From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Subject: Re: [pve-devel] [PATCH master ceph 1/8] debian: add patch to fix ceph crash dir permissions in postinst hook
Date: Wed, 31 Jan 2024 14:18:52 +0100 [thread overview]
Message-ID: <1706701255.osw2c9wm3p.astroid@yuna.none> (raw)
In-Reply-To: <20240130184041.1125674-2-m.carrara@proxmox.com>
On January 30, 2024 7:40 pm, Max Carrara wrote:
> Ceph has a postinst hook that sets the ownership of '/var/lib/ceph/*'
> to ceph:ceph (in our case), but misses out on '/var/lib/ceph/crash/posted'.
>
> This patch therefore also updates the permissions of '/var/lib/ceph/*/*'.
>
> Signed-off-by: Max Carrara <m.carrara@proxmox.com>
> ---
> ...rmissions-of-subdirectories-of-var-l.patch | 42 +++++++++++++++++++
> patches/series | 1 +
> 2 files changed, 43 insertions(+)
> create mode 100644 patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
>
> diff --git a/patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch b/patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
> new file mode 100644
> index 000000000..951a2a6ed
> --- /dev/null
> +++ b/patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
> @@ -0,0 +1,42 @@
> +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
> +From: Max Carrara <m.carrara@proxmox.com>
> +Date: Thu, 11 Jan 2024 14:04:16 +0100
> +Subject: [PATCH] debian: adjust permissions of subdirectories of /var/lib/ceph
> +
> +A rather recent PR made ceph-crash run as "ceph" user instead of
> +root [0]. However, because /var/lib/ceph/crash/posted belongs to root,
> +ceph-crash cannot actually post any crash logs now.
> +
> +This commit fixes this by also updating the permissions of
> +/var/lib/ceph/*/* - the subdirectories of the directories in
> +/var/lib/ceph.
> +
> +[0]: https://github.com/ceph/ceph/pull/48713
> +
> +Signed-off-by: Max Carrara <m.carrara@proxmox.com>
> +---
> + debian/ceph-base.postinst | 8 ++++++++
> + 1 file changed, 8 insertions(+)
> +
> +diff --git a/debian/ceph-base.postinst b/debian/ceph-base.postinst
> +index 75eeb59c624..7ca0b9b6c43 100644
> +--- a/debian/ceph-base.postinst
> ++++ b/debian/ceph-base.postinst
> +@@ -40,6 +40,14 @@ case "$1" in
> + chown $SERVER_USER:$SERVER_GROUP $DIR
> + fi
> + done
> ++
> ++ # also adjust file and directory permissons for subdirectories
> ++ for SUBDIR in /var/lib/ceph/*/* ; do
> ++ if ! dpkg-statoverride --list $SUBDIR >/dev/null
> ++ then
> ++ chown $SERVER_USER:$SERVER_GROUP $SUBDIR
> ++ fi
this would probably benefit from being merged with the loop above and
being switched to find?
find(utils) is Essential, so its existence is a given..
did you forward this patch upstream? if not, please do so :)
next prev parent reply other threads:[~2024-01-31 13:19 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-30 18:40 [pve-devel] [PATCH master ceph, quincy-stable-8 ceph, pve-storage, pve-manager 0/8] Fix #4759: Configure Permissions for ceph-crash.service Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH master ceph 1/8] debian: add patch to fix ceph crash dir permissions in postinst hook Max Carrara
2024-01-31 13:18 ` Fabian Grünbichler [this message]
2024-02-01 13:28 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH quincy-stable-8 ceph 2/8] " Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-storage 3/8] cephconfig: support sections in the format of [client.$NAME] Max Carrara
2024-01-31 13:18 ` Fabian Grünbichler
2024-02-01 13:40 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 4/8] ceph: fix edge case of wrong files being deleted on purge Max Carrara
2024-01-31 13:18 ` Fabian Grünbichler
2024-02-01 13:59 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 5/8] fix #4759: ceph: configure keyring for ceph-crash.service Max Carrara
2024-01-31 13:17 ` Fabian Grünbichler
2024-02-05 11:57 ` Max Carrara
2024-02-12 13:41 ` Fabian Grünbichler
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 6/8] ceph: create '/etc/pve/ceph' during `pveceph init` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 7/8] debian/postinst: fix shellcheck warning Max Carrara
2024-01-31 13:16 ` [pve-devel] applied-partially: " Fabian Grünbichler
2024-02-01 13:40 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 8/8] fix #4759: debian/postinst: configure ceph-crash.service and its key Max Carrara
2024-01-31 13:15 ` Fabian Grünbichler
2024-02-01 13:54 ` Max Carrara
2024-01-31 13:25 ` [pve-devel] [PATCH master ceph, quincy-stable-8 ceph, pve-storage, pve-manager 0/8] Fix #4759: Configure Permissions for ceph-crash.service Fabian Grünbichler
2024-01-31 14:22 ` Friedrich Weber
2024-02-01 13:35 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1706701255.osw2c9wm3p.astroid@yuna.none \
--to=f.gruenbichler@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal