Last modified: 2014-07-15 23:38:53 UTC
On a new labs-vagrant instance ee-flow-extra.eqiad.wmflabs $ sudo labs-vagrant enable-role flow works, but $ sudo labs-vagrant provision fails with ... info: mount[files]: allowing mediawiki-vagrant access notice: /Stage[main]/Mysql/File[/home/vagrant/.my.cnf]/owner: owner changed 'vagrant' to 'vagrant' notice: /Stage[main]/Role::Flow/Mediawiki::Extension[Flow]/Git::Clone[mediawiki/extensions/Flow]/Exec[git clone mediawiki/extensions/Flow]/returns: fatal: could not create work tree dir '/vagrant/mediawiki/extensions/Flow'.: Permission denied err: /Stage[main]/Role::Flow/Mediawiki::Extension[Flow]/Git::Clone[mediawiki/extensions/Flow]/Exec[git clone mediawiki/extensions/Flow]/returns: change from notrun to 0 failed: git clone --recursive --branch master https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow.git /vagrant/mediawiki/extensions/Flow returned 128 instead of one of [0] at /vagrant/puppet/modules/git/manifests/clone.pp:48 But I'm running the command as root, and vagrant/puppet/modules/git/manifests/clone.pp tries to run as $user = vagrant. I don't understand why this unable to clone in a directory owned by vagrant. drwxr-xr-x 9 vagrant www-data 4096 Mar 31 18:48 /vagrant/mediawiki/extensions/ I find just touching a file in here doesn't work, spage$ sudo su vagrant $ touch /vagrant/mediawiki/extensions/foo failed. So maybe there is a sudo or security issue? Yuvi comments "someone else had issues running commands as other users (with postgres, I think)... seems labs-related". His workaround $ sudo su $ labs-vagrant provision worked, and I added it to https://wikitech.wikimedia.org/wiki/Talk:Labs-vagrant Bug 61397 "allow `sudo -u vagrant <command>` on labs-vagrant" is related.
Sounds more like a labs issue than a vagrant issue. Perhaps local users can't be sudo'd to (would make sense with the postgres user too) and that is causing issues?
S, Did this end up being the instance that had both local and ldap vagrant users?
I retried `sudo labs-vagrant provision` on a newer labs instance and didn't run into this problem. (In reply to Bryan Davis from comment #2) > S, Did this end up being the instance that had both local and ldap vagrant > users? Can't remember, sorry.