Ticket 1986 - munge wouldn't start if /var/log is group writable
Summary: munge wouldn't start if /var/log is group writable
Status: RESOLVED INFOGIVEN
Alias: None
Product: Slurm
Classification: Unclassified
Component: Other (show other tickets)
Version: 14.03.9
Hardware: Linux Linux
: 6 - No support contract
Assignee: Jacob Jenson
QA Contact:
URL:
Depends on:
Blocks:
 
Reported: 2015-09-28 22:27 MDT by Dr. Christoph Pospiech
Modified: 2015-09-30 00:02 MDT (History)
2 users (show)

See Also:
Site: PIK
Slinky Site: ---
Alineos Sites: ---
Atos/Eviden Sites: ---
Confidential Site: ---
Coreweave sites: ---
Cray Sites: ---
DS9 clusters: ---
Google sites: ---
HPCnow Sites: ---
HPE Sites: ---
IBM Sites: ---
NOAA SIte: ---
NoveTech Sites: ---
Nvidia HWinf-CS Sites: ---
OCF Sites: ---
Recursion Pharma Sites: ---
SFW Sites: ---
SNIC sites: ---
Tzag Elita Sites: ---
Linux Distro: ---
Machine Name:
CLE Version:
Version Fixed:
Target Release: ---
DevPrio: ---
Emory-Cloud Sites: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this ticket.
Description Dr. Christoph Pospiech 2015-09-28 22:27:58 MDT 
root@helios:~# /etc/init.d/munge stop
[ ok ] Stopping munge (via systemctl): munge.service.
root@helios:~# chmod g+w /var/log
root@helios:~# /etc/init.d/munge start
[....] Starting munge (via systemctl): munge.serviceJob for munge.service failed. See "systemctl status munge.service" and "journalctl -xe" for details.
 failed!
root@helios:~# journalctl -xe
[...]
Sep 29 12:21:56 helios systemd[1]: Starting MUNGE authentication service...
-- Subject: Unit munge.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- Unit munge.service has begun starting up.
Sep 29 12:21:56 helios munged[14200]: munged: Error: Logfile is insecure: group-writable permissions set on "/var/log"
Sep 29 12:21:56 helios systemd[1]: munge.service: control process exited, code=exited status=1
Sep 29 12:21:56 helios systemd[1]: Failed to start MUNGE authentication service.
[...]
root@helios:~# ls -dl /var/log
drwxrwxr-x 20 root syslog 4096 Sep 29 09:34 /var/log

The OS will restore write permission for group syslog by its own - which conflicts munged prerequisites.
Comment 1 David Bigagli 2015-09-28 23:28:38 MDT 
Logged by PIK while I am here. It is a minore issue which should be addressed 
by munge developer.

David
Comment 2 Moe Jette 2015-09-29 02:52:12 MDT 
There is already an open ticket about this on the munge site:
https://github.com/dun/munge/issues/31
Comment 3 Moe Jette 2015-09-29 10:54:31 MDT 
I'm going to close this since it's in the hands of Munge developers now.
Comment 4 Dr. Christoph Pospiech 2015-09-30 00:02:22 MDT 
I can confirm that the recipe provided on https://github.com/dun/munge/issues/31 in deed solves the problem. So this ticket can be closed.