[Labs-l] Fixing broken labs_vagrant instances
Bryan Davis
bd808 at wikimedia.org
Tue Sep 23 16:57:35 UTC 2014
Hey all,
Last week S noticed a nasty problem with puppet runs eating up a lot
of cpu on Labs instances with role::labs::vagrant enabled [0]. I
tracked this down to "interesting" behavior in the Puppet file
resource and decided to change the way we manage the git clone
permissions [1]. Unfortunately this change to using the shared=>true
mode of our git::clone resource had a file permissions bug that I
didn't notice at the time. I went AFK for a long weekend and came back
to find out that I had broken things badly for folks.
The file permissions issue was that git::clone was deciding to strip
all of the "others" permissions bits from files and directories
(basically chmod -R o=) from /srv/vagrant on each puppet run. This
blocked Apache from reading the php files and other assets in the
directory. A fix for this was merged in the last hour [2] and Puppet
should now stop trying to change the permissions on that directory
after it is initially provisioned.
Existing labs_vagrant users who have file permissions issues caused by
the removed code will need to fix by running `sudo chmod -R o+rX
/srv/vagrant` to restore the others permission bits that were
stripped.
Sorry for letting things stay broken for so long.
[0]: https://bugzilla.wikimedia.org/show_bug.cgi?id=70971
[1]: https://gerrit.wikimedia.org/r/#/c/161276/
[2]: https://gerrit.wikimedia.org/r/#/c/162160/
Bryan
--
Bryan Davis Wikimedia Foundation <bd808 at wikimedia.org>
[[m:User:BDavis_(WMF)]] Sr Software Engineer Boise, ID USA
irc: bd808 v:415.839.6885 x6855
More information about the Labs-l
mailing list