=== zz_natorious is now known as natorious
=== natorious is now known as zz_natorious
=== zz_natorious is now known as natorious
=== natorious is now known as zz_natorious
=== gamename is now known as gamename[away]
=== gamename[away] is now known as gamename
[10:06] <Seth_Karlo> Hey all, I'm having an odd issue. Does Cloud-Init usually run as the root user or a sub-user?
[10:07] <Seth_Karlo> I'm strace-ing a run and I see it downloading the chef omnibus installer into /tmp/ with permissions 0700, but then getting a permission denied on the script a second later and failing
[10:20] <Odd_Bloke> Seth_Karlo: Hmm, that is strange; does the file end up with the expected permissions?
[10:20] <Seth_Karlo> File is deleted before I can take a look at it
[10:22] <Seth_Karlo> This is what I see: [pid 11304] execve("/tmp/tmpfpIQua/chef-omnibus-install", ["/tmp/tmpfpIQua/chef-omnibus-install"], [/* 21 vars */]) = -1 EACCES (Permission denied)
[10:32] <Odd_Bloke> Seth_Karlo: What version of cloud-init are you using (and on what distro)?
[10:32] <Seth_Karlo> cloud-init 0.7.5 on CentOS 7.103
[10:35] <Odd_Bloke> Seth_Karlo: So the code that is running is in cloudinit/config/cc_chef.py; if you add a sleep at around line 114 wherever that file is installed, then you'll have some time to check the file looks sensible.
[10:36] <Seth_Karlo> Odd_Bloke: Understood, testing now
[10:36] <Odd_Bloke> Seth_Karlo: "import time; time.sleep(N)", if you aren't a Python person. :)
[10:38] <Seth_Karlo> Odd_Bloke: Perfect, thanks!
[10:43] <Seth_Karlo> Odd_Bloke: Is N in seconds or ms?
[10:43] <Odd_Bloke> Seth_Karlo: Seconds.
[10:44] <Seth_Karlo> Odd_Bloke: Seemed to completely ignore it at line 114 in /usr/lib/python2.7/site-packages/cloudinit/config/cc_chef.py
[10:45] <Odd_Bloke> Seth_Karlo: Can you pastebin your modified bit of the file?
[10:45] <Seth_Karlo> Odd_Bloke: https://gist.github.com/Seth-Karlo/96e129c004e63d5cc331
[10:47] <Odd_Bloke> Seth_Karlo: Ah, put it a line up.
[10:47] <Odd_Bloke> Seth_Karlo: util.subp is what's running the file.
[10:47] <Seth_Karlo> Odd_Bloke: In between the util. ones?
[10:48] <Odd_Bloke> Seth_Karlo: Yep.
[10:48] <Seth_Karlo> Done, testing now :)
[10:49] <Seth_Karlo> Odd_Bloke: Aaaaaah, I see the issue!
[10:49] <Seth_Karlo> Odd_Bloke: My /tmp is mounted noexec!
[10:51] <Seth_Karlo> Odd_Bloke: Now working, thank you very very much for your help. Kudos and my gratitude
[10:52] <Odd_Bloke> Seth_Karlo: I'm always happy to help when it turns out there isn't a bug for me to fix. ;)
[10:52] <Seth_Karlo> Odd_Bloke: Haha, I'll let you know if I find more! :P
[10:52] <Odd_Bloke> :D
[11:51] <openstackgerrit> Claudiu Popa proposed stackforge/cloud-init: Add a draft spec for the parallel discovery of data sources  https://review.openstack.org/220095
[11:54] <openstackgerrit> Claudiu Popa proposed stackforge/cloud-init: Add a draft spec for the parallel discovery of data sources  https://review.openstack.org/220095
=== alexpilotti_ is now known as alexpilotti
[14:34] <Odd_Bloke> claudiupopa: I think you might have done an incomplete naming change in the "FacadaParallelSearch" example in that spec.
[14:34] <Odd_Bloke> claudiupopa: (Also Facada is a typo :p)
[14:34] <claudiupopa> Oh, yep. :p
[14:44] <smoser> claudiupopa, are you going to tokyo ?
[14:44] <smoser> for openstack su mmit ?
[14:44] <claudiupopa> Nope.
[14:46] <smoser> Odd_Bloke, didnt you do something wrt testing bin/cloud-init in 0.7 ?
=== zz_natorious is now known as natorious
[14:47] <Odd_Bloke> smoser: I did, yeah. Why do you ask?
