mattermost-helm
mattermost-helm copied to clipboard
Published
20 hours ago •
mattermost
mattermost
File Permissions / User ID with enhanced security OpenShift 3.11
Hi,
I did try a bit. I made the Mattermos application start fine. Thought the are no write permissions on the PVC and the container that should be fixed. Logs dont work and plugin uploads dont work. I try to provide details. Here is the frist set.
$ ls -lisa /mattermost/logs
total 0
805544752 0 drwxr-xr-x. 2 root root 6 Mar 15 2019 .
539336916 0 drwxr-xr-x. 1 root root 20 Mar 15 2019 ..
$ ls -lisa
total 216
539336916 0 drwxr-xr-x. 1 root root 20 Mar 15 2019 .
23910439 0 drwxr-xr-x. 1 root root 35 Dec 18 00:49 ..
539336917 4 -rw-r--r--. 1 root root 1239 Mar 15 2019 MIT-COMPILED-LICENSE.md
539336918 192 -rw-r--r--. 1 root root 193796 Mar 15 2019 NOTICE.txt
539336919 8 -rw-r--r--. 1 root root 5291 Mar 15 2019 README.md
805544732 0 drwxr-xr-x. 2 root root 40 Mar 15 2019 bin
23908977 8 drwxr-xr-x. 6 root root 4096 Mar 15 2019 client
805544746 0 drwxr-xr-x. 1 root root 25 Dec 18 00:49 config
24654 0 drwxrwxrwx. 3 root root 19 Dec 18 00:49 data
287374129 0 drwxr-xr-x. 2 root root 44 Mar 15 2019 fonts
539337173 0 drwxr-xr-x. 2 root root 255 Mar 15 2019 i18n
805544752 0 drwxr-xr-x. 2 root root 6 Mar 15 2019 logs
23910430 0 drwxr-xr-x. 2 root root 56 Mar 15 2019 prepackaged_plugins
287374132 4 drwxr-xr-x. 2 root root 4096 Mar 15 2019 templates
$ chmod 777 logs
chmod: changing permissions of 'logs': Operation not permitted
$ whoami
whoami: cannot find name for user ID 1000400000
$ touch data/test
{"level":"error","ts":1576632693.6850626,"caller":"web/context.go:52","msg":"Plugins have been disabled. Please check your logs for details.","path":"/api/v4/plugins/statuses","request_id":"4w3x8kkd3td4pgs7zzy54cn5fo","ip_addr":"90.187.22.29","user_id":"3wdg3x5msbfoiffgorncqnp8xy","method":"GET","err_where":"GetPluginStatuses","http_code":501,"err_details":""}
--
| 2019-12-18 01:31:33.68514844 +0000 UTC m=+2537.717978344 write error: can't open new logfile: open /mattermost/logs/mattermost.log: permission denied
| {"level":"info","ts":1576632752.072719,"caller":"scheduler/worker.go:78","msg":"Worker: Job is complete","worker":"Plugins","job_id":"yfa3efnb1p8wjj8trqshefkqfc"}
| 2019-12-18 01:32:32.074378491 +0000 UTC m=+2596.107208426 write error: can't open new logfile: open /mattermost/logs/mattermost.log: permission denied
| {"level":"error","ts":1576632792.2408912,"caller":"web/context.go:52","msg":"Plugins have been disabled. Please check your logs for details.","path":"/api/v4/plugins","request_id":"33kkg3gpcpyfzxnm4ywajdsq8a","ip_addr":"90.187.22.29","user_id":"3wdg3x5msbfoiffgorncqnp8xy","method":"POST","err_where":"installPlugin","http_code":501,"err_details":""}
| 2019-12-18 01:33:12.241014569 +0000 UTC m=+2636.273844479 write error: can't open new logfile: open /mattermost/logs/mattermost.log: permission denied
| {"level":"info","ts":1576632812.084993,"caller":"scheduler/worker.go:78","msg":"Worker: Job is complete","worker":"Plugins","job_id":"k9rxwctbmtnhmxj4eofzz7ud7o"}
| 2019-12-18 01:33:32.085486769 +0000 UTC m=+2656.118316733 write error: can't open new logfile: open /mattermost/logs/mattermost.log: permission denied
| {"level":"info","ts":1576632872.088391,"caller":"scheduler/worker.go:78","msg":"Worker: Job is complete","worker":"Plugins","job_id":"8xtzjmjw6tdojkk1aeeo7ftm1w"}
Here is a guide to properly relaese the images for openshift
https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html
