Andrew Onischuk created AMBARI-12465:
----------------------------------------
Summary: Non-Root: Knox fails to start during install with custom
pid directory
Key: AMBARI-12465
URL: https://issues.apache.org/jira/browse/AMBARI-12465
Project: Ambari
Issue Type: Bug
Reporter: Andrew Onischuk
Assignee: Andrew Onischuk
Fix For: 2.1.1
During non-root agent/server, umask 027, custom log dir, custom pid dir
install, Knox fails to start with this error:
stderr:
Traceback (most recent call last):
File
"/var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py",
line 264, in <module>
KnoxGateway().execute()
File
"/usr/lib/python2.6/site-packages/resource_management/libraries/script/script.py",
line 216, in execute
method(env)
File
"/var/lib/ambari-agent/cache/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py",
line 152, in start
os.unlink(params.knox_managed_pid_symlink)
OSError: [Errno 13] Permission denied: '/usr/hdp/current/knox-server/pids'
[ambari@revo1 ~]$ grep run_as /etc/ambari-agent/conf/ambari-agent.ini
run_as_user=ambari
[ambari@revo1 ~]$ umask
0027
[ambari@revo1 ~]$ id
uid=500(ambari) gid=500(ambari) groups=500(ambari),100(users)
[ambari@revo1 ~]$ ls -ld /usr/hdp/current/knox-server/pids
lrwxrwxrwx 1 root root 13 Jul 14 13:10 /usr/hdp/current/knox-server/pids ->
/var/run/knox
[ambari@revo1 ~]$ ls -ld /var/run/knox
drwxr-xr-x 2 knox knox 4096 May 18 17:06 /var/run/knox
This is with:
[ambari@revo1 ~]$ rpm -q ambari-server
ambari-server-2.1.0-1426.x86_64
[ambari@revo1 ~]$ hdp-select versions
2.2.6.0-2800
[ambari@revo1 ~]$ java -version
java version "1.7.0_65"
OpenJDK Runtime Environment (rhel-2.5.1.2.el6_5-x86_64 u65-b17)
OpenJDK 64-Bit Server VM (build 24.65-b04, mixed mode)
Sudo config (using customer users t+username)
# Ambari Customizable Users
ambari ALL=(ALL) NOPASSWD:SETENV: /bin/su thdfs *, /bin/su tzookeeper *,
/bin/su tknox *,/bin/su tfalcon *,/bin/su tflume *,/bin/su thbase *,/bin/su
thive *, /bin/su thcat *,/bin/su tkafka *,/bin/su tmapred *,/bin/su toozie
*,/bin/su tsqoop *,/bin/su tstorm *,/bin/su ttez *,/bin/su tyarn *,/bin/su tams
*, /bin/su tambari-qa *, /bin/su tspark *, /bin/su tranger *
# Ambari Non-Customizable Users
ambari ALL=(ALL) NOPASSWD:SETENV: /bin/su tmysql *
# Ambari Commands
ambari ALL=(ALL) NOPASSWD:SETENV:
/usr/bin/yum,/usr/bin/zypper,/usr/bin/apt-get, /bin/mkdir, /bin/ln,/bin/chown,
/bin/chmod, /bin/chgrp, /usr/sbin/groupadd,
/usr/sbin/groupmod,/usr/sbin/useradd, /usr/sbin/usermod, /bin/cp, /bin/sed,
/bin/mv, /bin/rm, /bin/kill,/usr/bin/unzip, /bin/tar, /usr/bin/hdp-select,
/usr/hdp/current/hadoop-client/sbin/hadoop-daemon.sh,/usr/lib/hadoop/bin/hadoop-daemon.sh,
/usr/lib/hadoop/sbin/hadoop-daemon.sh, /usr/sbin/service mysql *,/sbin/service
mysqld *, /sbin/service mysql *, /sbin/chkconfig gmond off,/sbin/chkconfig
gmetad off, /etc/init.d/httpd *, /sbin/service hdp-gmetad start, /sbin/service
hdp-gmond start, /usr/bin/tee, /usr/sbin/gmond, /usr/sbin/update-rc.d
ganglia-monitor *, /usr/sbin/update-rc.d gmetad *, /etc/init.d/apache2 *,
/usr/sbin/service hdp-gmond *, /usr/sbin/service hdpgmetad *, /usr/bin/test,
/bin/touch, /usr/bin/stat, /usr/sbin/setenforce,
/usr/hdp/current/ranger-admin/setup.sh *,
/usr/hdp/current/ranger-usersync/setup.sh *, /usr/bin/ranger-admin-start *,
/usr/bin/ranger-usersync-start *, /usr/bin/ranger-usersync-stop *,
/usr/bin/python2.6 /var/lib/ambari-agent/data/tmp/validateKnoxStatus.py *,
/usr/hdp/current/knox-server/bin/knoxcli.sh *, /usr/bin/pgrep *
# Defaults
Defaults exempt_group = ambari
Defaults !env_reset,env_delete-=PATH
Defaults: ambari !requiretty
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
