Bug #10350
qpid-dispatch-0.4-4 runs under non-root account and has no access to PKI files
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1217828
Previous versions of qpid-dispatch ran as root and could read the files in:
/etc/pki/katello/certs/*
the latest version now runs with the user qpidd and can no longer read the files necessary.
We either need to change the user qpid-dispatch runs under or adjust permissions to allow reading of these files by that user.
History
#1
Updated by Mike McCune almost 8 years ago
Updated by - Pull request https://github.com/Katello/puppet-certs/pull/59 added
- Pull request deleted (
)
#2
Updated by The Foreman Bot almost 8 years ago
Updated by - Status changed from New to Ready For Testing
#3
Updated by Eric Helms almost 8 years ago
Updated by - Legacy Backlogs Release (now unused) set to 23
- Triaged changed from No to Yes
#4
Updated by Eric Helms almost 8 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset katello-installer|9cd16f03f79fa1f26bc155d6dd94ad321f73a191.
fixes #10350 - switch to qdrouterd user for certs + keys
The latest version of the Dispatch Router runs under the qdrouterd
user instead of root as it previously did. This means the certs+keys
all need to be owned by the qdrouterd user instead of qpidd.