From: Casey Bodley <cbodley@redhat.com>
Date: Mon, 20 Apr 2020 14:50:00 +0000 (-0400)
Subject: qa/rgw: allow 'ceph' user to read vault token
X-Git-Tag: v16.1.0~2541^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F34613%2Fhead;p=ceph.git

qa/rgw: allow 'ceph' user to read vault token

Signed-off-by: Casey Bodley <cbodley@redhat.com>
---

diff --git a/qa/tasks/rgw.py b/qa/tasks/rgw.py
index 199aa63f811..70bc9f88cfa 100644
--- a/qa/tasks/rgw.py
+++ b/qa/tasks/rgw.py
@@ -132,10 +132,11 @@ def start_rgw(ctx, config, clients):
                 raise ConfigError('vault: no "root_token" specified')
             # create token on file
             ctx.cluster.only(client).run(args=['echo', '-n', ctx.vault.root_token, run.Raw('>'), token_path])
-            log.info("Restrict access to token file")
-            ctx.cluster.only(client).run(args=['chmod', '600', token_path])
             log.info("Token file content")
             ctx.cluster.only(client).run(args=['cat', token_path])
+            log.info("Restrict access to token file")
+            ctx.cluster.only(client).run(args=['chmod', '600', token_path])
+            ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path])
 
             rgw_cmd.extend([
                 '--rgw_crypt_vault_addr', "{}:{}".format(*ctx.vault.endpoints[vault_role]),