Ceph OSD Charm

ceph-osd charm sets permissions of /etc/ceph to 0555

Bug #1593424 reported by Francis Ginther on 2016-06-16

This bug affects 2 people

Affects		Status	Importance	Assigned to	Milestone
	Ceph OSD Charm	Triaged	Low	Unassigned
	ceph-osd (Juju Charms Collection)	Invalid	Low	Unassigned

Bug Description

Found this on a landscape autopilot deployment using ceph block and ceph object storage using cs:trusty/ceph-osd-235. The permissions of the "/etc/ceph/" directories on the ceph-osd units are (see http://paste.ubuntu.com/17411963/ for better formatting):

fginther@sandman:~/work/triage/ceph-permissions$ ls -la ./*/etc/ceph
./ceph-osd-0/etc/ceph:
total 24
drwxr-xr-x 2 fginther fginther 4096 Jun 16 12:02 .
drwxr-xr-x 7 fginther fginther 4096 Jun 16 13:47 ..
lrwxrwxrwx 1 fginther fginther 27 Jun 16 14:16 ceph.conf -> /etc/alternatives/ceph.conf
-rw-r--r-- 1 fginther fginther 92 Apr 29 13:50 rbdmap

./ceph-osd-1/etc/ceph:
total 48
dr-xr-xr-x 2 fginther fginther 4096 Jun 16 12:07 .
drwxr-xr-x 6 fginther fginther 4096 Jun 16 13:47 ..
-rw------- 1 fginther fginther 74 Jun 16 12:07 ceph.client.nova-compute-kvm.keyring
lrwxrwxrwx 1 fginther fginther 27 Jun 16 14:16 ceph.conf -> /etc/alternatives/ceph.conf
-rw-r--r-- 1 fginther fginther 92 Apr 29 13:50 rbdmap
-rw-r--r-- 1 fginther fginther 184 Jun 16 12:13 secret.xml

./ceph-osd-2/etc/ceph:
total 48
dr-xr-xr-x 2 fginther fginther 4096 Jun 16 12:04 .
drwxr-xr-x 6 fginther fginther 4096 Jun 16 13:47 ..
-rw------- 1 fginther fginther 74 Jun 16 12:03 ceph.client.nova-compute-kvm.keyring
lrwxrwxrwx 1 fginther fginther 27 Jun 16 14:16 ceph.conf -> /etc/alternatives/ceph.conf
-rw-r--r-- 1 fginther fginther 92 Apr 29 13:50 rbdmap
-rw-r--r-- 1 fginther fginther 184 Jun 16 12:13 secret.xml

./ceph-osd-3/etc/ceph:
total 48
dr-xr-xr-x 2 fginther fginther 4096 Jun 16 12:03 .
drwxr-xr-x 6 fginther fginther 4096 Jun 16 13:47 ..
-rw------- 1 fginther fginther 74 Jun 16 12:02 ceph.client.nova-compute-kvm.keyring
lrwxrwxrwx 1 fginther fginther 27 Jun 16 14:16 ceph.conf -> /etc/alternatives/ceph.conf
-rw-r--r-- 1 fginther fginther 92 Apr 29 13:50 rbdmap
-rw-r--r-- 1 fginther fginther 184 Jun 16 12:13 secret.xml

./ceph-osd-4/etc/ceph:
total 48
dr-xr-xr-x 2 fginther fginther 4096 Jun 16 12:07 .
drwxr-xr-x 6 fginther fginther 4096 Jun 16 13:47 ..
-rw------- 1 fginther fginther 74 Jun 16 12:02 ceph.client.nova-compute-kvm.keyring
lrwxrwxrwx 1 fginther fginther 27 Jun 16 14:16 ceph.conf -> /etc/alternatives/ceph.conf
-rw-r--r-- 1 fginther fginther 92 Apr 29 13:50 rbdmap
-rw-r--r-- 1 fginther fginther 184 Jun 16 12:13 secret.xml

"/etc/ceph" on unit 0 is set to "drwxr-xr-x" (writable by owner), all others are "dr-xr-xr-x" (writable by none). This isn't causing any known issues, but it looks strange.

Tags:

Revision history for this message

Francis Ginther (fginther) wrote on 2016-06-16:

ceph-permissions.txz Edit (3.9 MiB, application/octet-stream)

Revision history for this message

James Page (james-page) wrote on 2016-12-13:

-rw-r--r-- 1 root root 92 Oct 26 2015 rbdmap
lrwxrwxrwx 1 root root 27 Feb 8 2016 ceph.conf -> /etc/alternatives/ceph.conf
-rw------- 1 nova nova 70 Feb 8 2016 ceph.client.nova-compute.keyring
dr-xr-xr-x 2 root root 4096 Oct 19 12:52 .
drwxr-xr-x 116 root root 12288 Oct 19 12:53 ..
-rw-r--r-- 1 root root 180 Oct 19 12:54 secret.xml

Changed in ceph-osd (Juju Charms Collection):
importance:	Undecided → Low
status:	New → Confirmed

Revision history for this message

James Page (james-page) wrote on 2016-12-13:

ceph-osd

def emit_cephconf():
    # Install ceph.conf as an alternative to support
    # co-existence with other charms that write this file
    charm_ceph_conf = "/var/lib/charm/{}/ceph.conf".format(service_name())
    mkdir(os.path.dirname(charm_ceph_conf), owner=ceph.ceph_user(),
          group=ceph.ceph_user())

mkdir has default permissions of 0o555 (which would explain why this happens)

Revision history for this message

James Page (james-page) wrote on 2016-12-13:

that said the same code exists in the ceph charm, so not sure why we don't see the same behaviour.

Changed in ceph-osd (Juju Charms Collection):
status:	Confirmed → Triaged

James Page (james-page) on 2017-02-23

Changed in charm-ceph-osd:
importance:	Undecided → Low
status:	New → Triaged
Changed in ceph-osd (Juju Charms Collection):
status:	Triaged → Invalid

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

ceph-permissions.txz Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.