I was expecting the below init
hook to be run as root based on the values of pkg_svc_user and pkg_svc_group in the plan.sh
, but it was being run as hab resulting in a permission error reading /hab/sup/default/CTL_SECRET
when calling hab file upload
.
plan.sh
pkg_svc_user="root"
pkg_svc_group="root"
hooks/init
#!{{pkgPathFor "core/bash"}}/bin/bash
whoami
hab file upload {{bind.fluentd.first.service}}.{{bind.fluentd.first.group}} $(date +%s%N) {{pkg.svc_config_path}}/squid_fluent.conf
hab file upload {{bind.logrotator.first.service}}.{{bind.fluentd.first.group}} $(date +%s%N) {{pkg.svc_config_path}}/squid_logrotate.conf
Logs
outbound_proxy.default hook[init]:(HK): hab
outbound_proxy.default hook[init]:(HK): ✗✗✗
outbound_proxy.default hook[init]:(HK): ✗✗✗ [Err: 1] IoError while reading or writing ctl secret, /hab/sup/default/CTL_SECRET, Permission denied (os error 13)
When I moved the content out of the init
and into the run
hook, root
user was logged and everything worked. Is it expected that early lifecycle hooks run as hab by default before the user/group defined in plan.sh
is honoured in later hooks?