Hi Mathi, Great, thanks. Though I haven't tested non-root feature, this fix give a quick access to the user to run amfnd as non-root. Those users, who only uses Amf and not uses Smf, this fix will help them quickly running amfnd in non-root mode. Though this is not a great fix(ticket itself is raised as minor), but in my opinion, provides some support to the users, so should be committed. If you have any major/serious objections, else good to commit ?? Please let me know.
Thanks Anand Sundararaj Senior Solutions Architect | +1 480 686 4772 www.GetHighAvailability.com https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com Get High Availability Today! NJ, USA: +1 508-507-6507 > On 07/29/2020 11:20 AM Mathi N P <mathi.np....@gmail.com> wrote: > > > That description sounds fine to me. Nevertheless, I still can't see the > problem you are trying to solve when it is already possible to run OpenSAF as > a non-root user. > > Cheers, > Mathi. > > On Tue, Jul 28, 2020 at 9:56 PM Anand Sundararaj > <s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com > > wrote: > > > > Thanks Mathi. I can change it to "amf: provide > configuration option to run amfnd as non-root [##205]", is that ok? > > > > Thanks > > Anand Sundararaj > > Senior Solutions Architect | +1 480 686 4772 > > > > www.GetHighAvailability.com > > https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com > > Get High Availability Today! > > NJ, USA: +1 508-507-6507 > > > > > > > On 07/28/2020 12:24 PM Mathi N P > > <mathi.np....@gmail.com mailto:mathi.np....@gmail.com > wrote: > > > > > > > > > Hi Anand, > > > > > > For some background, It is not merely a hard coding that you > > > are looking at, but it is rather by design. > > > I think you should at the least change the commit message of > > > your patch and describe the actual change that you are intending to > > > introduce. > > > FYI, > > > Mathi. > > > > > > On Tue, Jul 28, 2020 at 6:01 PM Anand Sundararaj > > > <s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com > > > > wrote: > > > > > > > > > > Hi Minh/Thang/Nagendra/Paul, > > > > I am planning to push the patch by 30th July(thursday). > > > > Please kindly find some time to review by 29th > > > > July(tomorrow) and > > > > send your comments or Ack. > > > > > > > > Thanks > > > > Anand Sundararaj > > > > Senior Solutions Architect | +1 480 686 4772 > > > > http://www.GetHighAvailability.com > > > > > > > > (https://am2.myprofessionalmail.com/appsuite/www.GetHighAvailability.com) > > > > Get High Availability Today! > > > > NJ, USA: +1 508-507-6507 > > > > > > > > > On 07/23/2020 9:38 PM s.an...@gethighavailability.com > > > > mailto:s.an...@gethighavailability.com <s.an...@gethighavailability.com > > > > mailto:s.an...@gethighavailability.com > wrote: > > > > > > > > > > > > > > > Hi Thang, > > > > > Good catch ! > > > > > Can you please let me know if you were starting pm > > > > monitoring on a component pid, which is in root or non-root? > > > > > > > > > > The issue, you are reporting, Thang, may come when > > > > Amfnd' (kill) doesn't have permission to send signal to the pid. > > > > > I am assuming that you are getting EPERM as a return. > > > > > Can you please verify, Thang(by logging, just like > > > > done in mon.cc at "switch (kill(mon_rec->pid, 0)) {"), if the return is > > > > EPERM or something else? > > > > > If it is correct, then ideally, the user shouldn't be > > > > using pm monitoring on such pid and that means no change is needed in > > > > the patch. > > > > > can you please confirm, Thang. > > > > > > > > > > Thanks > > > > > > > > > > Anand Sundararaj > > > > > Senior Solutions Architect | 480 686 4772 > > > > > > > > > > > > > > >http://www.GetHighAvailability.com > > > > > > > > > > Get High Availability Today! > > > > > NJ, USA: +1 508-507-6507 > > > > > > > > > > > On 07/20/2020 9:11 PM Thang Duc Nguyen > > > > <thang.d.ngu...@dektech.com.au mailto:thang.d.ngu...@dektech.com.au > > > > > wrote: > > > > > > > > > > > > > > > > > > I missed one info. I tested with NON_ROOT user. > > > > > > export AMFND_NON_ROOT=1 > > > > > > > > > > > > -----Original Message----- > > > > > > From: Thang Duc Nguyen > > > > <thang.d.ngu...@dektech.com.au mailto:thang.d.ngu...@dektech.com.au > > > > > > > Sent: Tuesday, July 21, 2020 11:02 AM > > > > > > To: s.an...@gethighavailability.com > > > > mailto:s.an...@gethighavailability.com ; Minh Hon Chau > > > > <minh.c...@dektech.com.au mailto:minh.c...@dektech.com.au >; > > > > nagen...@gethighavailability.com; p...