Page MenuHomePhabricator
Create Task
Maniphest T166013

deployment-imagescaler01 has no mwdeploy user
Closed, ResolvedPublic
Actions

Description

Running puppet on deployment-imagescaler01

Error: Could not set home on user[mwdeploy]: Execution of '/usr/sbin/usermod -d /var/lib/scap mwdeploy' returned 6: usermod: user 'mwdeploy' does not exist in /etc/passwd
Error: /Stage[main]/3d2png::Deploy/Scap::Target[3d2png/deploy]/User[mwdeploy]/home: change from /home/mwdeploy to /var/lib/scap failed: Could not set home on user[mwdeploy]: Execution of '/usr/sbin/usermod -d /var/lib/scap mwdeploy' returned 6: usermod: user 'mwdeploy' does not exist in /etc/passwd
Notice: /Package[3d2png/deploy]: Dependency User[mwdeploy] has failures: true
Warning: /Package[3d2png/deploy]: Skipping because of failed dependencies
Notice: /Stage[main]/3d2png::Deploy/Scap::Target[3d2png/deploy]/Exec[chown /srv/deployment/3d2png for mwdeploy]: Dependency User[mwdeploy] has failures: true
Warning: /Stage[main]/3d2png::Deploy/Scap::Target[3d2png/deploy]/Exec[chown /srv/deployment/3d2png for mwdeploy]: Skipping because of failed dependencies
Notice: Finished catalog run in 32.38 seconds

Details

ProjectBranchLines +/-Subject
operations/puppetproduction+3 -1Change $deploy_user home directory to /var/lib/${deploy_user}
Customize query in gerrit

Related Objects

Event Timeline

Reedy created this task.May 21 2017, 3:16 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 21 2017, 3:16 PM
Reedy added a project: Release-Engineering-Team.May 21 2017, 3:16 PM
Reedy updated the task description. (Show Details)
Reedy added a comment.May 21 2017, 3:26 PM

Missing mediawiki::user in some way?

hashar added a subscriber: hashar.May 22 2017, 10:28 AM

The mwdeploy user requires (or required at some point) to have the same UID on all the deployment target. To achieve that, we went to add the user in LDAP:

dn: uid=mwdeploy,ou=people,dc=wikimedia,dc=org
	uid: mwdeploy
	objectClass: person
	objectClass: inetorgperson
	objectClass: organizationalPerson
	objectClass: ldappublickey
	objectClass: shadowaccount
	objectClass: posixaccount
	objectClass: top
	loginShell: /bin/bash
	uidNumber: 603
	gidNumber: 603
	sn: mwdeploy
	homeDirectory: /home/mwdeploy
	cn: mwdeploy

The puppet resource User[mwdeploy] defines the home directory as /var/lib/scap, since that mismatch what is in LDAP puppet tries to user mod it to fix it and fail.

The root cause would be whatever change changed the homedir in puppet, and a fix would probably be to update mwdeploy home dir in LDAP ?

hashar added subscribers: Gilles, MarkTraceur, matthiasmullie.Jun 26 2017, 1:11 PM

Apparently that comes from the cherry picked patch: Add 3d2png deploy repo to image scalers https://gerrit.wikimedia.org/r/#/c/345377/

Maybe due to scap::target and $manage_user.

mmodell added a subscriber: mmodell.Jul 18 2017, 2:39 AM

@hashar: Nothing wrong with the patch in gerrit, as far as I can see. I don't know where puppet is trying to change the homedir but I will try to track that down. I also don't know how to edit the user in ldap but that might be the right thing to do.

mmodell added a comment.Jul 18 2017, 2:50 AM

So the user's home directory is set in scap::target. So we either fix it in ldap or remove that line from scap::target (I think the former as scap::target is correct for production)

gerritbot added a subscriber: gerritbot.Jul 18 2017, 3:19 AM

Change 365891 had a related patch set uploaded (by 20after4; owner: 20after4):
[operations/puppet@production] Change $deploy_user home directory to /var/lib/${deploy_user}

https://gerrit.wikimedia.org/r/365891

mmodell added a comment.Jul 18 2017, 3:27 AM

cherry picked https://gerrit.wikimedia.org/r/#/c/365891/ on beta puppetmaster. This works around the problem and may actually be the more correct solution.

mmodell triaged this task as Medium priority.Jul 18 2017, 3:27 AM
mmodell closed this task as Resolved.Jul 25 2017, 12:09 AM

I'm marking this as resolved since the problem only affects beta and the patch is cherry-picked. Ideally the patch gets merged in operations/puppet.

Dzahn reopened this task as Open.Jul 26 2017, 3:55 PM
Dzahn closed this task as Resolved.Jul 26 2017, 3:58 PM
gerritbot added a comment.Sep 14 2017, 11:43 PM

Change 365891 merged by Dzahn:
[operations/puppet@production] Change $deploy_user home directory to /var/lib/${deploy_user}

https://gerrit.wikimedia.org/r/365891

Content licensed under Creative Commons Attribution-ShareAlike 3.0 (CC-BY-SA) unless otherwise noted; code licensed under GNU General Public License (GPL) or other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL