type='standard' (nfs vm).
Deployed viya4 with this tool.
Then set identifier.homeDirectoryPrefix in identities to /mnt/viya-share/homes.
On first connect to the SAS Studio compute context the home directory gets created in the nfs share but the permissions are:
drwxr-xr-x. root root.
Because of this the user cannot write anything to their home.
I have tried setting up sssd on the nfs vm - didn't help.
Maybe some mount options on the storage class will resolve this?
How is the homes mount supposed to be used?

Thank you.
@thpang
Copy link
Member

thpang commented Feb 8, 2021

I @Vladislaff , the code here: https://github.com/sassoftware/viya4-deployment/blob/main/playbooks/playbook.yaml#L34-L51 creates the needed directories under the /mnt/viya-share/ location. It should create those with 0777 as the perms and be owned by: nobody:nobody Can you verify that after the viya,install these directories are there with the correct permissions. You will need to logon to the Jump server and very.

@thpang
Copy link
Member

thpang commented Feb 8, 2021

Also, with these items being set when you run the deployment with the viya,install task and action, SAS Studio should work without any modifications. Have you also tried this to very?

@Vladislaff
Copy link
Author

Hi @thpang ,

For some reason the directories were not created for me automatically.
Probably the jump host was not picked up from the tfstate.
Just tried:
sudo chown nobody:nobody -R /export/mynamespace/
sudo chmod 0777 -R /export/mynamespace/
Did not help.

In SASStudio the showServerFiles was not on after the installation, so I don't see how the home dir would work without any modifications.

I am using my own openldap if that matters.

@thpang
Copy link
Member

thpang commented Feb 8, 2021

The Jump server is required as it's the conduit into the NFS component setup for the cluster. If you cannot access your Jump server, then neither can the viya4-deployment code base. You need to be sure to have your key pairs setup for ssh use with that box prior to running the viya4-deployment code base.

@Vladislaff
Copy link
Author

I have the jump server and I can access it. The key pairs are set up correctly.
I also have a public ip on the nfs vm and can access it directly.

My question is not regarding the jump host - I am asking about the permissions on the nfs share.
Why is the home dir created with root as owner?

@Vladislaff
Copy link
Author

I made a workaround for this. I set up sssd on the nfs server and made a cron script to create home folders.

getent passwd | grep ${sasgroup} | awk -F':' '{print $1}' | while read -r user ; do
   if [[ ! -e /export/dfmvpdev/homes/$user ]]; then
      sudo mkdir -p /export/dfmvpdev/homes/$user
      sudo chown -R $user:sasusers /export/dfmvpdev/homes/$user
      sudo chmod -R 750 /export/dfmvpdev/homes/$user
   fi
done

@andybouts andybouts mentioned this issue May 4, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Vladislaff @NormJohnIV @thpang