Return-Path: 
 <dev-return-65361-apmail-cloudstack-dev-archive=cloudstack.apache.org@cloudstack.apache.org>
X-Original-To: apmail-cloudstack-dev-archive@www.apache.org
Delivered-To: apmail-cloudstack-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 417D217AFD
	for <apmail-cloudstack-dev-archive@www.apache.org>;
 Tue, 14 Oct 2014 08:05:39 +0000 (UTC)
Received: (qmail 4585 invoked by uid 500); 14 Oct 2014 08:05:38 -0000
Delivered-To: apmail-cloudstack-dev-archive@cloudstack.apache.org
Received: (qmail 4530 invoked by uid 500); 14 Oct 2014 08:05:38 -0000
Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:dev@cloudstack.apache.org>
List-Id: <dev.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list dev@cloudstack.apache.org
Received: (qmail 4518 invoked by uid 99); 14 Oct 2014 08:05:38 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Oct 2014 08:05:38 +0000
X-ASF-Spam-Status: No, hits=1.5 required=5.0
	tests=HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of daan.hoogland@gmail.com
 designates 209.85.213.177 as permitted sender)
Received: from [209.85.213.177] (HELO mail-ig0-f177.google.com)
 (209.85.213.177)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Oct 2014 08:05:34 +0000
Received: by mail-ig0-f177.google.com with SMTP id a13so13582898igq.10
        for <dev@cloudstack.apache.org>; Tue, 14 Oct 2014 01:05:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=mdvPkg4o0ygnwF62VZxjd153r2+Pokqd86L+JI1o8yk=;
        b=gzKe79Nk4ZWeoG1ZDs30uzCoQPUnheM43DxS1WHBiFrHo/9fqn2nQdcrY9pveZ+10Y
         i4q96czStJaWgwTTAVzOKkuYP2J1bb9b7Mo/IrA+l8KH18BWb4tzQ40kCBMmri0hgL8u
         754ExMpMhEZ2O3wQG78sNSFN2tQYbzk17kYhDmx/mA2MwVizdnh0j78K8DKpiKya64ox
         9IGOBbPr2QK4OKVMf8YpHYRJfoMncxFzScDGZ5/nryFRj7Pq4PPRGY4NODWGUvsPMTlr
         ERz1LyS2aNUiuHyZ7+WhoUJDCMMAD0aCNs0QQSzc7j44rcgy1EnYWfiwLKhoWJ2o+aZ9
         2JZw==
X-Received: by 10.43.128.71 with SMTP id hd7mr3575262icc.36.1413273913808;
 Tue, 14 Oct 2014 01:05:13 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.174.148 with HTTP; Tue, 14 Oct 2014 01:04:52 -0700 (PDT)
In-Reply-To: 
 <CAGQtxva7yBKpvGuHCSe32yYu7WG4auv2dmtyGpJbzp6fuoje2Q@mail.gmail.com>
References: <700084860.15252.1413216382510.JavaMail.zimbra@li.nux.ro>
 <CALFpzo5KhZ7LAQU=YG01AnP7wLTDCT289Sjn9a_Prsk02KM8DQ@mail.gmail.com>
 <998807907.15425.1413220495402.JavaMail.zimbra@li.nux.ro>
 <CAP997UefDRBNVMddKhN2fmJ_xbCJpL0Chk2n32wE7LqWLpHR0w@mail.gmail.com>
 <2076663919.16066.1413244493474.JavaMail.zimbra@li.nux.ro>
 <CAEJ3w4VbsLKvDPWNa4p4UcktLeSOky_L5AH-SDwJyhK8a7aOOg@mail.gmail.com>
 <CAD97iof=CHiXWwaq-xESaLHy7AL0Osx_W1YgoTP7hecUjsSgzw@mail.gmail.com>
 <110013592.16324.1413272893405.JavaMail.zimbra@li.nux.ro>
 <CAGQtxva7yBKpvGuHCSe32yYu7WG4auv2dmtyGpJbzp6fuoje2Q@mail.gmail.com>
From: Daan Hoogland <daan.hoogland@gmail.com>
Date: Tue, 14 Oct 2014 10:04:52 +0200
Message-ID: 
 <CAGQtxva7gdN=tp0qeB0iN=O5g0vJhhRu2cf5zUoXSNN+5RgWqA@mail.gmail.com>
Subject: Re: Weird ssl keystore error while upgrading to 4.4.1
To: dev <dev@cloudstack.apache.org>
Content-Type: multipart/alternative; boundary=001a11c205609a5a7105055d79fa
X-Virus-Checked: Checked by ClamAV on apache.org

--001a11c205609a5a7105055d79fa
Content-Type: text/plain; charset=UTF-8

created https://issues.apache.org/jira/browse/CLOUDSTACK-7702 to add any
comments

