Details
-
Bug
-
Resolution: Fixed
-
Highest
-
8.7.2, 7.19.18, 8.5.5
-
49
-
Severity 3 - Minor
-
740
-
Description
The initial change was made in response to the collection of security issues we've recently seen. We had aimed to improve the security posture of Confluence by limiting the ability of the running process to write to the install directory. As part of this change we required sudo to install Confluence, but did not fully enforce this requirement in the installer. This led to a collection of problems identified here, and the basis of most of our understanding of the issue. Unfortunately there is also an issue where the user set by the installer would have more permissions than in our previous implementation.
To address this, we've reverted the previous changes for the coming release (see the status above). Further, to address the impact to customers who have already installed with a super user, we've created a guide to fix the permissions which can be found at Unable to upgrade using non-sudo after using sudo during a prior upgrade.
For those that have not been impacted by the issue in the installer, you can use this new installer without issue or requiring sudo at this time.
Issue Summary
Upgrading Confluence to version 8.5.5 causes an issue when the installer was run without using sudo on Linux server.
Steps to Reproduce
1. Run the installer with the user Confluence is installed with
./atlassian-confluence-8.5.5-x64.bin
2. The Installer encounters an error while attempting to create the OS X - Run Confluence In Background.command binary file, resulting in displaying the following message
Extracting files ... bin/OS X - Run Confluence In Background.command /opt/atlassian/confluence/atlassian-confluence-8.5.4/bin/OS X - Run Confluence In Background.command Could not create this file. Shall I try again? Yes [y], Cancel [c]
Expected Results
Traditionally, the installation process is expected to proceed smoothly if the Confluence user has the required privileges on the Linux server, even without sudo permissions.
The upgrade from version 8.5.3 to 8.5.4 is functioning properly even without sudo access.
Actual Results
The following exception is observed during the upgrade process.
The upgrade process will shut down your existing Confluence installation to complete the upgrade. Do you want to proceed? Upgrade [u, Enter], Exit [e] u Your instance of Confluence is currently being upgraded. Shutting down Confluence... Checking if Confluence has been shutdown... Backing up the Confluence installation directory Deleting the previous Confluence installation directory... Extracting files ... bin/OS X - Run Confluence In Background.command /opt/atlassian/confluence/atlassian-confluence-8.5.3/bin/OS X - Run Confluence In Background.command Could not create this file. Shall I try again? Yes [y], Cancel [c] y /opt/atlassian/confluence/atlassian-confluence-8.5.3/bin/OS X - Run Confluence In Background.command Could not create this file. Shall I try again? Yes [y], Cancel [c] c Rolling back changes ...
Workaround
It is recommend to execute the Linux installer using sudo. This procedure is outlined in the official upgrade guide
Run the installer – we recommend using sudo to run the installer:
{{$ sudo ./atlassian-confluence-X.X.X-x64.bin}}
