From 4dab62bfff4bd6c85e2e26d2db6057e3d0e39ab1 Mon Sep 17 00:00:00 2001 From: Melissa Li Date: Wed, 24 Nov 2021 10:45:14 -0500 Subject: [PATCH] mgr/cephadm: support bootstrap with non-root ssh-user Sets tmp_path to /tmp and gives permissions to non-root ssh-user to fix "scp: permission denied" Fixes: https://tracker.ceph.com/issues/53335 Signed-off-by: Melissa Li --- src/pybind/mgr/cephadm/ssh.py | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/pybind/mgr/cephadm/ssh.py b/src/pybind/mgr/cephadm/ssh.py index 4c8574893ff..7c438e897ac 100644 --- a/src/pybind/mgr/cephadm/ssh.py +++ b/src/pybind/mgr/cephadm/ssh.py @@ -189,12 +189,17 @@ class SSHManager: try: dirname = os.path.dirname(path) await self._check_execute_command(host, ['mkdir', '-p', dirname], addr=addr) - tmp_path = path + '.new' + await self._check_execute_command(host, ['mkdir', '-p', '/tmp' + dirname], addr=addr) + tmp_path = '/tmp' + path + '.new' await self._check_execute_command(host, ['touch', tmp_path], addr=addr) if uid is not None and gid is not None and mode is not None: # shlex quote takes str or byte object, not int await self._check_execute_command(host, ['chown', '-R', str(uid) + ':' + str(gid), tmp_path], addr=addr) await self._check_execute_command(host, ['chmod', oct(mode)[2:], tmp_path], addr=addr) + elif self.mgr.ssh_user != 'root': + assert self.mgr.ssh_user + await self._check_execute_command(host, ['chown', '-R', self.mgr.ssh_user, tmp_path], addr=addr) + await self._check_execute_command(host, ['chmod', str(644), tmp_path], addr=addr) with NamedTemporaryFile(prefix='cephadm-write-remote-file-') as f: os.fchmod(f.fileno(), 0o600) f.write(content) -- 2.39.5