hgweb bootstrap process changes instance data permissions
Categories
(Developer Services :: Mercurial: hg.mozilla.org, defect)
Tracking
(Not tracked)
People
(Reporter: sheehan, Assigned: sheehan)
References
(Blocks 1 open bug)
Details
In our cloud-init config, we create the /var/hg directory and move the instance_data.json object into it. I have confirmed this works as intended. Somewhere along the line in the bootstrap Ansible playbook (likely when we apply the hg-web role), the permissions on this instance_data.json file are unset from hg:hg to 1001:1002. This causes reads on the file by code in the hgmo extension to fail and return 500's.
We can paper over this easily by setting the permissions of the file to hg:hg in Ansible.
|
Assignee | |
Comment 1•6 years ago
|
||
Taking a closer look, I think the issue here is that we run chown hg:hg /var/hg/instance_data.json. This causes the file itself to be owned by hg:hg, but /var/hg is owned by root. We want /var/hg and everything inside it to be owned by hg. So running chown recursively on /var/hg feels like a better fix here.
Pushed by cosheehan@mozilla.com:
https://hg.mozilla.org/hgcustom/version-control-tools/rev/3a3df759c32c
terraform: run chown recursively on full /var/hg directory instead of instance_data.json
|
|
Assignee | |
Comment 3•6 years ago
|
||
This didn't fix the problem, unfortunately. :/
I'm just going to manually fix this at the end of the hgweb bootstrap with some Ansible.
Pushed by cosheehan@mozilla.com:
https://hg.mozilla.org/hgcustom/version-control-tools/rev/64b81e9c817b
bootstrap: run hg replicatehgrc for try repos on correct host
https://hg.mozilla.org/hgcustom/version-control-tools/rev/663cd30b7a27
bootstrap: fix file permissions on instance_data.json during bootstrap
Description
•