From: Max Carrara Date: Tue, 30 Apr 2024 15:40:27 +0000 (+0200) Subject: debian: recursively adjust permissions of /var/lib/ceph/crash X-Git-Tag: v18.2.5~505^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F58458%2Fhead;p=ceph.git debian: recursively adjust permissions of /var/lib/ceph/crash A rather recent PR made ceph-crash run as "ceph" user instead of root [0]. However, because /var/lib/ceph/crash/posted belongs to root, ceph-crash cannot actually post any crash logs now. This commit fixes this by recursively updating the permissions of '/var/lib/ceph/crash', which ensures that all files and directories used by 'ceph-crash.service' are actually owned by the user configured for Ceph. This also accounts for existing installations. Additionally, quote interpolated variables and use curly braces [1]. [0]: #48713 [1]: https://www.shellcheck.net/wiki/SC2086 Fixes: https://tracker.ceph.com/issues/64548 Signed-off-by: Max Carrara (cherry picked from commit 97a1ec4b521f05f924ff51767b9bfda825f717e9) --- diff --git a/debian/ceph-base.postinst b/debian/ceph-base.postinst index 75eeb59c6246..04d2ccc172a6 100644 --- a/debian/ceph-base.postinst +++ b/debian/ceph-base.postinst @@ -35,11 +35,13 @@ case "$1" in # adjust file and directory permissions for DIR in /var/lib/ceph/* ; do - if ! dpkg-statoverride --list $DIR >/dev/null + if ! dpkg-statoverride --list "${DIR}" >/dev/null then - chown $SERVER_USER:$SERVER_GROUP $DIR + chown "${SERVER_USER}:${SERVER_GROUP}" "${DIR}" fi done + + chown "${SERVER_USER}:${SERVER_GROUP}" -R /var/lib/ceph/crash/*; ;; abort-upgrade|abort-remove|abort-deconfigure) :