Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Phi sat 2 #103

Open
wants to merge 173 commits into
base: dev
Choose a base branch
from
Open

Phi sat 2 #103

wants to merge 173 commits into from

Conversation

CesarCoelho
Copy link
Contributor

The changes needed for the Phi-Sat-2 mission.
This involves mainly (1) the creation of NMF Packages via a maven plugin, (2) support of Apps running in isolation by taking advantage of Linux (one user per App)

dmarszk
dmarszk requested changes Aug 30, 2021
View reviewed changes
Copy link
Member

@dmarszk dmarszk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @CesarCoelho - in principle looks good. I found a few things to change.
After the fixups, please ensure to stay compliant with https://github.com/esa/nanosat-mo-framework/blob/dev/CONTRIBUTING.md - most notably use the bug-tracker https://gitlab.com/esa/NMF/nmf-issues for new changes.

...nanosat-mo-connector/src/main/java/esa/mo/nmf/nanosatmoconnector/NanoSatMOConnectorImpl.java Outdated Show resolved Hide resolved
core/nmf-package-lib/src/main/java/esa/mo/nmf/nmfpackage/LinuxUsersGroups.java Outdated
LinuxUsersGroups.printCommandAndOutput(cmd3, out3);
}

public static void addUserToGroup(String username, String extraGroup) throws IOException {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This does not look like what it is supposed to do. Adding user to a group is typically done via usermod

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think usermod was not available on our OBC. We have busybox and I guess this was a work around. Check here: https://stackoverflow.com/questions/37791873/how-to-add-user-to-a-group-without-usermod

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The linked SO post does not resemble what this method implements. I cannot really match it to either GNU adduser:
https://linux.die.net/man/8/adduser
or busybox adduser:
https://www.busybox.net/downloads/BusyBox.html

core/helper-tools/src/main/java/esa/mo/helpertools/helpers/HelperMisc.java Outdated Show resolved Hide resolved
.../nmf-software-management-impl/src/main/java/esa/mo/sm/impl/provider/AppsLauncherManager.java Outdated Show resolved Hide resolved
.../nmf-software-management-impl/src/main/java/esa/mo/sm/impl/provider/AppsLauncherManager.java Outdated
@@ -396,6 +407,9 @@ protected boolean isAppRunning(final Long appId)
ret.add(str.toString());
} else {
if (runAs != null) {
if(sudoAvailable){
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If sudo is available, sudo su is an antipattern as it escapes the sudoers permission lists - i.e. using sudo + sudoers configuration is the proper way to ensure that supervisor is not running as a privileged user, and thus commands like
su - user123 -c <command> should be replaced with sudo -u user123 <command>. This along with properly tailored system config (i.e. ensuring that user123 belongs to a group which is sudo'able by the supervisor user) will properly utilise linux permissions system.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the thorny one... while I agree with you, there was some problem which prevented me from doing what you are suggesting, can't quite recall it however

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please give it a go. Message me if it gives you issues. Perhaps adding -i switch to sudo is enough in case of problems.

@dmarszk
Copy link
Member

dmarszk commented Aug 30, 2021

Please also rebase on top of dev branch.

dmarszk
dmarszk reviewed Dec 6, 2021
View reviewed changes
core/nmf-package-lib/src/main/java/esa/mo/nmf/nmfpackage/LinuxUsersGroups.java Outdated
.append(withGroup ? " --group " : " ")
.append(username);
}
//String cmd = "useradd $user_nmf_admin -m -s /bin/bash --user-group";
Copy link
Member

@dmarszk dmarszk Dec 6, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Leftover test code. Remove please.

