Opened 12 years ago
Last modified 10 years ago
#919 new defect
IZ653: JVM startup fails when started under sdmadmin user account with not-helpful message
Reported by: | easymf | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | |
Component: | hedeby | Version: | 1.0u3_Beta-1 |
Severity: | Keywords: | Sun bootstrap | |
Cc: |
Description
[Imported from gridengine issuezilla http://gridengine.sunsource.net/issues/show_bug.cgi?id=653]
Issue #: 653 Platform: Sun Reporter: easymf (easymf) Component: hedeby OS: All Subcomponent: bootstrap Version: 1.0u3_Beta-1 CC: None defined Status: NEW Priority: P3 Resolution: Issue type: DEFECT Target milestone: 1.0u5next Assigned to: adoerr (adoerr) QA Contact: adoerr URL: * Summary: JVM startup fails when started under sdmadmin user account with not-helpful message Status whiteboard: Attachments: Issue 653 blocks: Votes for issue 653: Vote for this issue Opened: Fri May 8 09:11:00 -0700 2009 ------------------------ Description If user starts SDM JVM using a command "sdmadm suj -j JVM_NAME" under sdmadmin user account, it can happen that JVM fails to start with message: ~$ sdmadm -s sdm suj WARNING: All commands are executed as user $<sdmadmin_username> (non root mode) jvm host result message --------------------------------------------------------------- cs_vm osol ERROR JVM: cs_vm died during startup. Error: Command has generated error. Evaluation Not critical, but confusing for the user - it is not clearly defined, that sdmadmin user may not have sufficient credentials to start the JVM. in addition, the error message says nothing about the real cause, so the user has to guess what is the problem. Suggested Fix/Work Around Work around is simple - to start the JVM under user account of the JVM owner (see "sdmadm sgc" to check the JVM owner). The fix has to address the error message, behavior and documentation - ideally: 1. sdmadm suj command should detect, if the user that tries to start the JVM is owner of the jvm (or if user switching is possible), if not -> 2. error message should clearly state, that "sdmadm suj" has to be performed under JVM owner user account 3. documentation should be adjusted in a way, that is clear to user that sdmadmin user may not have sufficient credentials to start the JVM and thus the JVM owner user should be used to perform "sdmadm suj" command Analysis The problem is caused by fact, that daemon (JVM) keystore is owned JVM owner user, and the permissions are as follows: -rw------- 1 <jvm_owner_user> <jvm_owner_group> 2727 2009-05-06 16:39 cs_vm.keystore When a sdmadmin user is not jvm owner user, then the starting process can not access the keystore and JVM refuses to start. The ParentStartupService evaluates this as "jvm has died during startup" situation. How to test Testsuite test is appropriate - test should perform: 1. starting the JVM under sdmadmin user account (sdmadmin !=jvm owner) and check the behavior and message 2. starting the JVM under sdmdmin user account (sdmadin == jvm owner) and check the behavior and message 3. starting the JVM under jvm owner user account (assuming that jvmowner is NOT sdmadmin) and check the behavior and message ATC: 2 PD ETC: 0 PD ------- Additional comments from rhierlmeier Wed Nov 25 07:21:11 -0700 2009 ------- Milestone changed
Note: See
TracTickets for help on using
tickets.