[BUG] FATA /etc/hosts is not readable/writable by the current user

[debu66er]

General information

• OS: macOS
• Hypervisor: hyperkit
• Did you run crc setup before starting it (Yes/No)? Yes

CRC version

version: 1.0.0-rc.0+34371d3
OpenShift version: 4.2.0-0.nightly-2019-09-26-192831 (embedded in binary)

CRC status

CRC VM: Stopped
OpenShift: Stopped
Disk Usage: 0B of 0B (Inside the CRC VM)
Cache Usage: 11.71GB
Cache Directory: /Users/chemi/.crc/cache

CRC config

Host Operating System

ProductName: Mac OS X
ProductVersion: 10.14.6
BuildVersion: 18G103

Steps to reproduce

1. Started and stopped crc several times with no issues
2. Restarted Mac
3. After Mac restart, crc start fails with: FATA /etc/hosts is not readable/writable by the current user
4. Checking the file: ls -l /etc/hosts I get: -rw------- 1 root wheel 299 Oct 9 12:04 hosts; which for me it seems wrong. Question is, if it worked before Mac restart, who changed this permissions? crc stop? Perhaps it is not related to crc but just wanted to make sure before GA version.

Expected

Actual

Logs

[cfergeau]

If macos resets the permissions on /etc/hosts when it reboots, then it's indeed a good thing to know. This is not something which was changed by crc stop

[debu66er]

It is something I will verify later today.
At the moment, changing the owner of the file from root to the regular user again fixed the problem.
I will restart MacOS later and double check if those permissions were changed again and I will come back to update.

[debu66er]

Restarted an this time nothing was changed. So honestly, I have no idea about what happened. I will close it, and reopen if I am able to reproduce the issue again. Thanks!

[kyleschlosser]

This error just started happening for me today without a restart, I cannot put my finger on what I changed other than launching a VPN client. As for @debu66er, my /etc/hosts file is 0600, owned by root/wheel: -rw------- 1 root wheel 477 Oct 9 14:48 /etc/hosts.

My crc version:

version: 1.0.0-rc.0+34371d3
OpenShift version: 4.2.0-0.nightly-2019-09-26-192831 (embedded in binary)

[kyleschlosser]

I confirmed that this is changed in my case by launching the Cisco AnyConnect Secure VPN Client:

$ ls -ltra /etc/hosts
-rw-------  1 root  wheel  477 Oct  9 15:32 /etc/hosts
$ crc setup
...
$ ls -ltra /etc/hosts
-rw-------  1 kyle  wheel  477 Oct  9 15:32 /etc/hosts

--> Launch VPN Client

$ ls -ltra /etc/hosts
-rw-------  1 root  wheel  477 Oct  9 15:33 /etc/hosts

[gbraad]

This can be prevented if oc is correctly compiled: openshift/origin#23266

[debu66er]

Any update on this one? Using last version of CRC 1.1.0+95966a9 I still facing this issue. If /etc/hosts is owned by root (and Cisco AnyConnect Secure VPN Client does that chown each time it runs) CRC start fails. I have to manually change owner again to the Mac user so it works again.

Is it really an issue of oc? Or crc?

[cfergeau]

ebd772e should help with this as we won't keep changing the VM IP, so it only needs to startup sucessfully once with the hosts file owned by the non-root user. Once that has happened, the preflight check preventing startup can be disabled.

[torstenandrecht]

I also received the error FATA /etc/hosts is not readable/writable by the current user. When I stopped CISCO Anyconnect crc start worked.

[richard-trotter]

Also an issue for me.

Mac OS X 10.15.2
crc version: 1.3.0+918756b

-rw-rw-r--  1 root  wheel  1360 Jan 10 13:16 /etc/hosts

INFO Checking if running as non-root              
INFO Checking if oc binary is cached              
INFO Checking if HyperKit is installed            
INFO Checking if crc-driver-hyperkit is installed 
INFO Checking file permissions for /etc/resolver/testing 
FATA /etc/hosts is not readable/writable by the current user 

I verified that if I make /etc/hosts writable for the non-root user who is starting crc, then crc startup succeeds. Works for me for now, but this remains a bug and needs to be fixed.

[azaceta]

Same here, no restart, just sleep + awakening. On MacOS 10.15.2.
If Cisco AnyConnect Secure Mobility Client os running CRC won't even be able to start the first time. Only way to fix it: reboot and 1st start CRC.
If I start Cisco client after CRC is working, it keeps on working, but after stopping CRC, closing the lid and opening the next day I get the same error as the colleagues above:

INFO Checking if oc binary is cached              
INFO Checking if running as non-root              
INFO Checking if HyperKit is installed            
INFO Checking if crc-driver-hyperkit is installed 
INFO Checking file permissions for /etc/resolver/testing 
INFO Checking file permissions for /etc/hosts     
FATA /etc/hosts is not readable/writable by the current user 
➜  CRC Openshift ls -l /etc/hosts
-rw-------  1 root  wheel  427 Jan 30 19:08 /etc/hosts

I had already similar issues with Minishift but never closed it down to being the /etc/hosts file.
Any solution ahead? workaround? changing the ownership of file before the 'crc start'?
Thanks!

[cfergeau]

With ebd772e30b8 , having /etc/hosts writable by the user becomes less important, it only needs to be writable when first running crc start, or when running it after crc delete. As already mentioned by Gerard, we need to modify /etc/hosts because of openshift/origin#23266
As a workaround, you can change the permissions of /etc/hosts right before running crc start, and use crc config set skip-check-hosts-file-permissions true or ``crc config set warn-check-hosts-file-permissions true`

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.