• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    User defaults to root on image capture

    Scheduled Pinned Locked Moved
    FOG Problems
    3
    5
    685
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 2
      27john33
      last edited by

      Hi, I am running into an issue when capturing an image.

      After an image capture, user:group permissions are set to root:root. I change them to the correct permissions and then they are set correctly until I upload the image again.

      How do I default to set the correct permissions?

      1 Reply Last reply Reply Quote 0
      • S
        Sebastian Roth Moderator
        last edited by

        @27john33 Why is it a problem the files are owned by root?

        Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

        Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

        2 1 Reply Last reply Reply Quote 0
        • 2
          27john33 @Sebastian Roth
          last edited by

          @sebastian-roth The fog server is using another user to deploy(In my case, fogproject). The image cannot be deployed unless the permissions are set to fogproject:root. Which I have to manually change from root:root every time I upload an image.

          george1421G 1 Reply Last reply Reply Quote 0
          • george1421G
            george1421 Moderator @27john33
            last edited by

            @27john33 If you look at the work I did on adding NFSv4 to FOG you will see how I handle it here by squashing all and then setting a gid and uid for all files created across this connection: (hint don’t blindly copy these exports commands because you will break nfsv3 with them.

            /opt/fog/data/ *(fsid=0,no_subtree_check,insecure)
            
            /opt/fog/data/capture *(rw,sync,nohide,no_subtree_check,all_squash,insecure,insecure_locks,no_wdelay,anonuid=1001,anongid=1001)
            
            /opt/fog/data/images *(ro,sync,nohide,no_subtree_check,all_squash,insecure,anonuid=1001,anongid=1001)
            

            so in your /etc/exports file you will need to add these options to the /images/dev line.
            (ro,sync,nohide,no_subtree_check,all_squash,insecure,anonuid=1001,anongid=1001)

            set the uid and gid to match the fogproject user on your system.

            BUT I can say that I have never had to mess with setting file permissions on my fog servers. It just works out of the box. I set them for NFSv4 to increase the security stance of FOG.

            The root of the issue is that when FOS Linux (which runs on the target computer) clones an image it runs as root (to have full control of the target computer during imaging), that is why they are being created on the FOG server as the root user.

            Please help us build the FOG community with everyone involved. It's not just about coding - way more we need people to test things, update documentation and most importantly work on uniting the community of people enjoying and working on FOG!

            1 Reply Last reply Reply Quote 0
            • S
              Sebastian Roth Moderator
              last edited by

              @george1421 said in User defaults to root on image capture:

              The root of the issue is that when FOS Linux (which runs on the target computer) clones an image it runs as root (to have full control of the target computer during imaging), that is why they are being created on the FOG server as the root user.

              That’s correct, though not the whole truth. FTP is used within the FOG server internally to move the fully captured image files from /images/dev/… to it’s final destination /images/IMAGENAME/. It’s been a long time since I looked at that part last time but I think it was actually meant to do a chown operation alongside those FTP move and rename operation. But I can’t remember why this wasn’t actually working from the top of my head. It’s probably still the case because it works in pretty much all cases since then.

              I guess it can be changed to chown fogproject user If you can explain why it causes issues on deploy in your case. What’s special about your setup? Modifications?

              Web GUI issue? Please check apache error (debian/ubuntu: /var/log/apache2/error.log, centos/fedora/rhel: /var/log/httpd/error_log) and php-fpm log (/var/log/php*-fpm.log)

              Please support FOG if you like it: https://wiki.fogproject.org/wiki/index.php/Support_FOG

              1 Reply Last reply Reply Quote 0
              • 1 / 1
              • First post
                Last post

              138

              Online

              12.1k

              Users

              17.3k

              Topics

              155.3k

              Posts
              Copyright © 2012-2024 FOG Project