Project

General

Profile

Bug #4706

Non privilege separation is broken in v3 series

Added by Parag Mhashilkar about 7 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
High
Assignee:
Parag Mhashilkar
Category:
-
Target version:
Start date:
09/26/2013
Due date:
% Done:

0%

Estimated time:
First Occurred:
Occurs In:
Stakeholders:
Duration:

Description

Found this out while helping Joe Boyd with his v3.2 factory. Factory fails to process credentials and to submit glideins when privsep is not used. IF do not use privsep and they need this for their v3.2 setup


Related issues

Has duplicate GlideinWMS - Bug #4345: Support for non-privilege separation in v3+Closed07/16/2013

History

#1 Updated by Parag Mhashilkar about 7 years ago

  • Status changed from New to Feedback
  • Assignee changed from Parag Mhashilkar to Burt Holzman

Fixed in v3/4706 and is running in the IF test setup. Please review and I will take care of rest.

#2 Updated by Burt Holzman about 7 years ago

I thought we agreed to not support non-privsep in v3. Intensity Frontier should definitely be using it, shouldn't they?

#3 Updated by John Weigand about 7 years ago

I think this was brought up back in July and has been debated periodically ever since with no conclusive decisions.
https://cdcvs.fnal.gov/redmine/issues/4345

John Weigand

#4 Updated by Joe Boyd about 7 years ago

I mentioned to Parag that Burt had mentioned to me that he didn't want to support privilege separation in V3 and I had said it would be ok as long as we could still install everything as non-root and then just have the sysadmins change something to setuid root. Parag said that was the condor switchboard and was something different than what he was talking about here. I don't know the details of what we're talking about really.

I DO think that anything that can be run non-root should be run non-root. It doesn't seem like the majority of this stuff should be installed and run as root but I guess if there's one small piece that needs to be setuid root that's not bad. What has to be installed root and what has to be run root if we run with privilege separation? Can everything still be installed non-root with the .ini installer and there's just one step at the end to have the sysadmins make something setuid root?

#5 Updated by Parag Mhashilkar about 7 years ago

Short answer we decided to bite the bullet and support non priv separation

Thankfully this time I documented in my Meeting Notes :) and I went digging into my chat logs.

June 04, 2012 =============

[...]
- Decision: Support non-privilage separation

June 11, 2012 =============

- Non privilage separation now fixed in the v3+

Chat logs with Burt from July 12 & 16 , 2013 ===========================

Since we decided to support non privsep for IF. However, since they were not going to use dev release, v3.1 was shipped with no-priv broken. I forgot to put it in the release notes for v3.1 as known issue :(

#6 Updated by Parag Mhashilkar about 7 years ago

  • Status changed from Feedback to Closed
  • Assignee changed from Burt Holzman to Parag Mhashilkar

Chatted with Burt on this. He reviewed it. Merged it back to branch_v3_2

Also available in: Atom PDF