upgrade: correct permissions for ceph-mon dirs
Ensure that the directory in /var/lib/ceph/mon for the local mon unit is user writable, ensuring that ceph-mon daemons >= Luminous are able to start. Closes-Bug: 1742083 Change-Id: I9cac4bd258b7038738a693329588420696eac703
This commit is contained in:
parent
1ccf7c2b25
commit
ae147d8a18
|
@ -1311,7 +1311,8 @@ def bootstrap_monitor_cluster(secret):
|
|||
# Ceph >= 0.61.3 needs this for ceph-mon fs creation
|
||||
mkdir('/var/run/ceph', owner=ceph_user(),
|
||||
group=ceph_user(), perms=0o755)
|
||||
mkdir(path, owner=ceph_user(), group=ceph_user())
|
||||
mkdir(path, owner=ceph_user(), group=ceph_user(),
|
||||
perms=0o755)
|
||||
# end changes for Ceph >= 0.61.3
|
||||
try:
|
||||
add_keyring_to_ceph(keyring,
|
||||
|
@ -1705,17 +1706,24 @@ def upgrade_monitor(new_version):
|
|||
service_stop('ceph-mon-all')
|
||||
apt_install(packages=determine_packages(), fatal=True)
|
||||
|
||||
owner = ceph_user()
|
||||
|
||||
# Ensure the files and directories under /var/lib/ceph is chowned
|
||||
# properly as part of the move to the Jewel release, which moved the
|
||||
# ceph daemons to running as ceph:ceph instead of root:root.
|
||||
if new_version == 'jewel':
|
||||
# Ensure the ownership of Ceph's directories is correct
|
||||
owner = ceph_user()
|
||||
chownr(path=os.path.join(os.sep, "var", "lib", "ceph"),
|
||||
owner=owner,
|
||||
group=owner,
|
||||
follow_links=True)
|
||||
|
||||
# Ensure that mon directory is user writable
|
||||
hostname = socket.gethostname()
|
||||
path = '/var/lib/ceph/mon/ceph-{}'.format(hostname)
|
||||
mkdir(path, owner=ceph_user(), group=ceph_user(),
|
||||
perms=0o755)
|
||||
|
||||
if systemd():
|
||||
for mon_id in get_local_mon_ids():
|
||||
service_start('ceph-mon@{}'.format(mon_id))
|
||||
|
|
|
@ -73,6 +73,9 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
|||
'mon_ip-192-168-1-2_hammer_done 1473279502.69'),
|
||||
])
|
||||
|
||||
@patch.object(ceph.utils, 'ceph_user')
|
||||
@patch.object(ceph.utils, 'socket')
|
||||
@patch.object(ceph.utils, 'mkdir')
|
||||
@patch.object(ceph.utils, 'apt_install')
|
||||
@patch.object(ceph.utils, 'chownr')
|
||||
@patch.object(ceph.utils, 'service_stop')
|
||||
|
@ -89,10 +92,13 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
|||
systemd, local_mons, add_source,
|
||||
apt_update, status_set, log,
|
||||
service_start, service_stop, chownr,
|
||||
apt_install):
|
||||
apt_install, mkdir, socket,
|
||||
ceph_user):
|
||||
get_version.side_effect = [0.80, 0.94]
|
||||
config.side_effect = config_side_effect
|
||||
systemd.return_value = False
|
||||
socket.gethostname.return_value = 'testmon'
|
||||
ceph_user.return_value = 'root'
|
||||
local_mons.return_value = ['a']
|
||||
|
||||
ceph.utils.upgrade_monitor('hammer')
|
||||
|
@ -110,7 +116,14 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
|||
call('maintenance', 'Upgrading monitor'),
|
||||
])
|
||||
assert not chownr.called
|
||||
mkdir.assert_called_with('/var/lib/ceph/mon/ceph-testmon',
|
||||
owner='root',
|
||||
group='root',
|
||||
perms=0o755)
|
||||
|
||||
@patch.object(ceph.utils, 'ceph_user')
|
||||
@patch.object(ceph.utils, 'socket')
|
||||
@patch.object(ceph.utils, 'mkdir')
|
||||
@patch.object(ceph.utils, 'apt_install')
|
||||
@patch.object(ceph.utils, 'chownr')
|
||||
@patch.object(ceph.utils, 'service_stop')
|
||||
|
@ -127,10 +140,13 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
|||
systemd, local_mons, add_source,
|
||||
apt_update, status_set, log,
|
||||
service_start, service_stop, chownr,
|
||||
apt_install):
|
||||
apt_install, mkdir, socket,
|
||||
ceph_user):
|
||||
get_version.side_effect = [0.94, 10.1]
|
||||
config.side_effect = config_side_effect
|
||||
systemd.return_value = False
|
||||
socket.gethostname.return_value = 'testmon'
|
||||
ceph_user.return_value = 'ceph'
|
||||
local_mons.return_value = ['a']
|
||||
|
||||
ceph.utils.upgrade_monitor('jewel')
|
||||
|
@ -153,6 +169,10 @@ class UpgradeRollingTestCase(unittest.TestCase):
|
|||
follow_links=True)
|
||||
]
|
||||
)
|
||||
mkdir.assert_called_with('/var/lib/ceph/mon/ceph-testmon',
|
||||
owner='ceph',
|
||||
group='ceph',
|
||||
perms=0o755)
|
||||
|
||||
@patch.object(ceph.utils, 'get_version')
|
||||
@patch.object(ceph.utils, 'status_set')
|
||||
|
|
|
@ -423,7 +423,8 @@ class CephTestCase(unittest.TestCase):
|
|||
mock_mkdir.assert_has_calls([
|
||||
call('/var/run/ceph', owner='ceph',
|
||||
group='ceph', perms=0o755),
|
||||
call(test_path, owner='ceph', group='ceph'),
|
||||
call(test_path, owner='ceph', group='ceph',
|
||||
perms=0o755),
|
||||
])
|
||||
fake_open.assert_has_calls([call(test_done, 'w'),
|
||||
call(test_init_marker, 'w')],
|
||||
|
|
Loading…
Reference in New Issue