Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
stork
stork
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 154
    • Issues 154
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 2
    • Merge Requests 2
  • Operations
    • Operations
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Commits
  • Issue Boards
  • ISC Open Source Projects
  • storkstork
  • Issues
  • #274

Closed
Open
Opened May 12, 2020 by Michal Nowikowski@godfrydDeveloper

stork-agent should be able to determine CWD of kea or named processes

@garbled1 reported in #243 (closed):

I keep getting this in my logs:
May 11 05:55:10 pollux stork-agent[29532]: #33 (closed)[33mWARN#033[0m[2020-05-11 05:55:10]          monitor.go:159   cannot get process current working directory: readlink /proc/22855/cwd: permission denied

lrwxrwxrwx 1 bind bind 0 Apr 18 13:32 /proc/22855/cwd -> /var/cache/bind
drwxr-xr-x 9 root root 4096 Oct 12  2019 /var/cache
drwxrwxr-x 2 root bind 4096 May 11 03:19 /var/cache/bind
That is probably apparmor related?

This can be solved by adding:

AmbientCapabilities=CAP_SYS_PTRACE

to service file.

CAP_SYS_PTRACE gives permission to read /proc/<pid>/cwd

Edited May 12, 2020 by Michal Nowikowski
Assignee
Assign to
0.8
Milestone
0.8 (Past due)
Assign milestone
Time tracking
None
Due date
None
Reference: isc-projects/stork#274