If pmdaCacheOp(indom, PMDA_CACHE_SAVE) is called from a local
context before pmcd has ever been started (e.g. after a fresh
install), the cache file(s) for that indom will end up being
created and owned by the user running the local context program,
assuming they have write permission to the cache directory.
Later when pmcd gets started, $PCP_USER may not be able to
write to the cache file(s), causing persistent indom issues.
e.g. on a fresh install, after running :
# sudo -u root pminfo -f -L hinv.map.scsi
the 'pcp' user can't save the cache :
$ sudo -u pcp pminfo -f -L -DLIBPMDA hinv.map.scsi
hinv.map.scsi
refresh_proc_scsi: add "scsi0:0:0:0 Direct-Access" = "sda"
refresh_proc_scsi: add "scsi1:0:0:0 CD-ROM" = "sr0"
refresh_proc_scsi: add "scsi7:0:0:0 Direct-Access" = "sdb"
refresh_proc_scsi: PMDA_CACHE_SAVE: error Permission denied
inst [0 or "scsi0:0:0:0 Direct-Access"] value "sda"
inst [2 or "scsi7:0:0:0 Direct-Access"] value "sdb"
inst [3 or "scsi1:0:0:0 CD-ROM"] value "sr0"
Most refresh functions do not check the return value of the
PMDA_CACHE_SAVE call, so the EPERM is usually ignored.
Any thoughts on fixing this? Should we chown the cache file(s)
to $PCP_USER on creation in save_cache()? (the cache directory
is installed as pcp/pcp mode 775). Perhaps the cache files
should be group writeable too?
Regards
-- Mark
|