Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] salt-cloud --update-bootstrap fails to update bootstrap script on 3006.0 due to lack of permissions #64204

Closed
2 of 9 tasks
ggiesen opened this issue May 2, 2023 · 1 comment · Fixed by #64218
Closed
2 of 9 tasks

[BUG] salt-cloud --update-bootstrap fails to update bootstrap script on 3006.0 due to lack of permissions #64204

ggiesen opened this issue May 2, 2023 · 1 comment · Fixed by #64218
Assignees
@dwoz
Labels
Bug broken, incorrect, or confusing behavior Packaging Related to packaging of Salt, not Salt's support for package management. Regression The issue is a bug that breaks functionality known to work in previous releases. Sulfur v3006.0 release code name and version Sulfur v3006.1
Milestone
Sulfur v3006.1

Comments

@ggiesen
Copy link
Contributor

ggiesen commented May 2, 2023

Description
salt-cloud --update-bootstrap fails to update bootstrap script on 3006.0 as it runs as the salt user which doesn't have permissions to write to /etc/salt/cloud.deploy.d or /opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy

The latest release of bootstrap-salt.sh is v2023.04.26, however Salt 3006.0 ships with 2022.10.04. Running salt-cloud --update-bootstrap has no effect.

Setup
(Please provide relevant configs and/or SLS files (be sure to remove sensitive info. There is no general set-up of Salt.)

Please be as specific as possible and give set-up details.

  • on-prem machine
  • VM (Virtualbox, KVM, etc. please specify)
  • VM running on a cloud service, please be explicit and add details
  • container (Kubernetes, Docker, containerd, etc. please specify)
  • or a combination, please be explicit
  • jails if it is FreeBSD
  • classic packaging
  • onedir packaging
  • used bootstrap to install

Steps to Reproduce the behavior

# salt-cloud --update-bootstrap -l debug
[DEBUG   ] Reading configuration from /etc/salt/cloud
[DEBUG   ] Reading configuration from /etc/salt/master
[DEBUG   ] Missing configuration file: /etc/salt/cloud.providers
[DEBUG   ] Including configuration from '/etc/salt/cloud.providers.d/vultr.conf'
[DEBUG   ] Reading configuration from /etc/salt/cloud.providers.d/vultr.conf
[DEBUG   ] Missing configuration file: /etc/salt/cloud.profiles
[WARNING ] Insecure logging configuration detected! Sensitive data may be logged.
[DEBUG   ] Configuration file path: /etc/salt/cloud
[DEBUG   ] Updating the bootstrap-salt.sh script to latest stable
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltstack.com:443
[DEBUG   ] https://bootstrap.saltstack.com:443 "GET / HTTP/1.1" 301 0
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltproject.io:443
[DEBUG   ] https://bootstrap.saltproject.io:443 "GET / HTTP/1.1" 200 352107
[DEBUG   ] The '/etc/salt/cloud.deploy.d' is not writeable. Continuing...
[DEBUG   ] The '/opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy' is not writeable. Continuing...
[DEBUG   ] The functions from module 'nested' are being loaded by dir() on the loaded module
[DEBUG   ] LazyLoaded nested.output
Success:
    ----------
    Files updated:

# ls -alh /etc/salt/cloud.deploy.d
total 4.0K
drwx------.  2 root root    6 Apr 18 17:31 .
drwxr-xr-x. 11 root root 4.0K Apr 30 22:25 ..

# ls -alh /opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy
total 412K
drwxr-xr-x. 2 root root 4.0K Apr 30 16:16 .
drwxr-xr-x. 5 root root  131 Apr 30 16:16 ..
-rw-r--r--. 1 root root  864 Apr 18 17:31 Arch-git.sh
-rw-r--r--. 1 root root  677 Apr 18 17:31 Arch.sh
-rw-r--r--. 1 root root 321K Apr 18 17:31 bootstrap-salt.sh
-rw-r--r--. 1 root root  736 Apr 18 17:31 curl-bootstrap-git.sh
-rw-r--r--. 1 root root  709 Apr 18 17:31 curl-bootstrap.sh
-rw-r--r--. 1 root root 1.3K Apr 18 17:31 Debian-git.sh
-rw-r--r--. 1 root root 1.1K Apr 18 17:31 Debian.sh
-rw-r--r--. 1 root root 1.2K Apr 18 17:31 Fedora-git.sh
-rw-r--r--. 1 root root  982 Apr 18 17:31 Fedora.sh
-rw-r--r--. 1 root root 1000 Apr 18 17:31 FreeBSD-git.sh
-rw-r--r--. 1 root root  937 Apr 18 17:31 FreeBSD.sh
-rw-r--r--. 1 root root  407 Apr 18 17:31 None.sh
-rw-r--r--. 1 root root  808 Apr 18 17:31 python-bootstrap.sh
-rw-r--r--. 1 root root  913 Apr 18 17:31 RHEL5-git.sh
-rw-r--r--. 1 root root  725 Apr 18 17:31 RHEL5.sh
-rw-r--r--. 1 root root  934 Apr 18 17:31 RHEL6-git.sh
-rw-r--r--. 1 root root  751 Apr 18 17:31 RHEL6.sh
-rw-r--r--. 1 root root 1.1K Apr 18 17:31 SmartOS.sh
-rw-r--r--. 1 root root 1.5K Apr 18 17:31 Ubuntu-git.sh
-rw-r--r--. 1 root root 1.2K Apr 18 17:31 Ubuntu.sh
-rw-r--r--. 1 root root  758 Apr 18 17:31 wget-bootstrap-nocert.sh
-rw-r--r--. 1 root root  712 Apr 18 17:31 wget-bootstrap.sh