[14:48] <smoser> where is it ?
[14:49] <Odd_Bloke> smoser: http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/tests/unittests/test_cli.py
[14:49] <smoser> thanks
[14:49] <Odd_Bloke> :)
[15:08] <smoser> Odd_Bloke, do you happen to know...
[15:09] <smoser> http://paste.ubuntu.com/12263593/
[15:10] <smoser> probably easier to read
[15:10] <smoser>  http://paste.ubuntu.com/12263608/
[15:13] <Odd_Bloke> smoser: In a meeting right now, will look in a bit. :)
=== alexpilotti_ is now known as alexpilotti
[15:27] <j^2> hey smoser i sent you a response :D
[15:27] <smoser> j^2, thnks
[15:27] <j^2> we can sync later today?
[15:27] <smoser> sure. ping me here is fine
[15:27] <j^2> perfect
[15:28] <smoser> where'd you send rsponse ?
[15:32] <Odd_Bloke> smoser: Given that those are all in the HTTP request, I would assume that they can all be logged.
[15:32] <Odd_Bloke> Because the NSA has them anyway. :p
[15:32] <Odd_Bloke> But I don't know that for sure.
[15:32] <smoser> thats what i thought too, Odd_Bloke
[15:33] <smoser> they're its supposed to work over http/ untrusted.
[15:33] <smoser> so you'd think it'd bad if there was secrets there
[15:34] <Odd_Bloke> Yeah.
[16:06] <smoser> j^2, stuff for cloud-init 0.7.X is still on launchpad
[16:06] <smoser> so your review was at the correct place
[16:15] <j^2> ah, which is the one that shipped “in general” now-a-days?
[16:16] <Odd_Bloke> j^2: 0.7.x is still shipped in general, 2.0 is still in early development.
[16:16] <j^2> Odd_Bloke: ah cool, then i’ll keep with 0.7.0 then
[16:17] <j^2> thanks
[17:38] <harlowja> smoser whatever happened to enabling the launchpad + git stuff
[17:38] <harlowja> is that possible still?
[17:39] <smoser> harlowja, yes. still possible.
[17:39] <harlowja> +2 :)
[17:39] <harlowja> can u press a button somewhere to make that happen ;)
[17:40] <harlowja> ye-olde button
[17:43] <smoser> the button i'd rather push is 'make harlowja work enough on cloud-init 2.0 that he stops caring about 0.7'
[17:43] <smoser> do you have one of those buttons?
[17:43] <harlowja> smoser ya, mainly this is for the y! CI system, that still pulls from 0.7, but really only knows how to interface with git :-P
[17:53] <harlowja> it doesn't quite know bzr, and nobody seems willing to add bzr support :-P
[20:01] <harlowja> claudiupopa in regard to https://review.openstack.org/#/c/220095/ let me know if u have any questions on how this got pulled off in taskflow (the parallel running based on dependencies ...)
[20:01] <harlowja> because its awfully similar i think, ha
[20:05] <claudiupopa> So they're similar?
[20:05]  * harlowja makes an example, but yes
[20:05] <claudiupopa> Looking right now in the link.
[20:06] <harlowja> k
[20:09] <harlowja> claudiupopa http://paste.openstack.org/show/444643/
[20:09] <harlowja> output from running that
[20:10] <harlowja> http://paste.openstack.org/show/444646/
[20:10] <harlowja> soooo it does something like u want i think, ha
[20:10] <harlowja> and it can run in parallel as well :-P
[20:10] <harlowja> u can run that by just cloning https://github.com/openstack/taskflow and making a venv and installing its requirements, then running it locally...
[20:11] <claudiupopa> Nicee, why don't we use it for cloud-init v2 then?
[20:11] <harlowja> could be done :-P
[20:11] <harlowja> i am top maintainer/creator of that lib, so maybe we could, ha
[20:11] <harlowja> but depends on others thoughts, ha
[20:12] <harlowja> bb
[20:12] <claudiupopa> The capabilities are represented by default_provides?
[20:54] <harlowja> claudiupopa correct, or they could be
[20:55] <harlowja> just something to think about, taskflow might be to big of a dependency, idk
[22:04] <Odd_Bloke> smoser: So my HTTP friend tells me that in theory we should be able to store all the OAuth info in the log, but that assumes a good OAuth server implementation.
[22:04] <Odd_Bloke> smoser: So we're probably better off not logging it.
=== natorious is now known as zz_natorious
=== zz_natorious is now known as natorious