cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Weber <terbol...@gmail.com>
Subject Re: Weird ssl keystore error while upgrading to 4.4.1
Date Tue, 14 Oct 2014 08:23:12 GMT
Should already be fixed in 4.4, but I don't know if it the code handles
upgrades..

https://reviews.apache.org/r/24184/ was the relevant review

-- 
Erik

On Tue, Oct 14, 2014 at 10:00 AM, Daan Hoogland <daan.hoogland@gmail.com>
wrote:

> adding it to server/conf/cloudstack-sudoers.in in 4.4 branch. Is this only
> an issue in the 4.4 branch?
>
> On Tue, Oct 14, 2014 at 9:48 AM, Nux! <nux@li.nux.ro> wrote:
>
> > Cheers for that, in my setup I had this appended to my sudoers file (note
> > the missing keytool):
> >
> > "cloud ALL =NOPASSWD : /bin/chmod, /bin/cp, /bin/mkdir, /bin/mount,
> > /bin/umount
> > Defaults !requiretty"
> >
> > Adding keytool to that solved the problem. Thanks!
> >
> >
> > Lucian
> >
> > --
> > Sent from the Delta quadrant using Borg technology!
> >
> > Nux!
> > www.nux.ro
> >
> > ----- Original Message -----
> > > From: "Pierre-Luc Dion" <pdion891@apache.org>
> > > To: dev@cloudstack.apache.org
> > > Sent: Tuesday, 14 October, 2014 01:58:54
> > > Subject: Re: Weird ssl keystore error while upgrading to 4.4.1
> >
> > > sudo line for user "cloud" should look like this:
> > >
> > > cloud ALL =NOPASSWD : /bin/chmod, /bin/cp, /bin/mkdir, /bin/mount,
> > > /bin/umount, /usr/bin/keytool
> > >
> > > keytool was probably missing which cause the sudo error...
> > >
> > > On Mon, Oct 13, 2014 at 8:39 PM, Ian Duffy <ian@ianduffy.ie> wrote:
> > >
> > >> > AFAIK the sudo rights are given during the mgmt server install.
> > >>
> > >> Yes this happens during the cloud-setup-management stage. It modifies
> > the
> > >> sudoers file.
> > >>
> > >> There is one binary it attempts to execute using sudo that it doesn't
> > have
> > >> permission to do so. If memory serves me correctly its keytool.
> > >>
> > >> On 14 October 2014 00:54, Nux! <nux@li.nux.ro> wrote:
> > >>
> > >> > Is this done automatically? If yes, we may have just found a bug.
> :-)
> > >> >
> > >> > Lucian
> > >> >
> > >> > --
> > >> > Sent from the Delta quadrant using Borg technology!
> > >> >
> > >> > Nux!
> > >> > www.nux.ro
> > >> >
> > >> > ----- Original Message -----
> > >> > > From: "Erik Weber" <terbolous@gmail.com>
> > >> > > To: "dev" <dev@cloudstack.apache.org>
> > >> > > Sent: Monday, 13 October, 2014 20:16:53
> > >> > > Subject: Re: Weird ssl keystore error while upgrading to 4.4.1
> > >> >
> > >> > > AFAIK the sudo rights are given during the mgmt server install.
> > >> > >
> > >> > > --
> > >> > > Erik
> > >> > >
> > >> > > On Mon, Oct 13, 2014 at 7:14 PM, Nux! <nux@li.nux.ro> wrote:
> > >> > >
> > >> > >> Marcus,
> > >> > >>
> > >> > >> User "cloud" has no sudo rights, that might be one of the
> causes. I
> > >> have
> > >> > >> never read that this user should have sudo access.
> > >> > >> Am I wrong?
> > >> > >>
> > >> > >> Lucian
> > >> > >>
> > >> > >> --
> > >> > >> Sent from the Delta quadrant using Borg technology!
> > >> > >>
> > >> > >> Nux!
> > >> > >> www.nux.ro
> > >> > >>
> > >> > >> ----- Original Message -----
> > >> > >> > From: "Marcus" <shadowsor@gmail.com>
> > >> > >> > To: dev@cloudstack.apache.org
> > >> > >> > Sent: Monday, 13 October, 2014 18:01:15
> > >> > >> > Subject: Re: Weird ssl keystore error while upgrading
to 4.4.1
> > >> > >>
> > >> > >> > 2014-10-13 16:45:51,662 DEBUG [c.c.u.s.Script] (main:null)
> > >> Executing:
> > >> > >> > sudo keytool -genkey -keystore
> > >> > >> > /etc/cloudstack/management/cloud.keystore -storepass
vmops.com
> > >> > >> > -keypass vmops.com -keyalg RSA -validity 3650 -dname
> > cn="Cloudstack
> > >> > >> > User",ou="management",o="management",c="Unknown"
> > >> > >> > 2014-10-13 16:45:51,675 DEBUG [c.c.u.s.Script] (main:null)
Exit
> > >> value
> > >> > is
> > >> > >> 1
> > >> > >> >
> > >> > >> > Not sure exactly, but I notice this. Run that command
manually
> > and
> > >> see
> > >> > >> >
> > >> >
> >
>
>
>
> --
> Daan
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message