rpm,deb: drop /etc/sudoers.d/cephadm

Current behavior (without this patch) is:

1. cephadm package installs cephadm at /usr/sbin/cephadm
2. cephadm package installs /etc/sudoers.d/cephadm
3. !!! BUT this file refers to a non-existent executable (/usr/bin/cephadm) !!!
4. the PR that introduced this sudoers file (and this discrepancy) was merged in 2019
5. nobody noticed the discrepancy until now

My conclusion: the file /etc/sudoers.d/cephadm is not needed for cephadm to
work.

Fixes: https://tracker.ceph.com/issues/47112
Signed-off-by: Nathan Cutler <ncutler@suse.com>

diff --git a/ceph.spec.in b/ceph.spec.in
index 736b098b29e82ed8033a8e2f96ff11b5e76f05d4..30ed4027ef6a3195c4ced58ecbd24ecc4f03c14b 100644 (file)
--- a/ceph.spec.in
+++ b/ceph.spec.in
@@ -1256,7 +1256,6 @@ install -m 0644 -D udev/50-rbd.rules %{buildroot}%{_udevrulesdir}/50-rbd.rules
 
 # sudoers.d
 install -m 0600 -D sudoers.d/ceph-osd-smartctl %{buildroot}%{_sysconfdir}/sudoers.d/ceph-osd-smartctl
-install -m 0600 -D sudoers.d/cephadm %{buildroot}%{_sysconfdir}/sudoers.d/cephadm
 
 %if 0%{?rhel} >= 8
 pathfix.py -pni "%{__python3} %{py3_shbang_opts}" %{buildroot}%{_bindir}/*
@@ -1413,7 +1412,6 @@ exit 0
 %files -n cephadm
 %{_sbindir}/cephadm
 %{_mandir}/man8/cephadm.8*
-%{_sysconfdir}/sudoers.d/cephadm
 %attr(0700,cephadm,cephadm) %dir %{_sharedstatedir}/cephadm
 %attr(0700,cephadm,cephadm) %dir %{_sharedstatedir}/cephadm/.ssh
 %attr(0600,cephadm,cephadm) %{_sharedstatedir}/cephadm/.ssh/authorized_keys

diff --git a/debian/cephadm.install b/debian/cephadm.install
index 49d6cc34de8895e5d2b6df826565d0ad5750102c..f30ed9c5f5ad0904f0b3a1cf3ea0712854f4b17c 100644 (file)
--- a/debian/cephadm.install
+++ b/debian/cephadm.install
@@ -1,3 +1,2 @@
 usr/sbin/cephadm
 usr/share/man/man8/cephadm.8
-etc/sudoers.d/cephadm

diff --git a/debian/rules b/debian/rules
index fbddbd1fbb9ba930f1b458b7986d7ea619cc9283..a0196ae7c1c8ebb49cea31aa0d205d0e1ef8d86a 100755 (executable)
--- a/debian/rules
+++ b/debian/rules
@@ -62,7 +62,6 @@ override_dh_auto_install:
        install -D -m 644 src/etc-rbdmap $(DESTDIR)/etc/ceph/rbdmap
        install -D -m 644 etc/sysctl/90-ceph-osd.conf $(DESTDIR)/etc/sysctl.d/30-ceph-osd.conf
        install -D -m 600 sudoers.d/ceph-osd-smartctl $(DESTDIR)/etc/sudoers.d/ceph-osd-smartctl
-       install -D -m 600 sudoers.d/cephadm $(DESTDIR)/etc/sudoers.d/cephadm
        install -D -m 755 src/tools/rbd_nbd/rbd-nbd_quiesce $(DESTDIR)/usr/libexec/rbd-nbd/rbd-nbd_quiesce
 
        install -m 755 src/cephadm/cephadm $(DESTDIR)/usr/sbin/cephadm

diff --git a/sudoers.d/cephadm b/sudoers.d/cephadm
deleted file mode 100644 (file)
index 4063b3e..0000000
--- a/sudoers.d/cephadm
+++ /dev/null
@@ -1,7 +0,0 @@
-# allow cephadm user to sudo cephadm
-cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * ls
-cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * unit *
-cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * shell *
-cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * deploy *
-cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * ceph-volume *
-cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * rm-daemon *