@dmarszk
Copy link
Member

dmarszk commented Dec 6, 2021

See the latest round of comments. In addition:

@CesarCoelho CesarCoelho force-pushed the phi-sat-2 branch 2 times, most recently from e1dffa8 to 2fbb003 Compare May 27, 2022 11:48
dmarszk
dmarszk reviewed Sep 23, 2022
View reviewed changes
...era-acquisitor-system/src/main/java/esa/mo/nmf/apps/CameraAcquisitorSystemCameraHandler.java Outdated
@@ -307,7 +307,8 @@ public void takePhotograph(long actionInstanceObjId, int stageOffset, int totalS
new Duration(casMCAdapter.getExposureTime()),
casMCAdapter.getGainRed(),
casMCAdapter.getGainGreen(),
casMCAdapter.getGainBlue());
casMCAdapter.getGainBlue(),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The API is broken here -> can we patch the StubGenerator to generate multiple constructor wrappers for composites with optional fields?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, I like the idea. Will come with MOv9

@CesarCoelho CesarCoelho force-pushed the phi-sat-2 branch 2 times, most recently from 1f70921 to 871b4f9 Compare February 23, 2023 15:26
@CesarCoelho
[javadoc] Fixed chmod method javadoc
04f525f
@CesarCoelho
Allows the Apps to be started from a non-root user account
deaab4c
@CesarCoelho
Added a start banner for all NMF Apps with System information
8c6c457
@CesarCoelho
[nmf-app] Changed the location of the comArchive to the home directory
8ea92e9
@CesarCoelho
Moved to the home directory, the comArchive.db and the provider.prope…
18e367f 
…rties
@CesarCoelho
Check if sudo is available before using it
cfac887
@CesarCoelho
Code cleanup. Some logs were returning nothing because of: {}
6d07cba
@CesarCoelho
[nmfpack] During installation/uninstallation, replaced the use of use…
bdddc81 
…radd/userdel to adduser/deluser.
@CesarCoelho
[pictureprocessor] Code cleanup. Changed directory where the pictures…
5bf556a 
… are stored
@CesarCoelho
[nmfpack] Support for additional libs or files.
56b1b8a
@CesarCoelho
The App was using folders outside the restricted area. The code now f…
efb57d1 
…ollows the AppStorage class recommendations.
@CesarCoelho
Improved the startup banner
eb098d2
@CesarCoelho
New constructor with ConnectionConsumer. Cleanup of imports
911e3d2
@CesarCoelho
The env variables were not being passed on Linux machines. This was a…
8508b09 
…ffecting Phi-Sat-2 setup when starting Apps
@CesarCoelho
Installation is now supported on the Linux on Phi-Sat-2
697cc18
@CesarCoelho
[nmfpack] The NMF Packages can carry fat jars (jar-with-dependencies)…
5833610 
… now
@CesarCoelho
The AppStorage class is now setting the correct permissions during th…
c19cece 
…e creation of the storage folders
CesarCoelho and others added 20 commits February 23, 2023 16:34
@CesarCoelho
Restored sanity to the file
fe5efda
@CesarCoelho
Code cleanup
2a582fa
@CesarCoelho
Adds a mechanism to configure the transport dispatcher executor threads.
d992ad0
@CesarCoelho
Code refactoring
08ef8fb
@CesarCoelho
Fixes the License Headers
271c002
@CesarCoelho
Prioritize the new jars-nmf folder over the old one & Set autohost as…
533486b 
… default when the transport needs to be generated
@CesarCoelho
Adds capability to create NMF Packages with Java inside
ba02a19
@CesarCoelho
Code cleanup
893c190
@CesarCoelho
[nmf-package] Constructor of the NMFPackageBuilder has now a Metadata…
5ec5c40 
… argument object.
@CesarCoelho
Disables the support for a dedicated nmf-apps group from the installa…
f6ae25e 
…tion
@CesarCoelho
Makes the JRE executable & After deliting a file, delete also the par…
241889b 
…ent folder if it is empty
@CesarCoelho
Fixes the permissions to make the java JRE executable
63ed970
@CesarCoelho
Adds a timestamp for the installation/uninstallation/upgrade of NMF P…
61e5fd4 
…ackages
@CesarCoelho
Code cleanup
5c97592
@CesarCoelho
Small code improvements
367edc6
@CesarCoelho
Improves the doComputerVision error
c6a6843
@CesarCoelho
Better username lookup from the /etc/passwd file
a8a0c1a
@CesarCoelho
The supervisor will exit if ran as root user
37a1148
@CesarCoelho
Updates on the code to fix the auto rebasing mistakes
6115fde
@CesarCoelho
Fixes the CameraSettings arguments
0268bb2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmarszk dmarszk dmarszk requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@CesarCoelho @dmarszk @mciccariello