Project

General

Profile

Bug #8405

Cloud glideins do not shut down VMs all the time

Added by Parag Mhashilkar over 4 years ago.

Status:
New
Priority:
Normal
Assignee:
Parag Mhashilkar
Category:
gWMS Cloud Image
Target version:
-
Start date:
04/23/2015
Due date:
% Done:

0%

Estimated time:
First Occurred:
Occurs In:
Stakeholders:
Duration:

Description

Steve Timm pointed this from his observation in the new glideinwms launched VMs in Open Nebula but the problem is generic. Problem could occur when VMs are booted manually or if the pilot-launcher throws exception before dropping privileges to the user glidein_pilot.

He traced down the problem to additional line in /etc/sudoers file that is shipped with redhat

Defaults    requiretty

If the pilot launcher throws exception before dropping privileges, rest of the glidein process continues as root. Although this is not a big security issue, the above requiretty line prevents the pilot-launcher to shutdown as root. glidein rpms adds following line to the sudoers file giving glidein_pilot user access to shutdown the VM

Defaults:glidein_pilot !requiretty

Much cleaner way to handle this is to always make sure that we drop privileges in case of exceptions during the startup.



Also available in: Atom PDF