Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chef Server does not check for necessary permissions on /var/log #847

Open
marcparadise opened this issue Jun 6, 2016 · 0 comments
Open

Chef Server does not check for necessary permissions on /var/log #847

marcparadise opened this issue Jun 6, 2016 · 0 comments
Labels
Aspect: Packaging Distribution of the projects 'compiled' artifacts. Component: others Catch all for components other that the ones already categorized Status: Good First Issue An issue ready for a new contributor. Triage: Confirmed Indicates and issue has been confirmed as described. Type: Chore non-critical maintenance of a project.

Comments

@marcparadise
Copy link
Member

Some customers set /var/log 's mode to 0700, which breaks Chef Server 12.3.1+ initial reconfigure.

/var/log/opscode is either not present or unwritable even if present and the reconfigure fails.

Let's add a preflight check for permissions that verifies /var/log as 0755 and provides a meaningful message with remediation steps to the customer if permissions are not sufficient to permit complete a successful reconfigure.

The original PR (#695 ) changed the directory permissions as part of reconfigure, but this introduces a potential issue where installing Chef Server has an unexpected side effect (changing system directory permissions level) that may run contrary to local security policies.
@marcparadise marcparadise mentioned this issue Jun 6, 2016
Closed
@marcparadise marcparadise changed the title Chef Server does not check for rnecessary permissions to /var/log Chef Server does not check for necessary permissions to /var/log Jun 6, 2016
@marcparadise marcparadise changed the title Chef Server does not check for necessary permissions to /var/log Chef Server does not check for necessary permissions on /var/log Jun 6, 2016
@PrajaktaPurohit PrajaktaPurohit added the Status: Untriaged An issue that has yet to be triaged. label Oct 11, 2019
@PrajaktaPurohit PrajaktaPurohit added Aspect: Correctness Triage: Confirmed Indicates and issue has been confirmed as described. Type: Chore non-critical maintenance of a project. Aspect: Packaging Distribution of the projects 'compiled' artifacts. Component: others Catch all for components other that the ones already categorized Status: Good First Issue An issue ready for a new contributor. and removed Status: Untriaged An issue that has yet to be triaged. Aspect: Correctness labels Nov 13, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Aspect: Packaging Distribution of the projects 'compiled' artifacts. Component: others Catch all for components other that the ones already categorized Status: Good First Issue An issue ready for a new contributor. Triage: Confirmed Indicates and issue has been confirmed as described. Type: Chore non-critical maintenance of a project.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@marcparadise @PrajaktaPurohit