Page MenuHomePhabricator
Create Task
Maniphest T284581

Ownership of the /tmp/mw-cache directories should be www-data in the mediawiki-multiversion image
Closed, ResolvedPublic
Actions

Description

While trying to run MediaWiki on kubernetes using our restricted mediawiki-multiversion image, I stumbled upon the following problem:

$ curl -H 'Host: en.wikipedia.org' https://staging.svc.eqiad.wmnet:4444/wiki/Main_Page
<br />
<b>Warning</b>:  rename(/tmp/conf2-enwiki.jsonxmqiV2,/tmp/mw-cache-1.37.0-wmf.4/conf2-enwiki.json): Permission denied in <b>/srv/mediawiki/multiversion/MWConfigCacheGenerator.php</b> on line <b>327</b><br />
<br />

This is due to the fact that the cache directories are owner by user "somebody" and not by user "www-data" (uid 33):

oblivian@kubestage1001:~$ sudo docker exec --user root -ti 93754a6c677c /bin/bash
root@mediawiki-pinkunicorn-6d86dcd4fc-tptrg:/srv/mediawiki# cd /tmp/
root@mediawiki-pinkunicorn-6d86dcd4fc-tptrg:/tmp# ls -lart
total 0
drwxr-xr-x  2 somebody somebody  31 May 14 19:55 mw-cache-1.37.0-wmf.4
drwxr-xr-x  2 somebody somebody  36 May 14 19:57 mw-cache-1.37.0-wmf.5
drwxr-xr-x 21 root     root     269 Jun  8 16:03 ..
drwxrwxrwt  4 root     root      64 Jun  8 16:05 .

Details

SubjectRepoBranchLines +/-
Clean up cruft in /tmp/mw-cache-* before publishingoperations/mediawiki-configmaster+3 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

Joe created this task.Jun 8 2021, 4:11 PM

I suspect we just need to remove the directories, as they only contain a cached configuration for aawiki which I guess gets generated while generating the l10n cache.

So I guess we can just run rm -rf /tmp/mw-cache in the last step of the build.

gerritbot added a comment.Jun 8 2021, 5:21 PM

Change 698828 had a related patch set uploaded (by Ahmon Dancy; author: Ahmon Dancy):

[operations/mediawiki-config@master] Clean up cruft in /tmp/mw-cache-* before publishing

https://gerrit.wikimedia.org/r/698828

gerritbot added a project: Patch-For-Review.Jun 8 2021, 5:21 PM
gerritbot added a comment.Jun 8 2021, 6:22 PM

Change 698828 merged by jenkins-bot:

[operations/mediawiki-config@master] Clean up cruft in /tmp/mw-cache-* before publishing

https://gerrit.wikimedia.org/r/698828

dancy closed this task as Resolved.Jun 8 2021, 6:24 PM
dancy claimed this task.
dancy subscribed.

@Joe This should be fixed now.

You can use this image for verification. It contains 1.37.0-wmf.7 and .9.

docker-registry.discovery.wmnet/restricted/mediawiki-multiversion@sha256:cce68133a02cfdf2608aeb117131d746bec76f7fa59575682bfa40af2f76b963

Maintenance_bot removed a project: Patch-For-Review.Jun 8 2021, 7:10 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL