A weird problem: sudo su www-data -c 'sudo chef-server -C /etc/chef/server.rb -c2 -p 4004" does not work


#1

Hi guys,

I’d like to use a cgi script to start the chef server, and I use a c script
to give the “root” permissions to the cgi script (you know this method which
can be easily found on the internet ). But it does not work…

And I tried the method: sudo su www-data -c 'sudo chef-server -C
/etc/chef/server.rb -c2 -p 4004" , which means create the chef server on
port 4004. And the output of the command is “~ In 4650” which means the
server is started at pid 4650, right?

But with no luck, the server is not started at all… why?

And then I tried to run the other command: sudo su dikang -c 'sudo
chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is my normal
user account. And this command worked well and the server on port 4004 is
started… What’s wrong with the www-data user?

I’m working on chef 0.8, apache2 and ubuntu 9.10.

Could anyone give me the help please?

Thanks
Dikang


#2

Is this a bug for chef 0.8 on ubuntu 9.10?

Because the same command works well on chef 0.7 with ubuntu 9.04…

Dikang

On Tue, Jan 26, 2010 at 2:28 PM, Dikang Gu dikang85@gmail.com wrote:

Hi guys,

I’d like to use a cgi script to start the chef server, and I use a c script
to give the “root” permissions to the cgi script (you know this method which
can be easily found on the internet ). But it does not work…

And I tried the method: sudo su www-data -c 'sudo chef-server -C
/etc/chef/server.rb -c2 -p 4004" , which means create the chef server on
port 4004. And the output of the command is “~ In 4650” which means the
server is started at pid 4650, right?

But with no luck, the server is not started at all… why?

And then I tried to run the other command: sudo su dikang -c 'sudo
chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is my normal
user account. And this command worked well and the server on port 4004 is
started… What’s wrong with the www-data user?

I’m working on chef 0.8, apache2 and ubuntu 9.10.

Could anyone give me the help please?

Thanks
Dikang


#3

Hi Dikang,

Two things,

  1. You don’t need to use two ports with .8, we don’t use openid… if you need more workers, use unicorn… it’s your friend and no special sauce required to use it (except it won’t work with the chef-server script… boo@merb)

What I personally did is create an upstart service to handle this, I attached my files, so ideally if you used this… first turn off chef-server or whatever sitting on port 4000…

put chef-start.sh in /usr/bin
put unicorn.rb in /usr/lib/ruby/gems/1.8/gems/chef-server-0.8.0/
put chef-server.conf in /etc/init

then type start chef-server

if you want to see what’s going on stdout/stderr this configuration drops those in /tmp/unicorn.stdout.log and /tmp/unicorn.stderr.log and sets the workers to 4… adjust as you see fit, but .8 is insanely responsive with 2 workers… 4-8 workers with monit/bluepill and I can’t see how you can fail.

  1. -c2 failing should be fixed by http://tickets.opscode.com/browse/CHEF-737 are you running a current master?

Scott

On Jan 25, 2010, at 10:39 PM, Dikang Gu wrote:

Is this a bug for chef 0.8 on ubuntu 9.10?

Because the same command works well on chef 0.7 with ubuntu 9.04…

Dikang

On Tue, Jan 26, 2010 at 2:28 PM, Dikang Gu dikang85@gmail.com wrote:
Hi guys,

I’d like to use a cgi script to start the chef server, and I use a c script to give the “root” permissions to the cgi script (you know this method which can be easily found on the internet ). But it does not work…

And I tried the method: sudo su www-data -c 'sudo chef-server -C /etc/chef/server.rb -c2 -p 4004" , which means create the chef server on port 4004. And the output of the command is “~ In 4650” which means the server is started at pid 4650, right?

But with no luck, the server is not started at all… why?

And then I tried to run the other command: sudo su dikang -c 'sudo chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is my normal user account. And this command worked well and the server on port 4004 is started… What’s wrong with the www-data user?

I’m working on chef 0.8, apache2 and ubuntu 9.10.

Could anyone give me the help please?

Thanks
Dikang

!DSPAM:4b5e8e38113671804284693!


#4

Hi Scott,

Thanks for your help.

