From 6fc96426d0d61aad7480b65ef37e8be1b0f8e7a7 Mon Sep 17 00:00:00 2001
From: Max Carrara <m.carrara@proxmox.com>
Date: Tue, 30 Apr 2024 17:40:27 +0200
Subject: [PATCH] debian: recursively adjust permissions of /var/lib/ceph/crash

A rather recent PR made ceph-crash run as "ceph" user instead of
root [0]. However, because /var/lib/ceph/crash/posted belongs to root,
ceph-crash cannot actually post any crash logs now.

This commit fixes this by recursively updating the permissions of
'/var/lib/ceph/crash', which ensures that all files and directories
used by 'ceph-crash.service' are actually owned by the user configured
for Ceph. This also accounts for existing installations.

Additionally, quote interpolated variables and use curly braces [1].

[0]: #48713
[1]: https://www.shellcheck.net/wiki/SC2086

Fixes: https://tracker.ceph.com/issues/64548
Signed-off-by: Max Carrara <m.carrara@proxmox.com>
(cherry picked from commit 97a1ec4b521f05f924ff51767b9bfda825f717e9)
---
 debian/ceph-base.postinst | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/debian/ceph-base.postinst b/debian/ceph-base.postinst
index 75eeb59c624..04d2ccc172a 100644
--- a/debian/ceph-base.postinst
+++ b/debian/ceph-base.postinst
@@ -35,11 +35,13 @@ case "$1" in
 
         # adjust file and directory permissions
 	for DIR in /var/lib/ceph/* ; do
-	    if ! dpkg-statoverride --list $DIR >/dev/null
+	    if ! dpkg-statoverride --list "${DIR}" >/dev/null
 	    then
-		chown $SERVER_USER:$SERVER_GROUP $DIR
+		chown "${SERVER_USER}:${SERVER_GROUP}" "${DIR}"
 	    fi
 	done
+
+	chown "${SERVER_USER}:${SERVER_GROUP}" -R /var/lib/ceph/crash/*;
     ;;
     abort-upgrade|abort-remove|abort-deconfigure)
 	:
-- 
2.39.5