From dd1d2daeb9119ee93e54ef0b6fa09a9a4352b608 Mon Sep 17 00:00:00 2001 From: Tilman Baumann Date: Tue, 3 Jul 2018 13:31:56 +0200 Subject: [PATCH] Fixing /var/run/ceph/ directory permissions In previous versions of the charm the directory /var/run/ceph/ was created with access permissions only for root. Consequently libvirt had no access to the rbd admin socket. Prior installations are also fixed through update-charm. Change-Id: I7f8054a404de9910bc070b288e1df1ce8dcf754e Closes-Bug: #1779676 --- hooks/nova_compute_context.py | 2 ++ hooks/nova_compute_hooks.py | 11 +++++++++++ 2 files changed, 13 insertions(+) diff --git a/hooks/nova_compute_context.py b/hooks/nova_compute_context.py index eda02379..739828e4 100644 --- a/hooks/nova_compute_context.py +++ b/hooks/nova_compute_context.py @@ -15,6 +15,7 @@ import uuid import os import platform +import shutil from charmhelpers.core.unitdata import kv from charmhelpers.contrib.openstack import context @@ -326,6 +327,7 @@ class NovaComputeCephContext(context.CephContext): asok_path = '/var/run/ceph/' if not os.path.isdir(asok_path): os.mkdir(asok_path) + shutil.chown(asok_path, group='kvm') elif rbd_cache.lower() == "disabled": ctxt['rbd_client_cache_settings'] = {'rbd cache': 'false'} diff --git a/hooks/nova_compute_hooks.py b/hooks/nova_compute_hooks.py index d0c807cd..e7dc91cc 100755 --- a/hooks/nova_compute_hooks.py +++ b/hooks/nova_compute_hooks.py @@ -22,6 +22,8 @@ import uuid import yaml import os import subprocess +import grp +import shutil import charmhelpers.core.unitdata as unitdata @@ -413,6 +415,15 @@ def upgrade_charm(): if is_relation_made('nrpe-external-master'): update_nrpe_config() + # Fix previously wrongly created path permissions + # LP: https://bugs.launchpad.net/charm-cinder-ceph/+bug/1779676 + asok_path = '/var/run/ceph/' + gid = grp.getgrnam("kvm").gr_gid + if gid and os.path.isdir(asok_path) and gid != os.stat(asok_path).st_gid: + log("{} not owned by group 'kvm', fixing permissions." + .format(asok_path)) + shutil.chown(asok_path, group='kvm') + @hooks.hook('nova-ceilometer-relation-changed') @restart_on_change(restart_map())