Make the pidfile accessible by everyone #3252
Conversation
mcasquer
requested review from
psss,
lukaszachy,
happz,
thrix and
janhavlin
as code owners
|
To discuss here which of the added |
mcasquer
force-pushed
the
2877_pidfile_creation
branch
3 times, most recently
from
22ff571
to
f5768f3
Compare
mcasquer
force-pushed
the
2877_pidfile_creation
branch
2 times, most recently
from
83819a0
to
d2dafc9
Compare
mcasquer
force-pushed
the
2877_pidfile_creation
branch
from
d2dafc9
to
acb4820
Compare
mcasquer
force-pushed
the
2877_pidfile_creation
branch
2 times, most recently
from
d45af53
to
0dc6e94
Compare
psss
changed the title
mcasquer
force-pushed
the
2877_pidfile_creation
branch
from
0dc6e94
to
124aa95
Compare
|
@happz one question, in the related issue with the patch it's used |
Is your change here causing a regression? Or is your change here just making no difference WRT #2877? |
I believe so. Check guest fact whether superuser is enabled, from the |
| # To allow running the test outside of tmt. | ||
| rlRun "TMT_TEST_PIDFILE_ROOT=${TMT_TEST_PIDFILE_ROOT:-/var/tmp/tmt/pid}" | ||
| rlRun "TMT_TEST_PIDFILE=${TMT_TEST_PIDFILE:-$TMT_TEST_PIDFILE_ROOT/tmt-test.pid}" | ||
| rlRun "TMT_TEST_PIDFILE_LOCK=${TMT_TEST_PIDFILE_LOCK:-$TMT_TEST_PIDFILE.lock}" |
There was a problem hiding this comment.
Hmmm, I think we need to be more strict: I believe tmt running in TF sets these for our tests, to the old value of path and directory, and since we allow the variable to exist, the old ones sneak in and ruin the test. SO we need the following change, at least:
rlRun "TMT_TEST_PIDFILE_ROOT=/var/tmp/tmt/pid"
rlRun "TMT_TEST_PIDFILE=$TMT_TEST_PIDFILE_ROOT/tmt-test.pid"
rlRun "TMT_TEST_PIDFILE_LOCK=$TMT_TEST_PIDFILE.lock"
See the log:
:: [ 13:02:45 ] :: [ BEGIN ] :: Running 'TMT_TEST_PIDFILE_ROOT=/var/tmp/tmt/pid'
:: [ 13:02:45 ] :: [ PASS ] :: Command 'TMT_TEST_PIDFILE_ROOT=/var/tmp/tmt/pid' (Expected 0, got 0)
:: [ 13:02:45 ] :: [ BEGIN ] :: Running 'TMT_TEST_PIDFILE=/var/tmp/tmt-test.pid'
:: [ 13:02:45 ] :: [ PASS ] :: Command 'TMT_TEST_PIDFILE=/var/tmp/tmt-test.pid' (Expected 0, got 0)
:: [ 13:02:45 ] :: [ BEGIN ] :: Running 'TMT_TEST_PIDFILE_LOCK=/var/tmp/tmt-test.pid.lock'
:: [ 13:02:45 ] :: [ PASS ] :: Command 'TMT_TEST_PIDFILE_LOCK=/var/tmp/tmt-test.pid.lock' (Expected 0, got 0)
File locations are obviously incorrect, old.
mcasquer
force-pushed
the
2877_pidfile_creation
branch
from
2eba702
to
d2e180b
Compare
|
@mcasquer I'm afraid running test cases -
sudo = 'sudo' if not self.facts.is_superuser and self.become else ''
self.execute(ShellScript(
f"""
if [ ! -d {pid_directory} ]; then \
{sudo} mkdir -p {pid_directory} \
&& {sudo} chmod ugo+rwx {pid_directory}; \
fi
"""
))See a similar problem solved with the same approach: https://github.com/teemtee/tmt/blob/main/tmt/steps/provision/__init__.py#L1714. That should teach tmt to use sudo when needed for privileged operations. |
| @@ -923,6 +923,16 @@ def setup(self) -> None: | |||
|
|
|||
| Setup the guest after it has been started. It is called after :py:meth:`Guest.start`. | |||
| """ | |||
| from tmt.steps.execute.internal import effective_pidfile_root | |||
There was a problem hiding this comment.