The “sudo chef-server -c2 -p 4004” does work on my ubuntu 9.10, it confused
me that why the sudo su www-data -c “sudo chef-server -c2 -p 4004” does
not work… because I’d like to start the chef-server though cgi scripts
under apache2. What’s your idea about this?

Thanks
Dikang

On Tue, Jan 26, 2010 at 5:06 PM, Scott M. Likens scott@likens.us wrote:

Hi Dikang,

Two things,

  1. You don’t need to use two ports with .8, we don’t use openid… if you
    need more workers, use unicorn… it’s your friend and no special sauce
    required to use it (except it won’t work with the chef-server script…
    boo@merb)

What I personally did is create an upstart service to handle this, I
attached my files, so ideally if you used this… first turn off chef-server
or whatever sitting on port 4000…

put chef-start.sh in /usr/bin
put unicorn.rb in /usr/lib/ruby/gems/1.8/gems/chef-server-0.8.0/
put chef-server.conf in /etc/init

then type start chef-server

if you want to see what’s going on stdout/stderr this configuration drops
those in /tmp/unicorn.stdout.log and /tmp/unicorn.stderr.log and sets the
workers to 4… adjust as you see fit, but .8 is insanely responsive with 2
workers… 4-8 workers with monit/bluepill and I can’t see how you can fail.

  1. -c2 failing should be fixed by
    http://tickets.opscode.com/browse/CHEF-737 are you running a current
    master?

Scott

On Jan 25, 2010, at 10:39 PM, Dikang Gu wrote:

Is this a bug for chef 0.8 on ubuntu 9.10?

Because the same command works well on chef 0.7 with ubuntu 9.04…

Dikang

On Tue, Jan 26, 2010 at 2:28 PM, Dikang Gu dikang85@gmail.com wrote:

Hi guys,

I’d like to use a cgi script to start the chef server, and I use a c
script to give the “root” permissions to the cgi script (you know this
method which can be easily found on the internet ). But it does not work…

And I tried the method: sudo su www-data -c 'sudo chef-server -C
/etc/chef/server.rb -c2 -p 4004" , which means create the chef server on
port 4004. And the output of the command is “~ In 4650” which means the
server is started at pid 4650, right?

But with no luck, the server is not started at all… why?

And then I tried to run the other command: sudo su dikang -c 'sudo
chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is my normal
user account. And this command worked well and the server on port 4004 is
started… What’s wrong with the www-data user?

I’m working on chef 0.8, apache2 and ubuntu 9.10.

Could anyone give me the help please?

Thanks
Dikang

!DSPAM:4b5e8e38113671804284693!


#5

I’d have to say that running chef via CGI is a pretty terrible idea;
you’ll have to fire up a complete instance on every request, which
will be very resource intensive.

On Tue, Jan 26, 2010 at 11:24 AM, Dikang Gu dikang85@gmail.com wrote:

Hi Scott,
Thanks for your help.

The “sudo chef-server -c2 -p 4004” does work on my ubuntu 9.10, it confused
me that why the sudo su www-data -c “sudo chef-server -c2 -p 4004” does
not work… because I’d like to start the chef-server though cgi scripts
under apache2. What’s your idea about this?
Thanks
Dikang

On Tue, Jan 26, 2010 at 5:06 PM, Scott M. Likens scott@likens.us wrote:

Hi Dikang,
Two things,

  1. You don’t need to use two ports with .8, we don’t use openid… if you
    need more workers, use unicorn… it’s your friend and no special sauce
    required to use it (except it won’t work with the chef-server script…
    boo@merb)
    What I personally did is create an upstart service to handle this, I
    attached my files, so ideally if you used this… first turn off chef-server
    or whatever sitting on port 4000…
    put chef-start.sh in /usr/bin
    put unicorn.rb in /usr/lib/ruby/gems/1.8/gems/chef-server-0.8.0/
    put chef-server.conf in /etc/init
    then type start chef-server
    if you want to see what’s going on stdout/stderr this configuration drops
    those in /tmp/unicorn.stdout.log and /tmp/unicorn.stderr.log and sets the
    workers to 4… adjust as you see fit, but .8 is insanely responsive with 2
    workers… 4-8 workers with monit/bluepill and I can’t see how you can fail.
  2. -c2 failing should be fixed
    by http://tickets.opscode.com/browse/CHEF-737 are you running a current
    master?
    Scott

