common-init: chown admin socket after service thread started

Signed-off-by: Karol Mroz <kmroz@suse.com>

diff --git a/src/common/common_init.cc b/src/common/common_init.cc
index b1f716557564d274a7a7735cc5777d19b05cdaaf..9f7ec20e4010326bfbea9abc3b59f07e050a8547 100644 (file)
--- a/src/common/common_init.cc
+++ b/src/common/common_init.cc
@@ -12,6 +12,7 @@
  *
  */
 
+#include "common/admin_socket.h"
 #include "common/ceph_argparse.h"
 #include "common/ceph_context.h"
 #include "common/ceph_crypto.h"
@@ -123,6 +124,16 @@ void common_init_finish(CephContext *cct)
 {
   cct->init_crypto();
 
-  if (!(cct->get_init_flags() & CINIT_FLAG_NO_DAEMON_ACTIONS))
+  int flags = cct->get_init_flags();
+  if (!(flags & CINIT_FLAG_NO_DAEMON_ACTIONS))
     cct->start_service_thread();
+
+  if ((flags & CINIT_FLAG_DEFER_DROP_PRIVILEGES) &&
+      (cct->get_set_uid() || cct->get_set_gid())) {
+    // FIXME: Changing ownership of a socket file via the fd does not work as
+    //        expected. The socket file is listed as owned by the same
+    //        'user:group' which the daemon that created the socket had during
+    //        open().
+    cct->get_admin_socket()->chown(cct->get_set_uid(), cct->get_set_gid());
+  }
 }

diff --git a/src/global/global_init.cc b/src/global/global_init.cc
index f91a2d1d0adb4e9abc4880642c25ee935cb598a0..34c12d80ebc5a406e5d284b3b51a9a2068d8e6c2 100644 (file)
--- a/src/global/global_init.cc
+++ b/src/global/global_init.cc
@@ -297,9 +297,6 @@ void global_init(std::vector < const char * > *alt_def_args,
       g_ceph_context->_log->chown_log_file(
        g_ceph_context->get_set_uid(),
        g_ceph_context->get_set_gid());
-      g_ceph_context->get_admin_socket()->chown(
-       g_ceph_context->get_set_uid(),
-       g_ceph_context->get_set_gid());
     }
   }