kolla

kolla_set_configs doesn't handle permissions and ownerships of config_files

Bug #1701876 reported by Chulmin Kang
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
kolla
Fix Released
Undecided
Chulmin Kang

Bug Description

kolla_set_configs script doesn't handle config_files permissions and ownerships defined in config.json file.

For example, in mariadb container's config.json, 'owner' and 'perm' are defined for two config_files (my.cnf, wsrep-notify.sh).

config.json
{
    "command": "/usr/bin/mysqld_safe",
    "config_files": [
        {
            "source": "{{ container_config_directory }}/galera.cnf",
            "dest": "/etc/{{ mysql_dir }}/my.cnf",
            "owner": "mysql",
            "perm": "0600"
        },
        {
            "source": "{{ container_config_directory }}/wsrep-notify.sh",
            "dest": "/usr/local/bin/wsrep-notify.sh",
            "owner": "mysql",
            "perm": "0700"
        }
    ],
    "permissions": [
        {
            "path": "/var/log/kolla/mariadb",
            "owner": "mysql:mysql",
            "recurse": true
        },
        {
            "path": "/var/lib/mysql",
            "owner": "mysql:mysql",
            "recurse": true
        }
    ]
}

But after mariadb container started, the ownerships and permissions of those two files are not changed.

root@devstack:~# docker exec -it mariadb bash
(mariadb)[mysql@devstack /]$ ls -l /usr/local/bin/wsrep-notify.sh
-rw-r--r-- 1 root root 1406 Jun 30 15:39 /usr/local/bin/wsrep-notify.sh
(mariadb)[mysql@devstack /]$ ls -l /etc/mysql/my.cnf
-rw-r--r-- 1 root root 1058 Jun 30 15:39 /etc/mysql/my.cnf

That's because _set_properties_from_conf function in kolla_set_configs script(copied from set_configs.py in kolla repo) passes argument to handle_permissions function, which that cannot handle. That means, the argument passed to handle_permissions

     def _set_properties_from_conf(self, path):
         handle_permissions({'owner': self.owner, 'path': path,
                             'perm': self.perm})

should be changed to like this;

     def _set_properties_from_conf(self, path):
         handle_permissions({'permissions: [{'owner': self.owner, 'path': path,
                             'perm': self.perm}]})

so that hande_permissions can handle permissions and ownerships of config_files.

See original description
Chulmin Kang (chamankang)
Changed in kolla:
assignee: nobody → Chulmin Kang (chamankang)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to kolla (master)

Fix proposed to branch: master
Review: https://review.openstack.org/479592

Changed in kolla:
status: New → In Progress
Chulmin Kang (chamankang)
description: updated
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to kolla (master)

Reviewed: https://review.openstack.org/479592
Committed: https://git.openstack.org/cgit/openstack/kolla/commit/?id=ea3d140cab23ce3016e3bea7d35e4f5fbb8611f6
Submitter: Jenkins
Branch: master

commit ea3d140cab23ce3016e3bea7d35e4f5fbb8611f6
Author: Chulmin Kang <email address hidden>
Date: Sun Jul 2 16:09:30 2017 +0900

    Fix argument to handle_permissions

    Fix the format of argument passed to handle_permissions function, so
    that handle_permissions can handle permissions and ownerships of
    config_files.

    Change-Id: Ic07975a16973df22cdaa6685fc326620812f8f65
    Closes-Bug: #1701876

Changed in kolla:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/kolla 5.0.0.0b3

This issue was fixed in the openstack/kolla 5.0.0.0b3 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.