Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG 2228764: nfs: run dbus-daemon sidecar as dbus user instead of root #506

Closed
wants to merge 1 commit into from
Closed

BUG 2228764: nfs: run dbus-daemon sidecar as dbus user instead of root #506

wants to merge 1 commit into from

Conversation

BlaineEXE
Copy link

When the dbus-daemon in the sidecar is started as "root" user, it fails with the following log entry:

Failed to start message bus: Failed to drop capabilities: Operation not permitted

By starting the sidecar as "dbus" user (uid=81), the executable does not try to drop capabilities, and starts successfully.

Signed-off-by: Niels de Vos ndevos@ibm.com
(cherry picked from commit 320b112) (cherry picked from commit 6afe22a)

Description of your changes:

Which issue is resolved by this Pull Request:
Resolves #

Checklist:

  • Commit Message Formatting: Commit titles and messages follow guidelines in the developer guide).
  • Skip Tests for Docs: If this is only a documentation change, add the label skip-ci on the PR.
  • Reviewed the developer guide on Submitting a Pull Request
  • Pending release notes updated with breaking and/or notable changes for the next minor release.
  • Documentation has been updated, if necessary.
  • Unit tests have been added, if necessary.
  • Integration tests have been added, if necessary.

@nixpanic @BlaineEXE
nfs: run dbus-daemon sidecar as dbus user instead of root
869976e 
When the dbus-daemon in the sidecar is started as "root" user, it fails
with the following log entry:

Failed to start message bus: Failed to drop capabilities: Operation not permitted

By starting the sidecar as "dbus" user (uid=81), the executable does not
try to drop capabilities, and starts successfully.

Signed-off-by: Niels de Vos <ndevos@ibm.com>
(cherry picked from commit 320b112)
(cherry picked from commit 6afe22a)
@BlaineEXE BlaineEXE requested a review from travisn August 11, 2023 23:44
@openshift-ci
Copy link

openshift-ci bot commented Aug 11, 2023

@BlaineEXE: No Bugzilla bug is referenced in the title of this pull request.
To reference a bug, add 'Bug XXX:' to the title of this pull request and request another bug refresh with /bugzilla refresh.

In response to this:

nfs: run dbus-daemon sidecar as dbus user instead of root

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@openshift-ci
Copy link

openshift-ci bot commented Aug 11, 2023

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: BlaineEXE

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@BlaineEXE BlaineEXE changed the title nfs: run dbus-daemon sidecar as dbus user instead of root BUG 2228764: nfs: run dbus-daemon sidecar as dbus user instead of root Aug 11, 2023
@openshift-ci
Copy link

openshift-ci bot commented Aug 11, 2023

@BlaineEXE: An error was encountered searching for bug 2228764 on the Bugzilla server at https://bugzilla.redhat.com. No known errors were detected, please see the full error message for details.

Full error message. response code 401 not 200

Please contact an administrator to resolve this issue, then request a bug refresh with /bugzilla refresh.

In response to this:

BUG 2228764: nfs: run dbus-daemon sidecar as dbus user instead of root

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@BlaineEXE
Copy link
Author

Canceling b/c still resyncing 4.14 branch.

@BlaineEXE BlaineEXE closed this Aug 11, 2023
@openshift-ci
Copy link

openshift-ci bot commented Aug 11, 2023

@BlaineEXE: An error was encountered searching for bug 2228764 on the Bugzilla server at https://bugzilla.redhat.com. No known errors were detected, please see the full error message for details.

Full error message. response code 401 not 200

Please contact an administrator to resolve this issue, then request a bug refresh with /bugzilla refresh.

In response to this:

BUG 2228764: nfs: run dbus-daemon sidecar as dbus user instead of root

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@BlaineEXE BlaineEXE deleted the bp-nfs-dbus branch November 21, 2023 15:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@travisn travisn Awaiting requested review from travisn

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@BlaineEXE @nixpanic