kea-admin lease-dump file permisions
Command kea-admin lease-dump
exports database as memfile file with permissions of user running the command.
If Kea is running from packages on Ubuntu it expects /var/lib/kea/kea-leases4.csv
(or v6) file to be owned by _kea
user/group.
In this case, we can not directly copy exported file without changing its permissions, or Kea will not be able to read the file and start.
The problem was discovered during forge tests. The test Starts Kea with database and exports database to the memfile location. Then it restarts Kea using the exported file.
Test failed on Ubuntu using deb packages.
Possible solutions:
- We can modify the forge test to account for different permissions and modify help text of
lease-dump
command to warn user about possible permission clash. - We can modify
lease-dump
script to detect what permissions the file should have, and apply them during export. This will solve import and export on the same system, but the problem will still exist if migrating to other systems with a different way of installing Kea.