Skip to content

Fix: Allow non-root users to run must-gather-clean#112

Open
shoebvb-ibm wants to merge 1 commit intoopenshift:mainfrom
shoebvb-ibm:fix-non-root-chown-issue-111
Open

Fix: Allow non-root users to run must-gather-clean#112
shoebvb-ibm wants to merge 1 commit intoopenshift:mainfrom
shoebvb-ibm:fix-non-root-chown-issue-111

Conversation

@shoebvb-ibm
Copy link

@shoebvb-ibm shoebvb-ibm commented Mar 3, 2026

Fixes #111

This commit resolves the issue where non-root users cannot run must-gather-clean due to permission errors when attempting to chown newly created directories.

Changes:

  • Modified pkg/fsutil/fsutil_unix.go to gracefully handle EPERM errors
  • Added error checking for syscall.EPERM and os.ErrPermission
  • Non-root users can now successfully run the tool without chown failures
  • Root users continue to preserve original file ownership as before

The fix allows the tool to continue processing when chown operations fail due to insufficient privileges, which is expected behavior for non-root users. Files are still created with appropriate permissions for the current user, and obfuscation completes successfully.

Tested on Linux and macOS with successful obfuscation of sample logs.

@shoebvb-ibm
Fix: Allow non-root users to run must-gather-clean
75458bd 
Fixes openshift#111

This commit resolves the issue where non-root users cannot run
must-gather-clean due to permission errors when attempting to
chown newly created directories.

Changes:
- Modified pkg/fsutil/fsutil_unix.go to gracefully handle EPERM errors
- Added error checking for syscall.EPERM and os.ErrPermission
- Non-root users can now successfully run the tool without chown failures
- Root users continue to preserve original file ownership as before

The fix allows the tool to continue processing when chown operations
fail due to insufficient privileges, which is expected behavior for
non-root users. Files are still created with appropriate permissions
for the current user, and obfuscation completes successfully.

Tested on Linux and macOS with successful obfuscation of sample logs.
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 3, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: shoebvb-ibm
Once this PR has been reviewed and has the lgtm label, please assign sairameshv for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. label Mar 3, 2026
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Mar 3, 2026

Hi @shoebvb-ibm. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lmzuccarelli lmzuccarelli Awaiting requested review from lmzuccarelli

@sairameshv sairameshv Awaiting requested review from sairameshv

Assignees

No one assigned

Labels

needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Non-root User Unable to Run must-gather-clean

1 participant

@shoebvb-ibm