Page MenuHomePhabricator
Create Task
Maniphest T6806

Raise severity of "phd.user" warning eventually
Closed, ResolvedPublic
Actions

Description

After D11036, we try to run as the configured phd.user and raise a setup check if daemons are running under the wrong user.

If we aren't able to switch to the correct user with sudo, we still launch the daemons (as the wrong user, with a warning). This gives installs with bad configuration some time to fix the problem on their own without anything breaking.

Once installs have had some time to address the issue (say, after a couple of months without anyone raising support issues), we should make phd abort the launch if it is unable to launch as the correct user.

Revisions and Commits

rP Phabricator
D15726rPf146f4577ea7 Fail explicitly instead of continuing with a warning if "phd.user" is…

Related Objects
Search...

Event Timeline

epriestley created this task.Dec 23 2014, 4:11 PM
epriestley raised the priority of this task from to Low.
epriestley updated the task description. (Show Details)
epriestley added a project: Daemons.
epriestley mentioned this in D11036: Start phd daemons as the correctly configured user and refuse otherwise.
epriestley added a subscriber: epriestley.
fabe added a subscriber: fabe.Dec 23 2014, 4:15 PM

I should add that the current setup check only alerts if there's a mismatch between config and running daemon.
If phd.user is not configured at all (default) it will not trigger.

joshuaspence added a subscriber: joshuaspence.Jan 2 2015, 9:10 PM

One thing I havent quite worked out yet is whether the daemon user (phd in my case) requires a shell and/or home directory. If possible, it's nice to be able to set the shell to something like /bin/false.

joshuaspence claimed this task.May 26 2015, 10:06 PM
epriestley mentioned this in T10756: Make daemons work correctly no matter where they are or how many copies are running.Apr 15 2016, 5:02 PM
areitz added a subscriber: areitz.Apr 15 2016, 5:46 PM

The phd user has /bin/false as it's shell on our production instance, and it seems to work fine.

Herald added a subscriber: eadler. · View Herald TranscriptApr 15 2016, 5:46 PM
epriestley added a revision: D15726: Fail explicitly instead of continuing with a warning if "phd.user" is misconfigured.Apr 15 2016, 8:53 PM
epriestley closed this task as Resolved by committing rPf146f4577ea7: Fail explicitly instead of continuing with a warning if "phd.user" is….Apr 15 2016, 9:09 PM
epriestley added a commit: rPf146f4577ea7: Fail explicitly instead of continuing with a warning if "phd.user" is….
Phabricator · Built by Phacility