On Monday, August 5, 2013 3:04:08 AM UTC-5, Alon Nisser wrote: > > I'm running puppet from vagrant, everything else runs as root so I guess > this also runs as root (is there a way to specifiy to run as root in the > puppet command?) > >
No. Mechanisms by which unprivileged processes can obtain privilege are universally categorized as security vulnerabilities. They are the source of so-called "privilege escalation attacks". Every operating system does its best to avoid providing such mechanisms. Vagrant itself may run as root in order to do many of the things it wants to do (though that's under your control), but that does not mean the processes it launches automatically run as root, too. I'm not much of a vagrant guy, though, so I can't say for sure. > On Monday, August 5, 2013 1:06:52 AM UTC+3, denmat wrote: >> >> Did you see this in the log? >> >> Stage[main]//Apt::Builddep[python-imaging]/Exec[apt-builddep-python-imaging]/returns: >> >> E: Unable to lock the administration directory (/var/lib/dpkg/), are you >> root? [0m >> >> Who are you running it as? >> >> Den >> On 04/08/2013, at 21:31, Alon Nisser <alon...@gmail.com> wrote: >> >> > >> Stage[main]//Apt::Builddep[python-imaging]/Exec[apt-builddep-python-imaging]/returns: >> >> E: Unable to lock the administration directory (/var/lib/dpkg/), are you >> root? [0m >> > Let's see whether we can simplify the picture by cutting Puppet out of it. Can you configure Vagrant to directly run the apt-get command that Puppet fails to run? From the log, that would be: /usr/bin/apt-get -y --force-yes build-dep python-imaging I would be surprised to find Vagrant successful at running that directly, yet unsuccessful at running it indirectly via Puppet. If Vagrant indeed fails to run the command directly then your problem is with how you are using Vagrant. Ensure that Vagrant is running as root, and look for Vagrant features related to the user or privileges with which external processes are launched. On the other hand, if Vagrant succeeds in running the command directly, then your permissions problem likely involves SELinux or some other access control mechanism separate from the standard UNIX discretionary access controls. John -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users. For more options, visit https://groups.google.com/groups/opt_out.
