Bug #2257

Manage command paths for different distributions

Added by Jaime Melis almost 8 years ago. Updated almost 8 years ago.

Status:ClosedStart date:08/02/2013
Priority:NormalDue date:
Assignee:Jaime Melis% Done:

0%

Category:Drivers - VM
Target version:Release 4.4
Resolution:fixed Pull request:
Affected Versions:OpenNebula 4.0

Description

This should be fixed in OpenNebulaNetwork.rb and in scripts_common.sh.

It's important to take into account that the paths specified in scripts_common.sh are relative, but some of them are use in conjunction with sudo, which for NOPASSWD directives needs absolute paths instead.

This poses an important problem during upgrades, since user changes to these files will be overwritten by upgrades.


Related issues

Related to Bug #2274: ovs-vsctl and ovs-ofctl are missing in sudoers file Closed 08/22/2013

Associated revisions

Revision 485a1904
Added by Jaime Melis almost 8 years ago

Bug #2257: convert paths in OpenNebulaNetwork.rb to relative paths

Revision a067fb08
Added by Jaime Melis almost 8 years ago

Bug #2257: Add a sudoers file generator

Revision cb15b27e
Added by Jaime Melis almost 8 years ago

Bug #2257: deterministic output for ruby 1.8.7

Revision 886cc05b
Added by Jaime Melis almost 8 years ago

Bug #2257: Better label for ONE commands for the sudoers file

Revision c80a9476
Added by Jaime Melis almost 8 years ago

Bug #2257: Add sudoers files for all distributions

Revision 371094bb
Added by Jaime Melis almost 8 years ago

Bug #2257: rename sudoers files

Revision 5f3c30c8
Added by Jaime Melis almost 8 years ago

Bug #2257: convert paths in OpenNebulaNetwork.rb to relative paths
(cherry picked from commit 485a19047dac5af86715de4173b1a28cdc1ac99a)

Revision 782fe903
Added by Jaime Melis almost 8 years ago

Bug #2257: Add a sudoers file generator
(cherry picked from commit a067fb082d6890fe6913806d205a5aae9c0ca63b)

Revision 0bad93ae
Added by Jaime Melis almost 8 years ago

Bug #2257: deterministic output for ruby 1.8.7

(cherry picked from commit cb15b27ea0575bc500830c2f691895bbb86a4fad)

Revision ee406692
Added by Jaime Melis almost 8 years ago

Bug #2257: Better label for ONE commands for the sudoers file

(cherry picked from commit 886cc05b8b21ea621c7a6e1da1c30bfdf5a4d1d1)

Revision e36dad1d
Added by Jaime Melis almost 8 years ago

Bug #2257: Add sudoers files for all distributions

(cherry picked from commit c80a94761337b85f3e070d2d351c079abc11c31c)

Revision 8deba647
Added by Jaime Melis almost 8 years ago

Bug #2257: rename sudoers files

(cherry picked from commit 371094bbd519b3985d9b4e40633c95a9bb557a1d)

History

#1 Updated by Jaime Melis almost 8 years ago

  • Subject changed from Manage differente command paths for different distributions to Manage command paths for different distributions

#2 Updated by Jaime Melis almost 8 years ago

  • Description updated (diff)

#3 Updated by Jaime Melis almost 8 years ago

There are a few possible solutions to this problem:

  • Maintain patches for each package
  • Figure out the paths dynamically
  • Study the possibility of providing sudoers configuration that enable the possibility of specifying only the relative path in combination with the NOPASSWD directive.

#4 Updated by Jaime Melis almost 8 years ago

The final decision to handle this bug is to provide a sudoers configuration per distribution to be placed under /etc/sudoers.d which enables the use relative paths and sudo. Something like:

Defaults !requiretty
Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin
oneadmin ALL=(ALL) NOPASSWD: /sbin/vconfig, /sbin/ip, ...

The secure_path directive is what enables the possibility of running sudo without specifying an absolute path

#5 Updated by Jaime Melis almost 8 years ago

  • Status changed from Assigned to Closed
  • Resolution set to fixed

Also available in: Atom PDF