From 929c1dd7215d09aad87752fa3406d83ccf8e30c7 Mon Sep 17 00:00:00 2001 From: Casey Bodley Date: Mon, 20 Apr 2020 10:50:00 -0400 Subject: [PATCH] qa/rgw: allow 'ceph' user to read vault token Signed-off-by: Casey Bodley (cherry picked from commit 58a773b59c2f563caa02ff913d6d00f009f62730) --- qa/tasks/rgw.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/qa/tasks/rgw.py b/qa/tasks/rgw.py index df900d2c4505b..2d99d9962f1cf 100644 --- a/qa/tasks/rgw.py +++ b/qa/tasks/rgw.py @@ -132,10 +132,11 @@ def start_rgw(ctx, config, clients): raise ConfigError('vault: no "root_token" specified') # create token on file ctx.cluster.only(client).run(args=['echo', '-n', ctx.vault.root_token, run.Raw('>'), token_path]) - log.info("Restrict access to token file") - ctx.cluster.only(client).run(args=['chmod', '600', token_path]) log.info("Token file content") ctx.cluster.only(client).run(args=['cat', token_path]) + log.info("Restrict access to token file") + ctx.cluster.only(client).run(args=['chmod', '600', token_path]) + ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path]) rgw_cmd.extend([ '--rgw_crypt_vault_addr', "{}:{}".format(*ctx.vault.endpoints[vault_role]), -- 2.39.5