Set keys owner to ceph user if exists.

Also fix directory access rigths.

Signed-off-by: Milan Broz <mbroz@redhat.com>

diff --git a/src/ceph-create-keys b/src/ceph-create-keys
index 57eaf1744c1a64c1506ddfc61673372c4cab7ad9..1ccd98f9b91c887546c78b000375d6ed18c51998 100755 (executable)
--- a/src/ceph-create-keys
+++ b/src/ceph-create-keys
@@ -7,12 +7,28 @@ import os
 import subprocess
 import sys
 import time
+import pwd
+import grp
 
 
 LOG = logging.getLogger(os.path.basename(sys.argv[0]))
 
 QUORUM_STATES = ['leader', 'peon']
 
+def get_ceph_uid():
+    try:
+        uid = pwd.getpwnam('ceph').pw_uid
+    except:
+        uid = -1
+    return uid
+
+def get_ceph_gid():
+    try:
+        gid = grp.getgrnam('ceph').gr_gid
+    except:
+        gid = -1
+    return gid
+
 def wait_for_quorum(cluster, mon_id):
     while True:
         p = subprocess.Popen(
@@ -68,10 +84,13 @@ def get_key(cluster, mon_id):
     pathdir = os.path.dirname(path)
     if not os.path.exists(pathdir):
         os.makedirs(pathdir)
+        os.chmod(pathdir, 0770)
+        os.chown(pathdir, get_ceph_uid(), get_ceph_gid())
     while True:
         try:
             with file(tmp, 'w') as f:
                 os.fchmod(f.fileno(), 0600)
+                os.fchown(f.fileno(), get_ceph_uid(), get_ceph_gid())
                 LOG.info('Talking to monitor...')
                 returncode = subprocess.call(
                     args=[
@@ -137,11 +156,14 @@ def bootstrap_key(cluster, type_):
     pathdir = os.path.dirname(path)
     if not os.path.exists(pathdir):
         os.makedirs(pathdir)
+        os.chmod(pathdir, 0770)
+        os.chown(pathdir, get_ceph_uid(), get_ceph_gid())
 
     while True:
         try:
             with file(tmp, 'w') as f:
                 os.fchmod(f.fileno(), 0600)
+                os.fchown(f.fileno(), get_ceph_uid(), get_ceph_gid())
                 LOG.info('Talking to monitor...')
                 returncode = subprocess.call(
                     args=args,