Opened 17 years ago
Last modified 10 years ago
#196 new defect
IZ1250: non-root $ADMINUSER should be allowed to own files
Reported by: | dom | Owned by: | |
---|---|---|---|
Priority: | low | Milestone: | |
Component: | sge | Version: | 6.0 |
Severity: | Keywords: | install | |
Cc: |
Description
[Imported from gridengine issuezilla http://gridengine.sunsource.net/issues/show_bug.cgi?id=1250]
Issue #: 1250 Platform: All Reporter: dom (dom) Component: gridengine OS: All Subcomponent: install Version: 6.0 CC: None defined Status: NEW Priority: P4 Resolution: Issue type: DEFECT Target milestone: --- Assigned to: andy (andy) QA Contact: dom URL: * Summary: non-root $ADMINUSER should be allowed to own files Status whiteboard: Attachments: Issue 1250 blocks: Votes for issue 1250: Opened: Mon Aug 23 01:00:00 -0700 2004 ------------------------ ( I'll be ok with this as an RFE also. ) During N1GE6 installation, 'install_qmaster' offers an alternative uid owner to root for the distribution (particularly the spool directories). This is to provide continued rw by root in those cases where parts of $SGE_ROOT may be distributed via NFS. It is clear that if $ADMINUSER is used at all, currently $SGE_ROOT itself needs to be owned by $ADMINUSER also (bug #5090127) or the install may fail when $ADMINUSER lacks sufficient perm to create dir/file under parent dirs not owned by it. To extend that further, could it not be possible for root to do an install, specify an $ADMINUSER, and have all the dirs/files summarily chown'd to $ADMINUSER except for those files that need to be suid/sgid root? Secondly, if a manual chown to $ADMINUSER is done prior to 'install_qmaster', if the verify file perms feature is selected everything is chown'd to root (the manual chown is undone). Justification: There are select files that require suid/sgid root, but I find no reason why all the rest of the N1GE distribution couldn't be owned by the administrator uid. I find it currently surprising that if one explicitly and deliberately performs a 'chown -R sgeadmin $SGE_ROOT' to make everything in $SGE_ROOT owned by 'sgeadmin', that 'install_qmaster' can undo all this with no explicit warning. If I ask to verify dir/file perms, the 'setfileperms.h' function happily converts ownership all to uid=0 gid=0 without saying that's what it will do; it just indicateds that the *perms* for files/dirs will be set to something, not that the uid/gid will be changed also. Specifially, if I'm asked for a "what do you want to install N1GE as" early in the install, and then I later see Verifying and setting file permissions and owner in ... why should I expect the owner to be something other than $ADMINUSER? It should be only files that need to be suid/sgid root that are chown'd from $ADMINUSER to root during install I think. Work around: Don't select the "verify file perms" feature during install_qmaster :-(
Note: See
TracTickets for help on using
tickets.