View Issue Details

Related ChangesetsJump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0010126Talermerchant backendpublic2025-06-23 23:392025-08-31 19:09
Reporterhank Assigned Toschanzen  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionreopened 
Product Version1.0 
Target Version1.0 stretch goalsFixed in Version1.0 stretch goals 
Summary0010126: taler.conf can't be symlink of symlink
Descriptiontaler-merchant-httpd can't read taler.conf if it's a symlink pointing to a symlink pointing to the actual file.

the rule in Linux is normally resolving a chain of symlinks recursively until the actual file.

this is a problem e.g. for kubernetes which maps config files as configmaps into the file system using a 2-hop symlink.

https://kubernetes.io/docs/concepts/configuration/configmap/#using-configmaps-as-files-from-a-pod
Steps To Reproducecreate "tmp2" with the actual config contents, and 2 symlinks:

# ls -la
total 20
drwxr-xr-x 2 root root 4096 Jun 23 23:32 .
drwxr-xr-x 153 root root 12288 Jun 23 23:07 ..
lrwxrwxrwx 1 root root 4 Jun 23 23:29 taler.conf -> tmp1
lrwxrwxrwx 1 root root 4 Jun 23 23:29 tmp1 -> tmp2
-rw-r--r-- 1 root root 401 Jun 23 23:07 tmp2
TagsNo tags attached.

Activities

Christian Grothoff

2025-06-30 18:08

manager   ~0025383

@schanzen: this seems strange, but probably something in libgnunetutil -- care to investigate?

hank

2025-06-30 20:17

reporter   ~0025384

thanks for looking into this. I have a working Kubernetes configuration here that I can share once this is fixed.

schanzen

2025-07-01 12:00

administrator   ~0025385

Fix committed to master branch.

hank

2025-07-05 00:39

reporter   ~0025423

apologies but this is still failing on me with latest gnunet master

have you actually tried the two-symlink arrangement from "steps to reproduce"

schanzen

2025-07-07 21:20

administrator   ~0025434

Yes I tested against exactly that. With gnunet-config, however.

schanzen

2025-07-07 21:24

administrator   ~0025435

Are you sure you recompiled merchant against the new libgnunetutil from gnunet master? taler-merchant-httpd also parses the config file for me (and not the symlink) which was the problem.

hank

2025-07-07 21:45

reporter   ~0025436

I used the Dockerfile provided here https://bugs.gnunet.org/view.php?id=10119#c25392

I ran docker build 3 days ago meaning your commit was included. I can also run the image and see the actual source files with the patches so no mistakes here.

I am using the docker-compose.yaml attached.

my local ./config directory has this structure:

$ ls -l config/
total 4
lrwxrwxrwx 1 tenant tenant 4 Jul 7 21:39 taler.conf -> tmp1
lrwxrwxrwx 1 tenant tenant 4 Jul 7 21:39 tmp1 -> tmp2
-rw-rw-r-- 1 tenant tenant 383 Jun 26 23:33 tmp2