On Jan 25, 2010, at 10:39 PM, Dikang Gu wrote:

Is this a bug for chef 0.8 on ubuntu 9.10?
Because the same command works well on chef 0.7 with ubuntu 9.04…
Dikang

On Tue, Jan 26, 2010 at 2:28 PM, Dikang Gu dikang85@gmail.com wrote:

Hi guys,
I’d like to use a cgi script to start the chef server, and I use a c
script to give the “root” permissions to the cgi script (you know this
method which can be easily found on the internet ). But it does not work…
And I tried the method: sudo su www-data -c 'sudo chef-server -C
/etc/chef/server.rb -c2 -p 4004" , which means create the chef server on
port 4004. And the output of the command is “~ In 4650” which means the
server is started at pid 4650, right?
But with no luck, the server is not started at all… why?
And then I tried to run the other command: sudo su dikang -c 'sudo
chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is my normal
user account. And this command worked well and the server on port 4004 is
started… What’s wrong with the www-data user?
I’m working on chef 0.8, apache2 and ubuntu 9.10.
Could anyone give me the help please?
Thanks
Dikang

!DSPAM:4b5e8e38113671804284693!


#6

Hi Thom,

I start the chef server instance via CGI because I’d like to find a remote
way to start the chef server instance on different port…

Do you have any suggestions about how to start the chef server
instance remotely?

Thanks
Dikang

On Tue, Jan 26, 2010 at 7:49 PM, Thom May thom@clearairturbulence.orgwrote:

I’d have to say that running chef via CGI is a pretty terrible idea;
you’ll have to fire up a complete instance on every request, which
will be very resource intensive.

On Tue, Jan 26, 2010 at 11:24 AM, Dikang Gu dikang85@gmail.com wrote:

Hi Scott,
Thanks for your help.

The “sudo chef-server -c2 -p 4004” does work on my ubuntu 9.10, it
confused
me that why the sudo su www-data -c "sudo chef-server -c2 -p 4004"
does
not work… because I’d like to start the chef-server though cgi scripts
under apache2. What’s your idea about this?
Thanks
Dikang

On Tue, Jan 26, 2010 at 5:06 PM, Scott M. Likens scott@likens.us
wrote:

Hi Dikang,
Two things,

  1. You don’t need to use two ports with .8, we don’t use openid… if
    you

need more workers, use unicorn… it’s your friend and no special sauce
required to use it (except it won’t work with the chef-server script…
boo@merb)
What I personally did is create an upstart service to handle this, I
attached my files, so ideally if you used this… first turn off
chef-server

or whatever sitting on port 4000…
put chef-start.sh in /usr/bin
put unicorn.rb in /usr/lib/ruby/gems/1.8/gems/chef-server-0.8.0/
put chef-server.conf in /etc/init
then type start chef-server
if you want to see what’s going on stdout/stderr this configuration
drops

those in /tmp/unicorn.stdout.log and /tmp/unicorn.stderr.log and sets
the

workers to 4… adjust as you see fit, but .8 is insanely responsive
with 2

workers… 4-8 workers with monit/bluepill and I can’t see how you can
fail.

  1. -c2 failing should be fixed
    by http://tickets.opscode.com/browse/CHEF-737 are you running a current
    master?
    Scott

On Jan 25, 2010, at 10:39 PM, Dikang Gu wrote:

Is this a bug for chef 0.8 on ubuntu 9.10?
Because the same command works well on chef 0.7 with ubuntu 9.04…
Dikang

On Tue, Jan 26, 2010 at 2:28 PM, Dikang Gu dikang85@gmail.com wrote:

Hi guys,
I’d like to use a cgi script to start the chef server, and I use a c
script to give the “root” permissions to the cgi script (you know this
method which can be easily found on the internet ). But it does not
work…

And I tried the method: sudo su www-data -c 'sudo chef-server -C
/etc/chef/server.rb -c2 -p 4004" , which means create the chef server
on

port 4004. And the output of the command is “~ In 4650” which means the
server is started at pid 4650, right?
But with no luck, the server is not started at all… why?
And then I tried to run the other command: sudo su dikang -c 'sudo
chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is
my normal

user account. And this command worked well and the server on port 4004
is

started… What’s wrong with the www-data user?
I’m working on chef 0.8, apache2 and ubuntu 9.10.
Could anyone give me the help please?
Thanks
Dikang

!DSPAM:4b5e8e38113671804284693!