@gethighavailability.com > > > > > > Cc: opensaf-devel@lists.sourceforge.net > > > > mailto:opensaf-devel@lists.sourceforge.net > > > > > > Subject: Re: [devel] [PATCH 1/1] amf: remove > > > > hard-coding in amfnd [#3205] > > > > > > > > > > > > Hi Sundararaj, > > > > > > > > > > > > The Opensaf can start but it may not run correctly. > > > > > > I tested your patch. During passive mornitoring > > > > process of copoenent, this patch cuases the coredump in function > > > > avnd_comp_pm_param_val() when invoking saAmfPmStop()/saAmfPmStart(). > > > > > > > > > > > > Snipest code indicate the crash in cpm.cc file void > > > > avnd_comp_pm_param_val( ) { ... > > > > > > if (kill(pm_start->pid, 0) == -1) { > > > > > > osafassert(errno == ESRCH); //Crash here > > > > due to retured error: Operation not permitted > > > > > > *o_amf_rc = SA_AIS_ERR_NOT_EXIST; > > > > > > return; > > > > > > } > > > > > > } > > > > > > > > > > > > B.R/Thang > > > > > > -----Original Message----- > > > > > > From: s.an...@gethighavailability.com > > > > mailto:s.an...@gethighavailability.com <s.an...@gethighavailability.com > > > > mailto:s.an...@gethighavailability.com > > > > > > > Sent: Tuesday, July 21, 2020 9:22 AM > > > > > > To: Minh Hon Chau <minh.c...@dektech.com.au > > > > mailto:minh.c...@dektech.com.au >; Thang Duc Nguyen > > > > <thang.d.ngu...@dektech.com.au mailto:thang.d.ngu...@dektech.com.au >; > > > > nagen...@gethighavailability.com; p...@gethighavailability.com > > > > > > Cc: opensaf-devel@lists.sourceforge.net > > > > mailto:opensaf-devel@lists.sourceforge.net ; Anand Sundararaj > > > > <s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com > > > > > > > > > > > Subject: [PATCH 1/1] amf: remove hard-coding in > > > > amfnd [#3205] > > > > > > > > > > > > From: Anand Sundararaj > > > > <s.an...@gethighavailability.com mailto:s.an...@gethighavailability.com > > > > > > > > > > > > > > > > > --- > > > > > > src/amf/amfnd/amfnd.conf | 3 +++ > > > > > > src/amf/amfnd/main.cc | 9 ++++++++- > > > > > > 2 files changed, 11 insertions(+), 1 deletion(-) > > > > > > > > > > > > diff --git a/src/amf/amfnd/amfnd.conf > > > > b/src/amf/amfnd/amfnd.conf index 07bc0ba..4e8b07a 100644 > > > > > > --- a/src/amf/amfnd/amfnd.conf > > > > > > +++ b/src/amf/amfnd/amfnd.conf > > > > > > @@ -34,3 +34,6 @@ export > > > > AVND_PM_MONITORING_RATE=1000 # It can be disabled if set > > > > THREAD_TRACE_BUFFER as 0, the maximum value # can be set as 65535. > > > > > > # export THREAD_TRACE_BUFFER=10240 > > > > > > + > > > > > > +#AMFND run as root. Uncomment next line to run as > > > > a user mentioned in nid.conf. > > > > > > +#export AMFND_NON_ROOT=1 > > > > > > diff --git a/src/amf/amfnd/main.cc > > > > b/src/amf/amfnd/main.cc index d7857fa..6d9ee95 100644 > > > > > > --- a/src/amf/amfnd/main.cc > > > > > > +++ b/src/amf/amfnd/main.cc > > > > > > @@ -164,6 +164,7 @@ static void new_handler() { > > > > > > > > > > > > int main(int argc, char *argv[]) { > > > > > > uint32_t error; > > > > > > + char *val; > > > > > > > > > > > > // function to be called if new fails. The > > > > alternative of using catch of > > > > > > // std::bad_alloc will unwind the stack and thus > > > > no call chain will be @@ -179,7 +180,13 @@ int main(int argc, char > > > > *argv[]) { > > > > > > goto done; > > > > > > } > > > > > > > > > > > > - daemonize_as_user("root", argc, argv); > > > > > > + if ((val = getenv("AMFND_NON_ROOT")) != nullptr) > > > > { > > > > > > + daemonize(argc, argv); > > > > > > + TRACE("AMFND will run as non-root"); } else { > > > > > > + daemonize_as_user("root", argc, argv); > > > > > > + TRACE("AMFND will run as root"); > > > > > > + } > > > > > > > > > > > > // Enable long DN > > > > > > if (setenv("SA_ENABLE_EXTENDED_NAMES", "1", 1) > > > > != 0) { > > > > > > -- > > > > > > 2.7.4 > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > > > > Opensaf-devel mailing list > > > > > > Opensaf-devel@lists.sourceforge.net > > > > mailto:Opensaf-devel@lists.sourceforge.net > > > > > > > > > > https://lists.sourceforge.net/lists/listinfo/opensaf-devel > > > > > > > > > > > > > > > _______________________________________________ > > > > > Opensaf-devel mailing list > > > > > Opensaf-devel@lists.sourceforge.net > > > > mailto:Opensaf-devel@lists.sourceforge.net > > > > > > > > > https://lists.sourceforge.net/lists/listinfo/opensaf-devel > > > > > > > > > > > > _______________________________________________ > > > > Opensaf-devel mailing list > > > > Opensaf-devel@lists.sourceforge.net > > > > mailto:Opensaf-devel@lists.sourceforge.net > > > > > > > > https://lists.sourceforge.net/lists/listinfo/opensaf-devel > > > > > > > > > > > > > > > > > > > _______________________________________________ Opensaf-devel mailing list Opensaf-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opensaf-devel
