From 91521561ca1b9c7a74c520b4b43d2a63caeced84 Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Wed, 4 Sep 2024 13:33:47 +0200 Subject: [PATCH] manifest: remove explicit ownership from insights files When creating the service drop-in file and directory for running the insights client on boot, don't specify ownership. This is for the same reasons as for the other files we create in the subscription pipeline: there is no `chown` binary in the subscription pipeline tree, which would be required to explicitly set the file's ownership. Update tests to match. --- pkg/manifest/subscription.go | 9 +++++++-- pkg/manifest/subscription_test.go | 4 ++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/pkg/manifest/subscription.go b/pkg/manifest/subscription.go index ddd7ada53e..1d37858b0a 100644 --- a/pkg/manifest/subscription.go +++ b/pkg/manifest/subscription.go @@ -195,11 +195,16 @@ func runInsightsClientOnBoot() (*fsnode.Directory, *fsnode.File, error) { // all the options we need. This is a temporary workaround // until we get the stage updated to support everything we need. icDropinFilepath, icDropinContents := insightsClientDropin() - icDropinDirectory, err := fsnode.NewDirectory(filepath.Dir(icDropinFilepath), nil, "root", "root", true) + + // NOTE: Ownership is left as nil:nil, which implicitly creates files as + // root:root. Adding an explicit owner requires chroot to run the + // org.osbuild.chown stage, which we can't run in the subscription pipeline + // since it has no packages. + icDropinDirectory, err := fsnode.NewDirectory(filepath.Dir(icDropinFilepath), nil, nil, nil, true) if err != nil { return nil, nil, err } - icDropinFile, err := fsnode.NewFile(icDropinFilepath, nil, "root", "root", []byte(icDropinContents)) + icDropinFile, err := fsnode.NewFile(icDropinFilepath, nil, nil, nil, []byte(icDropinContents)) if err != nil { return nil, nil, err } diff --git a/pkg/manifest/subscription_test.go b/pkg/manifest/subscription_test.go index 4e8f97e75a..a8d3a9375d 100644 --- a/pkg/manifest/subscription_test.go +++ b/pkg/manifest/subscription_test.go @@ -407,7 +407,7 @@ Requisite=greenboot-healthcheck.service After=network-online.target greenboot-healthcheck.service osbuild-first-boot.service [Install] WantedBy=multi-user.target` - icDropinFile, err := fsnode.NewFile("/etc/systemd/system/insights-client.service.d/override.conf", nil, "root", "root", []byte(dropinContents)) + icDropinFile, err := fsnode.NewFile("/etc/systemd/system/insights-client.service.d/override.conf", nil, nil, nil, []byte(dropinContents)) if err != nil { panic(err) } @@ -416,7 +416,7 @@ WantedBy=multi-user.target` func mkInsightsDropinDir() *fsnode.Directory { - icDropinDirectory, err := fsnode.NewDirectory("/etc/systemd/system/insights-client.service.d", nil, "root", "root", true) + icDropinDirectory, err := fsnode.NewDirectory("/etc/systemd/system/insights-client.service.d", nil, nil, nil, true) if err != nil { panic(err) }