Hi,
I've suddenly discovered a problem with my cfengine reinstalled worker
nodes which fail all grid (but not ordinary) jobs which land on them.
I've eventually tracked the problem down to permissions being
incorrectly set (0700, owned by root:root) on several directories and
file, most notably /opt/globus and /opt/glite/etc.
I've eventually tracked this down to running yaim out of cfengine, and
those of you who know cfengine will now be thinking "Ah he's forgotten
to set the umask!" but no it's there.
So the cfengine shellcommands stanza is:
worker.runyaim.!streamline_2008_wn::
# Only define startmom if this looks ok, otherwise withdraw from
the batch system
"/opt/glite/yaim/bin/yaim -c -s
/opt/glite/yaim/etc/site-info.def -n glite-WN -n TORQUE_client"
umask=022 define=startmom elsedefine=stopmom
"/opt/edg/sbin/edg-pbs-knownhosts" umask=022
"/usr/bin/test -e /var/cfengine/control/runyaim && rm
/var/cfengine/control/runyaim" umask=022
So can anyone explain to me why yaim seem to be getting run without the
umask being set correctly?
I haven't confirmed fully but I also suspect that it only happens when
cfagent is run from cfexecd not if I run it interactively.
Any ideas for any of the cfengine experts out there?
Thanks,
Chris.
|