Task #4771
closed
Run smartgears on the rstudio-server instances as unprivileged user
100%
Description
We need to:
- Give sudo privileges to the commands esecuted by the
Ruseradd.shscript
Related issues
Updated by Andrea Dell'Amico almost 9 years ago
We need to:
- Give sudo privileges to the commands esecuted by the
Ruseradd.shscript - Add firewall rules to isolate tomcat while still giving direct access from the isti network, for issue debugging
- Create a playbook that installs the r-connector
Updated by Andrea Dell'Amico almost 9 years ago
- Status changed from New to In Progress
Starting with rstudio-dev
Updated by Andrea Dell'Amico almost 9 years ago
- Related to Task #183: tomcat running as root user under port 80 added
Updated by Andrea Dell'Amico almost 9 years ago
- Status changed from In Progress to Feedback
- % Done changed from 0 to 100
It seems I got it working. I heavily modified the script that adds the users so that it uses sudo.
It also creates an empty userconfig.csv on the user's home with the correct permissions.
To replicate the configuration on the production server, a one time command will be needed to correct the permission of all the userconfig.csv files. Its group now needs to be gcube, with write access.
The configuration of the dev node lives on ansible inside d4science-ghn-cluster/group_vars/rstudio_dev while the r_connector stuff is in library/roles/smartgears/r_connector.
The rstudio-server installation and the ldap pam configuration aren't managed by the playbook right now.
Updated by Andrea Dell'Amico almost 9 years ago
I provisioned the production instance too, in the same way. I also changed the home directory permissions for the existing users.
Updated by Andrea Dell'Amico almost 9 years ago
- Status changed from Feedback to Closed
Working correctly in production too.