#7

Start remotely: You can’t use ssh and login remotely?

Another option, use monit on the chef-server host with config’s to start/stop the service, setup M/Monit and you can use the web interface to start/stop the service.

Regarding the problem with www-data, it’s probably because the www-data account does not have a login shell. See your /etc/passwd

Example for a centos server:
apache:x:48:48:Apache:/var/www:/sbin/nologin

You can sudo to the user, but you can’t su to the user.

Alex

On Jan 26, 2010, at 4:33 AM, Dikang Gu wrote:

Hi Thom,

I start the chef server instance via CGI because I’d like to find a remote way to start the chef server instance on different port…

Do you have any suggestions about how to start the chef server instance remotely?

Thanks
Dikang

On Tue, Jan 26, 2010 at 7:49 PM, Thom May thom@clearairturbulence.org wrote:
I’d have to say that running chef via CGI is a pretty terrible idea;
you’ll have to fire up a complete instance on every request, which
will be very resource intensive.

On Tue, Jan 26, 2010 at 11:24 AM, Dikang Gu dikang85@gmail.com wrote:

Hi Scott,
Thanks for your help.

The “sudo chef-server -c2 -p 4004” does work on my ubuntu 9.10, it confused
me that why the sudo su www-data -c “sudo chef-server -c2 -p 4004” does
not work… because I’d like to start the chef-server though cgi scripts
under apache2. What’s your idea about this?
Thanks
Dikang

On Tue, Jan 26, 2010 at 5:06 PM, Scott M. Likens scott@likens.us wrote:

Hi Dikang,
Two things,

  1. You don’t need to use two ports with .8, we don’t use openid… if you
    need more workers, use unicorn… it’s your friend and no special sauce
    required to use it (except it won’t work with the chef-server script…
    boo@merb)
    What I personally did is create an upstart service to handle this, I
    attached my files, so ideally if you used this… first turn off chef-server
    or whatever sitting on port 4000…
    put chef-start.sh in /usr/bin
    put unicorn.rb in /usr/lib/ruby/gems/1.8/gems/chef-server-0.8.0/
    put chef-server.conf in /etc/init
    then type start chef-server
    if you want to see what’s going on stdout/stderr this configuration drops
    those in /tmp/unicorn.stdout.log and /tmp/unicorn.stderr.log and sets the
    workers to 4… adjust as you see fit, but .8 is insanely responsive with 2
    workers… 4-8 workers with monit/bluepill and I can’t see how you can fail.
  2. -c2 failing should be fixed
    by http://tickets.opscode.com/browse/CHEF-737 are you running a current
    master?
    Scott

On Jan 25, 2010, at 10:39 PM, Dikang Gu wrote:

Is this a bug for chef 0.8 on ubuntu 9.10?
Because the same command works well on chef 0.7 with ubuntu 9.04…
Dikang

On Tue, Jan 26, 2010 at 2:28 PM, Dikang Gu dikang85@gmail.com wrote:

Hi guys,
I’d like to use a cgi script to start the chef server, and I use a c
script to give the “root” permissions to the cgi script (you know this
method which can be easily found on the internet ). But it does not work…
And I tried the method: sudo su www-data -c 'sudo chef-server -C
/etc/chef/server.rb -c2 -p 4004" , which means create the chef server on
port 4004. And the output of the command is “~ In 4650” which means the
server is started at pid 4650, right?
But with no luck, the server is not started at all… why?
And then I tried to run the other command: sudo su dikang -c 'sudo
chef-server -C /etc/chef/server.rb -c2 -p 4004", the “dikang” is my normal
user account. And this command worked well and the server on port 4004 is
started… What’s wrong with the www-data user?
I’m working on chef 0.8, apache2 and ubuntu 9.10.
Could anyone give me the help please?
Thanks
Dikang

!DSPAM:4b5e8e38113671804284693!