From: Max Carrara <m.carrara@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH master ceph 1/8] debian: add patch to fix ceph crash dir permissions in postinst hook
Date: Tue, 30 Jan 2024 19:40:34 +0100 [thread overview]
Message-ID: <20240130184041.1125674-2-m.carrara@proxmox.com> (raw)
In-Reply-To: <20240130184041.1125674-1-m.carrara@proxmox.com>
Ceph has a postinst hook that sets the ownership of '/var/lib/ceph/*'
to ceph:ceph (in our case), but misses out on '/var/lib/ceph/crash/posted'.
This patch therefore also updates the permissions of '/var/lib/ceph/*/*'.
Signed-off-by: Max Carrara <m.carrara@proxmox.com>
---
...rmissions-of-subdirectories-of-var-l.patch | 42 +++++++++++++++++++
patches/series | 1 +
2 files changed, 43 insertions(+)
create mode 100644 patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
diff --git a/patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch b/patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
new file mode 100644
index 000000000..951a2a6ed
--- /dev/null
+++ b/patches/0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
@@ -0,0 +1,42 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Max Carrara <m.carrara@proxmox.com>
+Date: Thu, 11 Jan 2024 14:04:16 +0100
+Subject: [PATCH] debian: adjust permissions of subdirectories of /var/lib/ceph
+
+A rather recent PR made ceph-crash run as "ceph" user instead of
+root [0]. However, because /var/lib/ceph/crash/posted belongs to root,
+ceph-crash cannot actually post any crash logs now.
+
+This commit fixes this by also updating the permissions of
+/var/lib/ceph/*/* - the subdirectories of the directories in
+/var/lib/ceph.
+
+[0]: https://github.com/ceph/ceph/pull/48713
+
+Signed-off-by: Max Carrara <m.carrara@proxmox.com>
+---
+ debian/ceph-base.postinst | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/debian/ceph-base.postinst b/debian/ceph-base.postinst
+index 75eeb59c624..7ca0b9b6c43 100644
+--- a/debian/ceph-base.postinst
++++ b/debian/ceph-base.postinst
+@@ -40,6 +40,14 @@ case "$1" in
+ chown $SERVER_USER:$SERVER_GROUP $DIR
+ fi
+ done
++
++ # also adjust file and directory permissons for subdirectories
++ for SUBDIR in /var/lib/ceph/*/* ; do
++ if ! dpkg-statoverride --list $SUBDIR >/dev/null
++ then
++ chown $SERVER_USER:$SERVER_GROUP $SUBDIR
++ fi
++ done
+ ;;
+ abort-upgrade|abort-remove|abort-deconfigure)
+ :
+--
+2.39.2
+
diff --git a/patches/series b/patches/series
index 865caf23d..cf8f1ea31 100644
--- a/patches/series
+++ b/patches/series
@@ -12,3 +12,4 @@
0012-backport-mgr-dashboard-simplify-authentication-proto.patch
0013-mgr-dashboard-remove-ability-to-create-and-check-TLS.patch
0014-rocksb-inherit-parent-cmake-cxx-flags.patch
+0015-debian-adjust-permissions-of-subdirectories-of-var-l.patch
--
2.39.2
next prev parent reply other threads:[~2024-01-30 18:41 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-30 18:40 [pve-devel] [PATCH master ceph, quincy-stable-8 ceph, pve-storage, pve-manager 0/8] Fix #4759: Configure Permissions for ceph-crash.service Max Carrara
2024-01-30 18:40 ` Max Carrara [this message]
2024-01-31 13:18 ` [pve-devel] [PATCH master ceph 1/8] debian: add patch to fix ceph crash dir permissions in postinst hook Fabian Grünbichler
2024-02-01 13:28 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH quincy-stable-8 ceph 2/8] " Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-storage 3/8] cephconfig: support sections in the format of [client.$NAME] Max Carrara
2024-01-31 13:18 ` Fabian Grünbichler
2024-02-01 13:40 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 4/8] ceph: fix edge case of wrong files being deleted on purge Max Carrara
2024-01-31 13:18 ` Fabian Grünbichler
2024-02-01 13:59 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 5/8] fix #4759: ceph: configure keyring for ceph-crash.service Max Carrara
2024-01-31 13:17 ` Fabian Grünbichler
2024-02-05 11:57 ` Max Carrara
2024-02-12 13:41 ` Fabian Grünbichler
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 6/8] ceph: create '/etc/pve/ceph' during `pveceph init` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 7/8] debian/postinst: fix shellcheck warning Max Carrara
2024-01-31 13:16 ` [pve-devel] applied-partially: " Fabian Grünbichler
2024-02-01 13:40 ` Max Carrara
2024-01-30 18:40 ` [pve-devel] [PATCH pve-manager 8/8] fix #4759: debian/postinst: configure ceph-crash.service and its key Max Carrara
2024-01-31 13:15 ` Fabian Grünbichler
2024-02-01 13:54 ` Max Carrara
2024-01-31 13:25 ` [pve-devel] [PATCH master ceph, quincy-stable-8 ceph, pve-storage, pve-manager 0/8] Fix #4759: Configure Permissions for ceph-crash.service Fabian Grünbichler
2024-01-31 14:22 ` Friedrich Weber
2024-02-01 13:35 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240130184041.1125674-2-m.carrara@proxmox.com \
--to=m.carrara@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.