Monero: Monero changes wallet file permission to current user

Monero does not change the owner, but writes the entire file anew. So if you run as root, the new file is created as root. If you do not want the file owned by root, then do not run the wallet as root.

Errors could be made more informative, yes. There are plenty of places in Monero where errors are kinda "bundled", which is not very good.

There must be a better solution than to write the entire wallet. I've dealt with many daemons and monero wallet daemon fails pretty frequently with no information to debug and loses everything...

I fixed the problem by having two wallets with two daemons, one restarting once per day and one taking the failover while restarting... I think there could be an elegant way to deal with this kind of problems.

Fails to write the wallet cache file ? If so, becaue of permissions problems, or other problems too ?

Running for months..... And when rpc does not respond, no trace data on log, nothing to debug on, systemd service shows green. god knows why it’s wrong.

Replaces it with failover daemon, tries to fix it, nothing works, sysadmin declares it dead, have no option but to kill it. Loses wallet data, past read blocks, txes...

Inform users new subaddresses and hope for new daemon to work fine.

And life goes on....

If it dies like this:

gdb /path/to/monero-wallet-rpc `pidof monero-wallet-rpc`
thread apply all bt

(Added for proper quoting)
gdb /path/to/monero-wallet-rpc `pidof monero-wallet-rpc`
thread apply all bt

It might be easier to c/p a file's contents than to c/p screen by screen of gdb output

gdb /path/to/monero-wallet-rpc `pidof monero-wallet-rpc` -ex "thread apply all bt" -ex detach -ex quit > /path/to/monero-wallet-rpc_stack_trace.txt

Monero does not change the owner, but writes the entire file anew. So if you run as root, the new file is created as root.

Why not just truncate the file instead of recreating it? Otherwise, opening a wallet through a symlink or hardlink results in quite a nasty surprise: the original wallet is left unchanged (i.e. out of date), and the link is replaced with a separate, updated copy.

Because then it is not atomic and you might end up with a partially written file.

@moneromooo-monero In light of that, the keys file could be a problem: unlike the big file, this one is truncated and then rewritten. So, with some really bad luck, one could lose the keys during a password change (or wallet upgrade, if that ever happens)?

wallet2::change_password() via store_keys() ends up here:

r = r && epee::file_io_utils::save_string_to_file(keys_file_name, buf); //and never touch wallet_keys_file again, only read

Then:

fstream.open(path_to_file, std::ios_base::binary | std::ios_base::out | std::ios_base::trunc);
fstream << str;
fstream.close();

Can you file a bug about it ? It used to be it never got written to, but started to be due to the settings.
That said, the settings could also go in the cache file...

Can you file a bug about it ?

I just created PR https://github.com/monero-project/monero/pull/4729 to fix it. Do I need to create the issue as well?

No, the issue is just so it doesn't get forgot, a PR is better :)

Since the PR just above was merged, can this original issue be closed out? Explicitly chown'ing the wallet files back down to a lower security level when root is running the wallet would seem like an antipattern.

I don't think it makes sense to run monero-wallet-* as root and should be discouraged anyway.

+resolved