Symlinks disabled out of rootfs, .boto symlink is broken |
|||
Issue descriptionMoblab's apache user can no longer read its symlink to the .boto file. It fails to fetch any builds from the buckets, and silently fails the boto config check. This is due to security changes in for symlinks in ChromeOS. gsutil accepts a BOTO_CONFIG environment variable, we should use this and get rid of the .boto symlink.
,
Apr 18 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromiumos/overlays/board-overlays/+/9a8372d34574b2a731c83c66767bcced55c8ca6e commit 9a8372d34574b2a731c83c66767bcced55c8ca6e Author: Matt Mallett <mattmallett@chromium.org> Date: Wed Apr 18 17:32:24 2018 [moblab] Use env instead of symlink for apache .boto file We are now unable to symlink to /home/moblab due to recent security changes. gsutil looks for a BOTO_CONFIG environment variable when executing. Use that to point to /home/moblab/.boto, removing the need for the symlink. BUG= chromium:833960 TEST=build and test on local device Change-Id: I3b89a20b443bd96ef29f7a48e600cfaabcd35b4c Reviewed-on: https://chromium-review.googlesource.com/1015740 Commit-Ready: Matt Mallett <mattmallett@chromium.org> Tested-by: Matt Mallett <mattmallett@chromium.org> Reviewed-by: Keith Haddow <haddowk@chromium.org> (cherry picked from commit b90b2c78da9a0ff4187c88062cb30315e8b5383e) Reviewed-on: https://chromium-review.googlesource.com/1017280 Commit-Queue: Keith Haddow <haddowk@chromium.org> Tested-by: Keith Haddow <haddowk@chromium.org> Trybot-Ready: Keith Haddow <haddowk@chromium.org> [modify] https://crrev.com/9a8372d34574b2a731c83c66767bcced55c8ca6e/project-moblab/chromeos-base/chromeos-bsp-moblab/files/init/moblab-apache-init.conf
,
Apr 18 2018
|
|||
►
Sign in to add a comment |
|||
Comment 1 by bugdroid1@chromium.org
, Apr 18 2018