One thing I noticed: there's Guest.setup() and GuestSsh.setup(). The former is pretty empty, and you are adding first code into it; the latter already contains some code.
Byw GuestSsh.setup() does not call its base class implementation, it lacks super().setup() call. Looks like an omission which was fine, Guest.setup() did nothing so it didn't hurt. Now it does, and we need to call it. Please, add the super() call to GuestSsh so we have the chain complete.
There was a problem hiding this comment.
So with this you mean it'd better if I move the code from Guest.setup() to the GuestSsh one and add the super().setup() ? or only do the last part in the Guest.setup() function?
There was a problem hiding this comment.
Nono, I think Guest is the right place. We just need one extra call at the beginning of GuestSsh.setup, and that would be calling its base class implementation of the method it overrides.
There was a problem hiding this comment.
Got it, code updated, thanks!
Oh, sorry for that I misunderstood your comment above, thanks a lot for so detailed explanation |
|
@mcasquer my mistake: drop the diff --git a/tmt/steps/provision/__init__.py b/tmt/steps/provision/__init__.py
index 907d17dc..7dcda9d3 100644
--- a/tmt/steps/provision/__init__.py
+++ b/tmt/steps/provision/__init__.py
@@ -924,7 +924,7 @@ class Guest(tmt.utils.Common):
Setup the guest after it has been started. It is called after :py:meth:`Guest.start`.
"""
from tmt.steps.execute.internal import effective_pidfile_root
- sudo = 'sudo' if not self.facts.is_superuser and self.become else ''
+ sudo = 'sudo' if not self.facts.is_superuser else ''
pid_directory = effective_pidfile_root()
self.execute(ShellScript(
f"""That should resolve the test finally :) |
Updated ! |
happz
force-pushed
the
2877_pidfile_creation
branch
from
73bf14b
to
110b9b1
Compare
|
Summary from the chat discussion:
|
mcasquer
force-pushed
the
2877_pidfile_creation
branch
2 times, most recently
from
fcf637b
to
b3a7b33
Compare
happz
force-pushed
the
2877_pidfile_creation
branch
from
b3a7b33
to
0487765
Compare
tests/provision/facts/test-guest.sh
Outdated
| @@ -40,7 +42,7 @@ rlJournalStart | |||
| fi | |||
|
|
|||
| elif [ "$PROVISION_HOW" = "container" ]; then | |||
| provision_options="--image fedora:39" | |||
| provision_options="--image $TEST_IMAGE_PREFIX/fedora/39/unprivileged:latest" | |||
| bfu_provision_options="$provision_options --user=nobody" | |||
There was a problem hiding this comment.
--user would need to change as well, to fedora, and the main image shouldn't be the unprivileged one. Together, I think something like this should be the outcome:
provision_options="--image $TEST_IMAGE_PREFIX/fedora/39:latest"
bfu_provision_options="--image $TEST_IMAGE_PREFIX/fedora/39/unprivileged:latest --user=fedora"
6c55455
to
88a81e5
Compare
|
It seems now there's an issue when setting the ACLs, the user doesn't have permissions Also I see some extra error about an rsync command along with the following message |
happz
force-pushed
the
2877_pidfile_creation
branch
from
88a81e5
to
8b71eec
Compare
|
I see now the failed tests are
Sorry I don't see how is this related with the patch... 😕 @happz @psss could you shed some light here? |
|
Hmmm, these seem to be caused by GitHub randomly refusing to serve the raw content: Sounds like they enabled some rate limiting, or we hit the limit: Any suggestions? |
Creates the pidfile at an accessible location for every user, this way the manage pidfile warning is avoided. Signed-off-by: mcasquer <[email protected]>
when it doesn't exist. Signed-off-by: mcasquer <[email protected]>
Also formats the pid directory creation command. Signed-off-by: mcasquer <[email protected]>
This way we avoid TestingFarm to set the old values. Signed-off-by: mcasquer <[email protected]>
in the pidfile creation. Also includes the super().setup() call to the setup GuestSsh function. Signed-off-by: mcasquer <[email protected]>
every time the user has no privileges Signed-off-by: mcasquer <[email protected]>
and fedora user Signed-off-by: mcasquer <[email protected]>
mcasquer
force-pushed
the
2877_pidfile_creation
branch
from
8b71eec
to
ea92b5a
Compare
Creates the pidfile at an accessible location
for every user, this way the manage pidfile
warning is avoided.
Pull Request Checklist