Page MenuHomePhabricator

When already running as the daemon user, don't "sudo" daemon commands
ClosedPublic

Authored by epriestley on Aug 11 2016, 11:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 13, 6:27 PM
Unknown Object (File)
Thu, Dec 5, 9:49 PM
Unknown Object (File)
Wed, Dec 4, 9:51 PM
Unknown Object (File)
Sun, Nov 24, 10:04 PM
Unknown Object (File)
Thu, Nov 21, 4:26 AM
Unknown Object (File)
Nov 17 2024, 5:12 AM
Unknown Object (File)
Nov 9 2024, 10:08 PM
Unknown Object (File)
Nov 9 2024, 10:04 PM
Subscribers
None
Tokens
"100" token, awarded by jmeador.

Details

Summary

The cluster synchronization code runs either actively (before returning a response to git clone, for example) or passively (routinely, as the daemons update reposiories).

The active sync runs as the web user (if running git clone http://...) or the VCS user (if running git clone ssh://...). But the passive sync runs as the daemon user.

All of these sync processes need to run actual commands as the daemon user (git fetch ...).

For the active ones, we must sudo.

For the passive ones, we're already the right user. We run the same code, and end up trying to sudo to ourselves, which sudo isn't happy about by default.

Depending on how sudo is configured and which users things are running as this might work anyway, but it's silly and if it doesn't work it requires you to go make non-obvious, weird config changes that are unintuitive and somewhat nonsensical. This is probably worse on the balance than adding a bit of complexity to the code.

Instead, test which user we're running as. If it's already the right user, don't sudo.

Test Plan
  • Ran bin/repository update --trace as daemon user, saw no more sudo.
  • Ran a git clone to make sure that didn't break.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley retitled this revision from to When already running as the daemon user, don't "sudo" daemon commands.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: chad.
avivey added a reviewer: avivey.
This revision is now accepted and ready to land.Aug 11 2016, 11:30 PM
This revision was automatically updated to reflect the committed changes.