Bug 47492 – Don't re-create Docker container host account during container upgrade

Bug 47492 - Don't re-create Docker container host account during container upgrade


Summary:	Don't re-create Docker container host account during container upgrade

Status:	CLOSED INVALID

Product:	UCS
Classification:	Unclassified
Component:	App Center
Version:	UCS 4.3
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	UCS 4.3-2-errata
Assigned To:	Felix Botner
QA Contact:	Dirk Wiesenthal

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2018-08-08 08:29 CEST by Stefan Gohmann
Modified:	2021-03-19 12:09 CET (History)
CC List:	4 users (show)

See Also:	47601
What kind of report is it?:	Bug Report
What type of bug is this?:	2: Improvement: Would be a product improvement
Who will be affected by this bug?:	1: Will affect a very few installed domains
How will those affected feel about the bug?:	3: A User would likely not purchase the product
User Pain:	0.034
Enterprise Customer affected?:
School Customer affected?:	Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Stefan Gohmann

2018-08-08 08:29:35 CEST

Currently, the host account for the Docker container is removed and a new account is created.

That means all permissions and policies which have been connected to this account are removed. The App Center should use the old account.

Comment 1 Valentin Heidelberger

2018-08-17 11:58:22 CEST

See bug 47601:
A customer ran into this. They restored a snapshot of the app's host system AFTER an app update, which had removed the old memberserver object.
It resulted in a broken LDAP auth due to the missing auth user for the app (Nextcloud)

Comment 2 Valentin Heidelberger

2018-09-26 17:27:19 CEST

Is there already an update regarding this? 

This created quite a lot of hassle for a customer as described above. I can't even reproduce it at the moment because the hostname/memberserver object name is the same after I upgrade an app, contrary to what the customer experiences on the same UCS release.

Comment 3 Valentin Heidelberger

2018-09-26 17:28:29 CEST

Gave this "would not purchase" because it seems to be the reason for failing app upgrades at the moment.

Comment 4 Felix Botner

2018-10-23 11:17:44 CEST

Can not reproduce this, tested with nextcloud and etherpad-lite.

Comment 5 Dirk Wiesenthal

2018-10-24 05:46:04 CEST

Not reproducable. Even entryUUID is untouched for Docker Apps and Appbox Apps. Is any appcenter.log available?

I saw a new host account after the upgrade failed and the process reverted the App to the old version.