ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Onischuk" <aonis...@hortonworks.com>
Subject Review Request 36633: Non-Root: Knox fails to start during install with custom pid directory
Date Tue, 21 Jul 2015 09:43:55 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/36633/
-----------------------------------------------------------

Review request for Ambari and Dmitro Lisnichenko.


Bugs: AMBARI-12465
    https://issues.apache.org/jira/browse/AMBARI-12465


Repository: ambari


Description
-------

During non-root agent/server, umask 027, custom log dir, custom pid dir
install, Knox fails to start with this error:

    
    
    stderr: 
    Traceback (most recent call last):
      File "/var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py",
line 264, in <module>
        KnoxGateway().execute()
      File "/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py",
line 216, in execute
        method(env)
      File "/var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py",
line 152, in start
        os.unlink(params.knox_managed_pid_symlink)
    OSError: [Errno 13] Permission denied: '/usr/hdp/current/knox-server/pids'
    
    
    
    [ambari@revo1 ~]$ grep run_as /etc/ambari-agent/conf/ambari-agent.ini 
    run_as_user=ambari
    [ambari@revo1 ~]$ umask
    0027
    [ambari@revo1 ~]$ id
    uid=500(ambari) gid=500(ambari) groups=500(ambari),100(users)
    [ambari@revo1 ~]$ ls -ld /usr/hdp/current/knox-server/pids
    lrwxrwxrwx 1 root root 13 Jul 14 13:10 /usr/hdp/current/knox-server/pids -> /var/run/knox
    [ambari@revo1 ~]$ ls -ld /var/run/knox
    drwxr-xr-x 2 knox knox 4096 May 18 17:06 /var/run/knox
    

This is with:

    
    
    [ambari@revo1 ~]$ rpm -q ambari-server
    ambari-server-2.1.0-1426.x86_64
    [ambari@revo1 ~]$ hdp-select versions
    2.2.6.0-2800
    [ambari@revo1 ~]$ java -version
    java version "1.7.0_65"
    OpenJDK Runtime Environment (rhel-2.5.1.2.el6_5-x86_64 u65-b17)
    OpenJDK 64-Bit Server VM (build 24.65-b04, mixed mode)
    

Sudo config (using customer users t+username)

    
    
    # Ambari Customizable Users
    ambari ALL=(ALL) NOPASSWD:SETENV: /bin/su thdfs *, /bin/su tzookeeper *, /bin/su tknox
*,/bin/su tfalcon *,/bin/su tflume *,/bin/su thbase *,/bin/su thive *, /bin/su thcat *,/bin/su
tkafka *,/bin/su tmapred *,/bin/su toozie *,/bin/su tsqoop *,/bin/su tstorm *,/bin/su ttez
*,/bin/su tyarn *,/bin/su tams *, /bin/su tambari-qa *, /bin/su tspark *, /bin/su tranger
*
    
    # Ambari Non-Customizable Users
    ambari ALL=(ALL) NOPASSWD:SETENV: /bin/su tmysql *
    
    # Ambari Commands
    ambari ALL=(ALL) NOPASSWD:SETENV: /usr/bin/yum,/usr/bin/zypper,/usr/bin/apt-get, /bin/mkdir,
/bin/ln,/bin/chown, /bin/chmod, /bin/chgrp, /usr/sbin/groupadd, /usr/sbin/groupmod,/usr/sbin/useradd,
/usr/sbin/usermod, /bin/cp, /bin/sed, /bin/mv, /bin/rm, /bin/kill,/usr/bin/unzip, /bin/tar,
/usr/bin/hdp-select, /usr/hdp/current/hadoop-client/sbin/hadoop-daemon.sh,/usr/lib/hadoop/bin/hadoop-daemon.sh,
/usr/lib/hadoop/sbin/hadoop-daemon.sh, /usr/sbin/service mysql *,/sbin/service mysqld *, /sbin/service
mysql *, /sbin/chkconfig gmond off,/sbin/chkconfig gmetad off, /etc/init.d/httpd *, /sbin/service
hdp-gmetad start, /sbin/service hdp-gmond start, /usr/bin/tee, /usr/sbin/gmond, /usr/sbin/update-rc.d
ganglia-monitor *, /usr/sbin/update-rc.d gmetad *, /etc/init.d/apache2 *, /usr/sbin/service
hdp-gmond *, /usr/sbin/service hdpgmetad *, /usr/bin/test, /bin/touch, /usr/bin/stat, /usr/sbin/setenforce,
/usr/hdp/current/ranger-admin/setup.sh *, /usr/hdp/current/ranger-usersync/setup.sh  *, /usr
 /bin/ranger-admin-start *, /usr/bin/ranger-usersync-start *, /usr/bin/ranger-usersync-stop
*,  /usr/bin/python2.6 /var/lib/ambari-agent/data/tmp/validateKnoxStatus.py *, /usr/hdp/current/knox-server/bin/knoxcli.sh
*, /usr/bin/pgrep *
    
    # Defaults
    Defaults    exempt_group = ambari
    Defaults    !env_reset,env_delete-=PATH
    Defaults:   ambari    !requiretty


Diffs
-----

  ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py
8117312 
  ambari-server/src/test/python/stacks/2.2/KNOX/test_knox_gateway.py 5ca5251 

Diff: https://reviews.apache.org/r/36633/diff/


Testing
-------

mvn clean test


Thanks,

Andrew Onischuk


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message