On Tue, Oct 14, 2014 at 10:00 AM, Daan Hoogland <daan.hoogland@gmail.com>
wrote:

> adding it to server/conf/cloudstack-sudoers.in in 4.4 branch. Is this
> only an issue in the 4.4 branch?
>
> On Tue, Oct 14, 2014 at 9:48 AM, Nux! <nux@li.nux.ro> wrote:
>
>> Cheers for that, in my setup I had this appended to my sudoers file (note
>> the missing keytool):
>>
>> "cloud ALL =NOPASSWD : /bin/chmod, /bin/cp, /bin/mkdir, /bin/mount,
>> /bin/umount
>> Defaults !requiretty"
>>
>> Adding keytool to that solved the problem. Thanks!
>>
>>
>> Lucian
>>
>> --
>> Sent from the Delta quadrant using Borg technology!
>>
>> Nux!
>> www.nux.ro
>>
>> ----- Original Message -----
>> > From: "Pierre-Luc Dion" <pdion891@apache.org>
>> > To: dev@cloudstack.apache.org
>> > Sent: Tuesday, 14 October, 2014 01:58:54
>> > Subject: Re: Weird ssl keystore error while upgrading to 4.4.1
>>
>> > sudo line for user "cloud" should look like this:
>> >
>> > cloud ALL =NOPASSWD : /bin/chmod, /bin/cp, /bin/mkdir, /bin/mount,
>> > /bin/umount, /usr/bin/keytool
>> >
>> > keytool was probably missing which cause the sudo error...
>> >
>> > On Mon, Oct 13, 2014 at 8:39 PM, Ian Duffy <ian@ianduffy.ie> wrote:
>> >
>> >> > AFAIK the sudo rights are given during the mgmt server install.
>> >>
>> >> Yes this happens during the cloud-setup-management stage. It modifies
>> the
>> >> sudoers file.
>> >>
>> >> There is one binary it attempts to execute using sudo that it doesn't
>> have
>> >> permission to do so. If memory serves me correctly its keytool.
>> >>
>> >> On 14 October 2014 00:54, Nux! <nux@li.nux.ro> wrote:
>> >>
>> >> > Is this done automatically? If yes, we may have just found a bug. :-)
>> >> >
>> >> > Lucian
>> >> >
>> >> > --
>> >> > Sent from the Delta quadrant using Borg technology!
>> >> >
>> >> > Nux!
>> >> > www.nux.ro
>> >> >
>> >> > ----- Original Message -----
>> >> > > From: "Erik Weber" <terbolous@gmail.com>
>> >> > > To: "dev" <dev@cloudstack.apache.org>
>> >> > > Sent: Monday, 13 October, 2014 20:16:53
>> >> > > Subject: Re: Weird ssl keystore error while upgrading to 4.4.1
>> >> >
>> >> > > AFAIK the sudo rights are given during the mgmt server install.
>> >> > >
>> >> > > --
>> >> > > Erik
>> >> > >
>> >> > > On Mon, Oct 13, 2014 at 7:14 PM, Nux! <nux@li.nux.ro> wrote:
>> >> > >
>> >> > >> Marcus,
>> >> > >>
>> >> > >> User "cloud" has no sudo rights, that might be one of the causes.
>> I
>> >> have
>> >> > >> never read that this user should have sudo access.
>> >> > >> Am I wrong?
>> >> > >>
>> >> > >> Lucian
>> >> > >>
>> >> > >> --
>> >> > >> Sent from the Delta quadrant using Borg technology!
>> >> > >>
>> >> > >> Nux!
>> >> > >> www.nux.ro
>> >> > >>
>> >> > >> ----- Original Message -----
>> >> > >> > From: "Marcus" <shadowsor@gmail.com>
>> >> > >> > To: dev@cloudstack.apache.org
>> >> > >> > Sent: Monday, 13 October, 2014 18:01:15
>> >> > >> > Subject: Re: Weird ssl keystore error while upgrading to 4.4.1
>> >> > >>
>> >> > >> > 2014-10-13 16:45:51,662 DEBUG [c.c.u.s.Script] (main:null)
>> >> Executing:
>> >> > >> > sudo keytool -genkey -keystore
>> >> > >> > /etc/cloudstack/management/cloud.keystore -storepass vmops.com
>> >> > >> > -keypass vmops.com -keyalg RSA -validity 3650 -dname
>> cn="Cloudstack
>> >> > >> > User",ou="management",o="management",c="Unknown"
>> >> > >> > 2014-10-13 16:45:51,675 DEBUG [c.c.u.s.Script] (main:null) Exit
>> >> value
>> >> > is
>> >> > >> 1
>> >> > >> >
>> >> > >> > Not sure exactly, but I notice this. Run that command manually
>> and
>> >> see
>> >> > >> >
>> >> >
>>
>
>
>
> --
> Daan
>



-- 
Daan

--001a11c205609a5a7105055d79fa--