Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bitnami/elasticsearch] do not fail if asked to chown read-only files #77526

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[bitnami/elasticsearch] do not fail if asked to chown read-only files #77526

wants to merge 1 commit into from

Conversation

ianroberts
Copy link

@ianroberts ianroberts commented Feb 17, 2025
edited
Loading

Description of the change

Add -f and || : to chown commands that operate recursively on folders that are expected to be mounted into the container from volumes or bind mounts, so that the chown does not cause a fatal error if any of the target directories or their children are mounted read-only.

Benefits

Currently when running as root the elasticsearch container will fail to start if any folder under /opt/bitnami/elasticsearch/config is mounted from a read-only filesystem. In particular this happens in the corresponding bitnami Helm chart, where the TLS certificates for Elasticsearch are mounted in from a Kubernetes secret. This change means that such cases are no longer fatal errors - the files in the read-only filesystems will not of course have their ownership changed, but there's not really anything better we can do if the filesystem is read-only.

Possible drawbacks

If a mounted filesystem should have been read-write but was mounted read-only by mistake, this change will make that a silent no-op rather than a fatal error.

Applicable issues

Additional information

This fix should probably be applied before bitnami/charts#31960 is merged.

@github-actions github-actions bot added elasticsearch triage Triage is needed labels Feb 17, 2025
@github-actions github-actions bot requested a review from javsalgar February 17, 2025 13:37
@ianroberts
[bitnami/elasticsearch] do not fail if asked to chown read-only files
35f8413 
Added -f to chmod commands so they do not fail if any of the target folders or their subdirectories are mounted from a read-only filesystem

Signed-off-by: Ian Roberts <[email protected]>
@ianroberts ianroberts mentioned this pull request Feb 17, 2025
Open
4 tasks
@carrodher carrodher added verify Execute verification workflow for these changes in-progress labels Feb 18, 2025
@github-actions github-actions bot removed the triage Triage is needed label Feb 18, 2025
@github-actions github-actions bot removed the request for review from javsalgar February 18, 2025 08:56
@github-actions github-actions bot requested a review from migruiz4 February 18, 2025 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@migruiz4 migruiz4 Awaiting requested review from migruiz4

At least 1 approving review is required to merge this pull request.

Assignees

@migruiz4 migruiz4

Labels
elasticsearch in-progress verify Execute verification workflow for these changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[bitnami/elasticsearch] crash when running as root when TLS certificates are read-only
4 participants
@ianroberts @javsalgar @carrodher @migruiz4