/var/lib/rkt needs to belong to rkt group

Question

/var/lib/rkt needs to belong to rkt group

Opened this issue 8 years ago · 5 comments

Thanks for the awesome work, I'm using this to run a CoreOS instance under xhyve on OSX (I merged the sample cloud-init scripts here with the cloud-init script from coreos-osx).

I was playing with rkt and was getting tired of being required to add "sudo" in front of it each time...

I confirmed the rkt group existed:

getent group | cut -d: -f1 | grep rkt

I ensured core user was a member of rkt group (by adding again):

sudo gpasswd -a core rkt

I verified that rkt was in the list of groups current user belonged to:

id -Gn

Finally, I verified the permissions on the /var/lib/rkt path, and realized I had to change the group:

sudo chgrp -R rkt /var/lib/rkt/

At this point I was able to run rkt without the sudo command. I've submitted a pull request to the cloud-init file of coreos-osx to fix this.
TheNewNormal/coreos-osx#70

However, it may be better to refer to the official rkt distribution script

Answer 1 · 2016-06-07T15:47:42.000Z

seems this doesn't fix all the issues as rkt run still requires sudo rights, which then creates pods which the rkt group has no access to.. so my solution doesn't fully fix the issue.

Any tips?

Answer 2 · 2016-06-07T15:49:45.000Z

@so0k many thanks for reporting and even more thanks for your kind words! we'll look into this soonish.

Answer 3 · 2016-06-07T16:10:36.000Z

also, (and this should probably be under a separate issue)...

I was having difficulties using gpg on the CoreOS instance, entropy was very (not sure if this is related to xhyve?)

I had to docker run --privileged -d sequenceiq/haveged:1.1 and confirm:

cat /proc/sys/kernel/random/entropy_avail

Anybody else experiencing these issues?

Answer 4 · 2016-06-11T11:58:58.000Z

@so0k, 0.5.10 (just out) fixed the entropy thing. Thanks, once again & a great weekend!

Answer 5 · 2016-06-11T12:00:41.000Z

I noticed, awesome fix, will test soon -thanks

On Saturday, 11 June 2016, António Meireles notifications@github.com
wrote:

@so0k https://github.com/so0k, 0.5.10 (just out) fixed the entropy
thing. Thanks, once again & a great weekend!

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#74 (comment),
or mute the thread
https://github.com/notifications/unsubscribe/ABrlJzpg5R9OF30kNsU0oZKB-kROL1o2ks5qKqMCgaJpZM4IwDOL
.