On a new labs-vagrant instance ee-flow-extra.eqiad.wmflabs
$ sudo labs-vagrant enable-role flow
works, but
$ sudo labs-vagrant provision
fails with
... info: mount[files]: allowing mediawiki-vagrant access
notice: /Stage[main]/Mysql/File[/home/vagrant/.my.cnf]/owner: owner changed 'vagrant' to 'vagrant'
notice: /Stage[main]/Role::Flow/Mediawiki::Extension[Flow]/Git::Clone[mediawiki/extensions/Flow]/Exec[git clone mediawiki/extensions/Flow]/returns: fatal: could not create work tree dir '/vagrant/mediawiki/extensions/Flow'.: Permission denied err: /Stage[main]/Role::Flow/Mediawiki::Extension[Flow]/Git::Clone[mediawiki/extensions/Flow]/Exec[git clone mediawiki/extensions/Flow]/returns: change from notrun to 0 failed: git clone --recursive --branch master https://gerrit.wikimedia.org/r/p/mediawiki/extensions/Flow.git /vagrant/mediawiki/extensions/Flow returned 128 instead of one of [0] at /vagrant/puppet/modules/git/manifests/clone.pp:48
But I'm running the command as root, and vagrant/puppet/modules/git/manifests/clone.pp tries to run as $user = vagrant. I don't understand why this unable to clone in a directory owned by vagrant.
drwxr-xr-x 9 vagrant www-data 4096 Mar 31 18:48 /vagrant/mediawiki/extensions/
I find just touching a file in here doesn't work,
spage$ sudo su vagrant $ touch /vagrant/mediawiki/extensions/foo
failed. So maybe there is a sudo or security issue?
Yuvi comments "someone else had issues running commands as other users (with postgres, I think)... seems labs-related". His workaround
$ sudo su $ labs-vagrant provision
worked, and I added it to https://wikitech.wikimedia.org/wiki/Talk:Labs-vagrant
Bug 61397 "allow sudo -u vagrant <command> on labs-vagrant" is related.
Version: unspecified
Severity: normal