it works if there aren't symlinks but doesn't work with the symlinks above
docker-compose.yaml (3,240 bytes)    
name: taler
services:
  postgres:
    image: postgres:17-alpine
    environment:
      POSTGRES_PASSWORD: password
      POSTGRES_DB: taler-merchant
    volumes:
      - postgresql_socket:/var/run/postgresql
      - db-data:/var/lib/postgresql/data
    healthcheck:
      test: pg_isready --dbname=postgres://postgres:password@/postgres
      interval: 10s
      timeout: 1s
      retries: 5
      start_period: 5s
      start_interval: 1s
  init-db:
    image: taler-merchant:latest
    command: taler-merchant-dbinit -c /etc/taler/taler.conf
    environment:
      PGUSER: postgres
      PGPASSWORD: password
    volumes:
      - type: bind
        source: ./config
        target: /etc/taler
        read_only: true
      - postgresql_socket:/var/run/postgresql
    depends_on:
      postgres:
        condition: service_healthy
  httpd:
    ports:
      - 8080:8080
    image: taler-merchant:latest
    command: taler-merchant-httpd -c /etc/taler/taler.conf
    environment:
      PGUSER: postgres
      PGPASSWORD: password
    volumes:
      - type: bind
        source: ./config
        target: /etc/taler
        read_only: true
      - postgresql_socket:/var/run/postgresql
    depends_on:
      postgres:
        condition: service_healthy
      init-db:
        condition: service_completed_successfully
  webhook:
    image: taler-merchant:latest
    command: taler-merchant-webhook -c /etc/taler/taler.conf
    environment:
      PGUSER: postgres
      PGPASSWORD: password
    volumes:
      - type: bind
        source: ./config
        target: /etc/taler
        read_only: true
      - postgresql_socket:/var/run/postgresql
    depends_on:
      postgres:
        condition: service_healthy
      init-db:
        condition: service_completed_successfully
  wirewatch:
    image: taler-merchant:latest
    command: taler-merchant-wirewatch -c /etc/taler/taler.conf
    environment:
      PGUSER: postgres
      PGPASSWORD: password
    volumes:
      - type: bind
        source: ./config
        target: /etc/taler
        read_only: true
      - postgresql_socket:/var/run/postgresql
    depends_on:
      postgres:
        condition: service_healthy
      init-db:
        condition: service_completed_successfully
  depositcheck:
    image: taler-merchant:latest
    command: taler-merchant-depositcheck -c /etc/taler/taler.conf
    environment:
      PGUSER: postgres
      PGPASSWORD: password
    volumes:
      - type: bind
        source: ./config
        target: /etc/taler
        read_only: true
      - postgresql_socket:/var/run/postgresql
    depends_on:
      postgres:
        condition: service_healthy
      init-db:
        condition: service_completed_successfully
  exchangekeyupdate:
    image: taler-merchant:latest
    command: taler-merchant-exchangekeyupdate -c /etc/taler/taler.conf
    environment:
      PGUSER: postgres
      PGPASSWORD: password
    volumes:
      - type: bind
        source: ./config
        target: /etc/taler
        read_only: true
      - postgresql_socket:/var/run/postgresql
    depends_on:
      postgres:
        condition: service_healthy
      init-db:
        condition: service_completed_successfully
volumes:
  db-data:
  postgresql_socket:
    driver: local
docker-compose.yaml (3,240 bytes)   

schanzen

2025-07-07 23:21

administrator   ~0025437

I did not consider the directory path and only tested symlinks in PWD.
Try e21d59ae2..3d682e5ff

hank

2025-07-07 23:58

reporter   ~0025439

works. awesome.

Related Changesets

gnunet: master e21d59ae

2025-07-01 14:00

schanzen


Details Diff		 util: Properly follow symlinks when determining file size. Fixes 0010126 Affected Issues
0010126
mod - src/lib/util/configuration.c Diff File
mod - src/lib/util/disk.c Diff File
mod - src/lib/util/test_disk.c Diff File

Issue History

Date Modified Username Field Change
2025-06-23 23:39 hank New Issue
2025-06-30 18:08 Christian Grothoff Assigned To => schanzen
2025-06-30 18:08 Christian Grothoff Status new => assigned
2025-06-30 18:08 Christian Grothoff Note Added: 0025383
2025-06-30 18:09 Christian Grothoff Target Version => 1.1
2025-06-30 20:17 hank Note Added: 0025384
2025-07-01 12:00 schanzen Changeset attached => gnunet master e21d59ae
2025-07-01 12:00 schanzen Note Added: 0025385
2025-07-01 12:00 schanzen Status assigned => resolved
2025-07-01 12:00 schanzen Resolution open => fixed
2025-07-05 00:39 hank Status resolved => feedback
2025-07-05 00:39 hank Resolution fixed => reopened
2025-07-05 00:39 hank Note Added: 0025423
2025-07-07 21:20 schanzen Note Added: 0025434
2025-07-07 21:24 schanzen Note Added: 0025435
2025-07-07 21:45 hank Note Added: 0025436
2025-07-07 21:45 hank File Added: docker-compose.yaml
2025-07-07 21:45 hank Status feedback => assigned
2025-07-07 23:21 schanzen Note Added: 0025437
2025-07-07 23:21 schanzen Status assigned => feedback
2025-07-07 23:58 hank Note Added: 0025439
2025-07-07 23:58 hank Status feedback => assigned
2025-07-08 08:54 schanzen Status assigned => resolved
2025-07-08 08:54 schanzen Fixed in Version => 1.1
2025-07-09 11:13 Christian Grothoff Fixed in Version 1.1 => 1.0 stretch goals
2025-07-09 11:13 Christian Grothoff Target Version 1.1 => 1.0 stretch goals
2025-08-31 19:09 Christian Grothoff Status resolved => closed