# chown root:salt /etc/salt/cloud.deploy.d
# chmod 0770 /etc/salt/cloud.deploy.d

# salt-cloud --update-bootstrap -l debug
[DEBUG   ] Reading configuration from /etc/salt/cloud
[DEBUG   ] Reading configuration from /etc/salt/master
[DEBUG   ] Missing configuration file: /etc/salt/cloud.providers
[DEBUG   ] Including configuration from '/etc/salt/cloud.providers.d/vultr.conf'
[DEBUG   ] Reading configuration from /etc/salt/cloud.providers.d/vultr.conf
[DEBUG   ] Missing configuration file: /etc/salt/cloud.profiles
[WARNING ] Insecure logging configuration detected! Sensitive data may be logged.
[DEBUG   ] Configuration file path: /etc/salt/cloud
[DEBUG   ] Updating the bootstrap-salt.sh script to latest stable
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltstack.com:443
[DEBUG   ] https://bootstrap.saltstack.com:443 "GET / HTTP/1.1" 301 0
[DEBUG   ] Starting new HTTPS connection (1): bootstrap.saltproject.io:443
[DEBUG   ] https://bootstrap.saltproject.io:443 "GET / HTTP/1.1" 200 352107
[DEBUG   ] The '/opt/saltstack/salt/lib/python3.10/site-packages/salt/cloud/deploy' is not writeable. Continuing...
[DEBUG   ] The functions from module 'nested' are being loaded by dir() on the loaded module
[DEBUG   ] LazyLoaded nested.output
Success:
    ----------
    Files updated:
        - /etc/salt/cloud.deploy.d/bootstrap-salt.sh

Expected behavior
Bootstrap script to be installed in /etc/salt/cloud.deploy.d/

Versions Report

salt --versions-report (Provided by running salt --versions-report. Please also mention any differences in master/minion versions.) 
Salt Version:
              Salt: 3006.0

Python Version:
            Python: 3.10.11 (main, Apr 14 2023, 05:57:16) [GCC 11.2.0]

Dependency Versions:
              cffi: 1.14.6
          cherrypy: unknown
          dateutil: 2.8.1
         docker-py: Not Installed
             gitdb: Not Installed
         gitpython: Not Installed
            Jinja2: 3.1.2
           libgit2: Not Installed
      looseversion: 1.1.2
          M2Crypto: Not Installed
              Mako: Not Installed
           msgpack: 1.0.5
      msgpack-pure: Not Installed
      mysql-python: Not Installed
         packaging: 22.0
         pycparser: 2.21
          pycrypto: Not Installed
      pycryptodome: 3.17
            pygit2: Not Installed
      python-gnupg: 0.4.8
            PyYAML: 6.0
             PyZMQ: 25.0.2
            relenv: 0.11.2
             smmap: Not Installed
           timelib: 0.2.4
           Tornado: 4.5.3
               ZMQ: 4.3.4

Salt Extensions:
 saltext.bitwarden: 0.0.1b12

System Versions:
              dist: almalinux 9.1 Lime Lynx
            locale: utf-8
           machine: x86_64
           release: 5.14.0-162.6.1.el9_1.x86_64
            system: Linux
           version: AlmaLinux 9.1 Lime Lynx

Additional context
Running salt-cloud in a masterless setup.
@ggiesen ggiesen added Bug broken, incorrect, or confusing behavior needs-triage Packaging Related to packaging of Salt, not Salt's support for package management. Sulfur v3006.0 release code name and version labels May 2, 2023
@s0undt3ch s0undt3ch added this to the Sulfur v3006.1 milestone May 2, 2023
@OrangeDog OrangeDog added the Regression The issue is a bug that breaks functionality known to work in previous releases. label May 2, 2023
@dwoz dwoz mentioned this issue May 3, 2023
Merged
3 tasks
dwoz added a commit to dwoz/salt that referenced this issue May 3, 2023
@dwoz
Add changelog for saltstack#64204
58cc78b
@s0undt3ch s0undt3ch linked a pull request May 3, 2023 that will close this issue
[3006.x] Fix perms on cloud deployment directories #64218
Merged
3 tasks
s0undt3ch pushed a commit to dwoz/salt that referenced this issue May 3, 2023
@dwoz @s0undt3ch
Add changelog for saltstack#64204
f1d2f2a
dwoz added a commit to dwoz/salt that referenced this issue May 3, 2023
@dwoz
Add changelog for saltstack#64204
677134a
garethgreenaway pushed a commit that referenced this issue May 3, 2023
@dwoz @garethgreenaway
Add changelog for #64204
58b6f8c
@dwoz
Copy link
Contributor

dwoz commented May 3, 2023

Fixed by #64218

@dwoz dwoz closed this as completed May 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dwoz dwoz

Labels
Bug broken, incorrect, or confusing behavior Packaging Related to packaging of Salt, not Salt's support for package management. Regression The issue is a bug that breaks functionality known to work in previous releases. Sulfur v3006.0 release code name and version Sulfur v3006.1
Projects
None yet
Milestone
Sulfur v3006.1
Development

Successfully merging a pull request may close this issue.

[3006.x] Fix perms on cloud deployment directories dwoz/salt
5 participants
@s0undt3ch @OrangeDog @dwoz @anilsil @ggiesen