From: Karol Mroz <kmroz@suse.com>
Date: Sat, 23 Apr 2016 11:40:08 +0000 (+0200)
Subject: common-init: chown admin socket after service thread started
X-Git-Tag: v11.0.0~829^2~4
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=206585c1d0fc6826c91f7830cde8ded86288abef;p=ceph.git

common-init: chown admin socket after service thread started

Signed-off-by: Karol Mroz <kmroz@suse.com>
---

diff --git a/src/common/common_init.cc b/src/common/common_init.cc
index b1f71655756..9f7ec20e401 100644
--- a/src/common/common_init.cc
+++ b/src/common/common_init.cc
@@ -12,6 +12,7 @@
  *
  */
 
+#include "common/admin_socket.h"
 #include "common/ceph_argparse.h"
 #include "common/ceph_context.h"
 #include "common/ceph_crypto.h"
@@ -123,6 +124,16 @@ void common_init_finish(CephContext *cct)
 {
   cct->init_crypto();
 
-  if (!(cct->get_init_flags() & CINIT_FLAG_NO_DAEMON_ACTIONS))
+  int flags = cct->get_init_flags();
+  if (!(flags & CINIT_FLAG_NO_DAEMON_ACTIONS))
     cct->start_service_thread();
+
+  if ((flags & CINIT_FLAG_DEFER_DROP_PRIVILEGES) &&
+      (cct->get_set_uid() || cct->get_set_gid())) {
+    // FIXME: Changing ownership of a socket file via the fd does not work as
+    //        expected. The socket file is listed as owned by the same
+    //        'user:group' which the daemon that created the socket had during
+    //        open().
+    cct->get_admin_socket()->chown(cct->get_set_uid(), cct->get_set_gid());
+  }
 }
diff --git a/src/global/global_init.cc b/src/global/global_init.cc
index f91a2d1d0ad..34c12d80ebc 100644
--- a/src/global/global_init.cc
+++ b/src/global/global_init.cc
@@ -297,9 +297,6 @@ void global_init(std::vector < const char * > *alt_def_args,
       g_ceph_context->_log->chown_log_file(
 	g_ceph_context->get_set_uid(),
 	g_ceph_context->get_set_gid());
-      g_ceph_context->get_admin_socket()->chown(
-	g_ceph_context->get_set_uid(),
-	g_ceph_context->get_set_gid());
     }
   }