Details
-
Improvement
-
Resolution: Fixed
-
Minor
-
None
-
None
-
None
Description
Hello,
Looks like someone broke my orchestration :slightly_smiling_face: It looks like the “librarySetupFiles.sh-setupFiles_chownDirs” section used to have two different commands:
chown -R tomcat:tomcat /opt/grouper/grouperWebapp: result 1
chown -R tomcat:tomcat /opt/tomee: result 0
But then later version combined them:
chown -R tomcat:tomcat /opt/grouper/grouperWebapp /opt/tomee, result: 1
It looks like that before, the supervisor started since the last command returned 0 and now, with the combined chown we are getting the last command with a return code of 1, and it won’t start the supervisor.
The reason chown on /opt/grouper/grouperWebapp returns 1 is that we use config and secrets, and they mount the files read only, and chown fails on them.
So the question is should I start using the slashRoot method? (edited)
Chris Hyzer 4 days ago
are you copying files in a subimage? If so can you chown when making the subimage, and then all good? :slightly_smiling_face:
Jeffrey Crawford 4 days ago
no I just pull directly from docker hub and update my files. Easier concept when using puppet.
Jeffrey Crawford 5 hours ago
@mchyzer I’m still having issues with this image, I tried patching the librarySetupFiles.sh files using the grouperScriptHooks.sh file utilizing the grouperScriptHooks_prepConfPost function (Sounded like it might execute before librarySetupFiles.sh, but it doesn’t look like it is) for those of us who bind mount any way to get that chown to ignore issues about not being able to update read only files?
Jeffrey Crawford 4 hours ago
Okay I did come across
GROUPER_CHOWN_DIRS=false
is there any danger that the base image files would have incorrect file owners?
Chris Hyzer 3 hours ago
no, go for it
Chris Hyzer 3 hours ago
so to fix this we should not try to chown the configs and secrets dir right?
Chris Hyzer 3 hours ago
what path are your configs and secrets exactly?
New
Jeffrey Crawford 1 hour ago
mostly under /opt/grouper/grouperWebapp, but I did have at one time a web.xml under /opt/tomee but something got variableized and I didn’t need to manage it anymore. But any file that is bind mounted is read only and belongs to root (Although you could technically change the owner, for some reason chmod still returned with a result code of 1)