From: Nathan Cutler Date: Tue, 1 Sep 2020 18:38:47 +0000 (+0200) Subject: rpm,deb: drop /etc/sudoers.d/cephadm X-Git-Tag: v15.2.9~122^2~61^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F37401%2Fhead;p=ceph.git rpm,deb: drop /etc/sudoers.d/cephadm Current behavior (without this patch) is: 1. cephadm package installs cephadm at /usr/sbin/cephadm 2. cephadm package installs /etc/sudoers.d/cephadm 3. !!! BUT this file refers to a non-existent executable (/usr/bin/cephadm) !!! 4. the PR that introduced this sudoers file (and this discrepancy) was merged in 2019 5. nobody noticed the discrepancy until now My conclusion: the file /etc/sudoers.d/cephadm is not needed for cephadm to work. Fixes: https://tracker.ceph.com/issues/47112 Signed-off-by: Nathan Cutler (cherry picked from commit c1783d3d8f6fd25817b78ea6f76335347aceb566) Conflicts: debian/rules - octopus does not mention "rbd-nbd_quiesce" --- diff --git a/ceph.spec.in b/ceph.spec.in index 04122c997266..46926014c54e 100644 --- a/ceph.spec.in +++ b/ceph.spec.in @@ -1302,7 +1302,6 @@ install -m 0644 -D udev/50-rbd.rules %{buildroot}%{_udevrulesdir}/50-rbd.rules # sudoers.d install -m 0600 -D sudoers.d/ceph-osd-smartctl %{buildroot}%{_sysconfdir}/sudoers.d/ceph-osd-smartctl -install -m 0600 -D sudoers.d/cephadm %{buildroot}%{_sysconfdir}/sudoers.d/cephadm %if 0%{?rhel} >= 8 pathfix.py -pni "%{__python3} %{py3_shbang_opts}" %{buildroot}%{_bindir}/* @@ -1459,7 +1458,6 @@ exit 0 %files -n cephadm %{_sbindir}/cephadm %{_mandir}/man8/cephadm.8* -%{_sysconfdir}/sudoers.d/cephadm %attr(0700,cephadm,cephadm) %dir %{_sharedstatedir}/cephadm %attr(0700,cephadm,cephadm) %dir %{_sharedstatedir}/cephadm/.ssh %attr(0600,cephadm,cephadm) %{_sharedstatedir}/cephadm/.ssh/authorized_keys diff --git a/debian/cephadm.install b/debian/cephadm.install index 49d6cc34de88..f30ed9c5f5ad 100644 --- a/debian/cephadm.install +++ b/debian/cephadm.install @@ -1,3 +1,2 @@ usr/sbin/cephadm usr/share/man/man8/cephadm.8 -etc/sudoers.d/cephadm diff --git a/debian/rules b/debian/rules index 8f2e9afa43d6..dc32da3081e2 100755 --- a/debian/rules +++ b/debian/rules @@ -62,7 +62,6 @@ override_dh_auto_install: install -D -m 644 src/etc-rbdmap $(DESTDIR)/etc/ceph/rbdmap install -D -m 644 etc/sysctl/90-ceph-osd.conf $(DESTDIR)/etc/sysctl.d/30-ceph-osd.conf install -D -m 600 sudoers.d/ceph-osd-smartctl $(DESTDIR)/etc/sudoers.d/ceph-osd-smartctl - install -D -m 600 sudoers.d/cephadm $(DESTDIR)/etc/sudoers.d/cephadm install -m 755 src/cephadm/cephadm $(DESTDIR)/usr/sbin/cephadm diff --git a/sudoers.d/cephadm b/sudoers.d/cephadm deleted file mode 100644 index 4063b3ec15b9..000000000000 --- a/sudoers.d/cephadm +++ /dev/null @@ -1,7 +0,0 @@ -# allow cephadm user to sudo cephadm -cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * ls -cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * unit * -cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * shell * -cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * deploy * -cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * ceph-volume * -cephadm ALL=NOPASSWD: /usr/bin/cephadm --image * rm-daemon *