Project

General

Profile

Actions

Bug #12303

closed

Time settings directive configuration not accessible to non-root users

Added by Rob Pomeroy over 6 years ago. Updated over 6 years ago.

Status:
Released
Priority:
N/A
Category:
Techniques
Target version:
Severity:
Minor - inconvenience | misleading | easy workaround
UX impact:
User visibility:
Getting started - demo | first install | level 1 Techniques
Effort required:
Very Small
Priority:
79
Name check:
Fix check:
Regression:

Description

Consistently on several Ubuntu 16.04 servers, the "Time settings version 3.2" directive sets the timezone correctly for the root user, but not for other users.

Here's an example of a server, which Rudder claims is fully compliant:

rob.pomeroy@webdbb2:~$ date
Wed Mar 28 16:15:14 UTC 2018
rob.pomeroy@webdbb2:~$ sudo date
Wed Mar 28 17:15:20 BST 2018
rob.pomeroy@webdbb2:~$ cat /etc/timezone
Europe/London

This server is configured to timezone Europe/London, which is currently on daylight saving time (British Summer Time).

Running dpkg-reconfigure -f noninteractive tzdata fixes the problem for all users. So clearly, it does something that the Rudder directive misses. The other command that's popular on Ubuntu, "timedatectl set-timezone Europe/London" , does not fix the problem.

Note: we're not setting TZ in profiles or bashrcs, or anything like that.

Actions #1

Updated by Rob Pomeroy over 6 years ago

Forgot to say: this is seen on Rudder server version 4.1.9, Rudder agent 4.1.10-xenial0 (CFEngine Core 3.10.3).

Actions #2

Updated by François ARMAND over 6 years ago

  • Subject changed from Time settings directive not global with Ubuntu 16 to Time settings directive configuration not accessible to non-root users
  • Severity set to Minor - inconvenience | misleading | easy workaround
  • User visibility set to Getting started - demo | first install | level 1 Techniques
  • Effort required set to Very Small
  • Priority changed from 0 to 79

On the mailing list, it was proposed that it may be due to bad rights on file: "sounds like the file is not readable for non root users? Maybe the umask and copy file promise makes the resulting file 600?"

If it is the problème, it should be very easy to correct that.

Actions #3

Updated by François ARMAND over 6 years ago

  • Category set to Techniques
  • Assignee set to Félix DALLIDET
  • Target version set to 4.1.11
Actions #4

Updated by Félix DALLIDET over 6 years ago

  • Category deleted (Techniques)
  • Assignee deleted (Félix DALLIDET)
  • Target version deleted (4.1.11)

I was not able to reproduce the problem. I tried with same agent/server version on a fresh ubuntu 16.04.
The technique does not change/enforce the rights on the timezone file, maybe another program changed it?

The problem seems to come from the /etc/localtime setup which does a hard copy and not a symlink.

Actions #5

Updated by Félix DALLIDET over 6 years ago

  • Category set to Techniques
  • Assignee set to Félix DALLIDET
  • Target version set to 4.1.11
Actions #6

Updated by Félix DALLIDET over 6 years ago

  • Status changed from New to In progress
Actions #7

Updated by Félix DALLIDET over 6 years ago

  • Status changed from In progress to Pending technical review
  • Assignee changed from Félix DALLIDET to Benoît PECCATTE
  • Pull Request set to https://github.com/Normation/rudder-techniques/pull/1276
Actions #8

Updated by Félix DALLIDET over 6 years ago

  • Status changed from Pending technical review to Pending release
Actions #9

Updated by Alexis Mousset over 6 years ago

  • Status changed from Pending release to Released

This bug has been fixed in Rudder 4.1.11, 4.2.5 and 4.3.0~rc3 which were released today.

Actions

Also available in: Atom PDF