chown the definitions to the rabbit user after our script edits them#3735
chown the definitions to the rabbit user after our script edits them#3735
Conversation
Signed-off-by: Adrian Edwards <adredwar@redhat.com>
MoralCode
added
the
containers
|
|
||
| RUN exec python3 update_config.py | ||
|
|
||
| RUN chown rabbitmq:rabbitmq /etc/rabbitmq/definitions.json |
There was a problem hiding this comment.
If the issue is that update_config.py cannot write to definitions.json ... just trying to wrap my head around whether or not this "should" work.
Given this error:
PermissionError: [Errno 13] Permission denied: '/etc/rabbitmq/definitions.json'
Error: building at STEP "RUN exec python3 update_config.py": while running runtime: exit status
it would seem like /etc/rabbitmq, if owned by the rabbitmq user, would then allow for the definitions.json file to be written.
I have not tested this, just thinking about the logic I see, @MoralCode .
There was a problem hiding this comment.
It would again seem to me that changing permissions on a file that can't be written won't work ... but this may be something I don't understand.
There was a problem hiding this comment.
What are you asking?
There was a problem hiding this comment.
If the file can't be written due to permissions issues adjusting the permissions seems like it would help
There was a problem hiding this comment.
Does the file already exist though?
There was a problem hiding this comment.
Yeah, it's in the same folder as the Dockerfile. I think one of the previous Dockerfile steps is that we copy the file into the container before we run this script to make the final adjustments to it.
The problem here is essentially that if we run this chown line before we run the script that changes the file, we change the permissions such that the script can no longer edit the file, causing the crash.
I still need to run some builds with this new ordering of the build steps to make sure that the problem goes away, but I'm pretty confident that this is what's happening.
There was a problem hiding this comment.
Are you comfortable its working?
|
can confirm this fixes the build on my machine. will run it while testing other stuff to make sure rabbit behavior is unchanged as anticipated |
MoralCode
added
the
ready
|
This is a relatively important as it would likely prevent a newcomer from successfully building the container. But its also simple, well tested fix that only affects container users. Merging (bypass), especially since its been pretty well tested and restores the intended behavior of the rabbit config editing script |
3 participants
Description
This PR fixes #3734
Notes for Reviewers
Signed commits