Page MenuHomePhabricator
Differential D16391

When already running as the daemon user, don't "sudo" daemon commands
ClosedPublic
Actions

Authored by epriestley on Aug 11 2016, 11:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Apr 7, 2:39 AM
Unknown Object (File)
Sat, Apr 6, 3:57 AM
Unknown Object (File)
Mar 18 2024, 7:30 PM
Unknown Object (File)
Mar 18 2024, 7:11 PM
Unknown Object (File)
Mar 18 2024, 4:47 PM
Unknown Object (File)
Mar 5 2024, 2:42 AM
Unknown Object (File)
Feb 19 2024, 7:20 PM
Unknown Object (File)
Feb 16 2024, 9:12 AM
View All Files
Subscribers
None
Tokens
"100" token, awarded by jmeador.

Details

Reviewers
avivey
chad
Commits
rPca78c1825a66: When already running as the daemon user, don't "sudo" daemon commands
Summary

The cluster synchronization code runs either actively (before returning a response to git clone, for example) or passively (routinely, as the daemons update reposiories).

The active sync runs as the web user (if running git clone http://...) or the VCS user (if running git clone ssh://...). But the passive sync runs as the daemon user.

All of these sync processes need to run actual commands as the daemon user (git fetch ...).

For the active ones, we must sudo.

For the passive ones, we're already the right user. We run the same code, and end up trying to sudo to ourselves, which sudo isn't happy about by default.

Depending on how sudo is configured and which users things are running as this might work anyway, but it's silly and if it doesn't work it requires you to go make non-obvious, weird config changes that are unintuitive and somewhat nonsensical. This is probably worse on the balance than adding a bit of complexity to the code.

Instead, test which user we're running as. If it's already the right user, don't sudo.

Test Plan
  • Ran bin/repository update --trace as daemon user, saw no more sudo.
  • Ran a git clone to make sure that didn't break.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 39418.Aug 11 2016, 11:08 PM
epriestley retitled this revision from to When already running as the daemon user, don't "sudo" daemon commands.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
jmeador awarded a token.Aug 11 2016, 11:12 PM
avivey accepted this revision.Aug 11 2016, 11:30 PM
avivey added a reviewer: avivey.
This revision is now accepted and ready to land.Aug 11 2016, 11:30 PM
Closed by commit rPca78c1825a66: When already running as the daemon user, don't "sudo" daemon commands (authored by epriestley, committed by epriestley). · Explain WhyAug 11 2016, 11:41 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
infrastructure/
daemon/
18 lines

Diff 39421

View Options

src/infrastructure/daemon/PhabricatorDaemon.php

Loading...
Phabricator · Built by Phacility