Uploaded image for project: 'CernVM'
  1. CernVM
  2. CVM-2011

Can't access files in ligo.osgstorage.org mounted under cvmfsexec

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Low
    • Resolution: Fixed
    • Affects Version/s: CernVM-FS 2.8.1
    • Fix Version/s: CernVM-FS 2.8.2
    • Component/s: CVMFS
    • Labels:
      None
    • Platforms:
      ANY
    • Development:

      Description

      Attempting to access protected files in ligo.osgstorage.org mounted under cvmfsexec fails.  The corresponding debug log message is:

      (authz) Failed to open status file /proc/0/stat: (errno=2) No such file or directory
      

      This happens because the session id of all the processes running under cvmfsexec is zero, because the owner of the session is outside of the process namespace. Singularity does the same thing, although docker and podman make the session owner equal to the init process in their process namespace. I looked into making a separate session including looking at the code that podman uses, but it's terribly complicated. It would be much simpler to change the cvmfs code to use pid 1 if it sees pid 0.

        Attachments

          Activity

            People

            Assignee:
            dwd Dave Dykstra
            Reporter:
            dwd Dave Dykstra
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: