Bug #2257
Manage command paths for different distributions
| Status: | Closed | Start date: | 08/02/2013 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Jaime Melis | % Done: | 0% | |
| Category: | Drivers - VM | |||
| Target version: | Release 4.4 | |||
| Resolution: | fixed | Pull request: | ||
| Affected Versions: | OpenNebula 4.0 |
Description
This should be fixed in OpenNebulaNetwork.rb and in scripts_common.sh.
It's important to take into account that the paths specified in scripts_common.sh are relative, but some of them are use in conjunction with sudo, which for NOPASSWD directives needs absolute paths instead.
This poses an important problem during upgrades, since user changes to these files will be overwritten by upgrades.
Related issues
Associated revisions
Bug #2257: convert paths in OpenNebulaNetwork.rb to relative paths
Bug #2257: Add a sudoers file generator
Bug #2257: deterministic output for ruby 1.8.7
Bug #2257: Better label for ONE commands for the sudoers file
Bug #2257: Add sudoers files for all distributions
Bug #2257: rename sudoers files
Bug #2257: convert paths in OpenNebulaNetwork.rb to relative paths
(cherry picked from commit 485a19047dac5af86715de4173b1a28cdc1ac99a)
Bug #2257: Add a sudoers file generator
(cherry picked from commit a067fb082d6890fe6913806d205a5aae9c0ca63b)
Bug #2257: deterministic output for ruby 1.8.7
(cherry picked from commit cb15b27ea0575bc500830c2f691895bbb86a4fad)
Bug #2257: Better label for ONE commands for the sudoers file
(cherry picked from commit 886cc05b8b21ea621c7a6e1da1c30bfdf5a4d1d1)
Bug #2257: Add sudoers files for all distributions
(cherry picked from commit c80a94761337b85f3e070d2d351c079abc11c31c)
Bug #2257: rename sudoers files
(cherry picked from commit 371094bbd519b3985d9b4e40633c95a9bb557a1d)
History
#1
Updated by Jaime Melis almost 8 years ago
- Subject changed from Manage differente command paths for different distributions to Manage command paths for different distributions
#2
Updated by Jaime Melis almost 8 years ago
- Description updated (diff)
#3
Updated by Jaime Melis almost 8 years ago
There are a few possible solutions to this problem:
- Maintain patches for each package
- Figure out the paths dynamically
- Study the possibility of providing sudoers configuration that enable the possibility of specifying only the relative path in combination with the NOPASSWD directive.
#4
Updated by Jaime Melis almost 8 years ago
The final decision to handle this bug is to provide a sudoers configuration per distribution to be placed under /etc/sudoers.d which enables the use relative paths and sudo. Something like:
Defaults !requiretty
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
oneadmin ALL=(ALL) NOPASSWD: /sbin/vconfig, /sbin/ip, ...
The secure_path directive is what enables the possibility of running sudo without specifying an absolute path
#5
Updated by Jaime Melis almost 8 years ago
- Status changed from Assigned to Closed
- Resolution set to fixed