diff options
| author | Kotresh HR <khiremat@redhat.com> | 2018-11-20 12:36:55 +0530 |
|---|---|---|
| committer | Shyamsundar Ranganathan <srangana@redhat.com> | 2018-11-29 15:35:41 +0000 |
| commit | 426e128b98f84d185a7d53ec36b9ad12a7facc40 (patch) | |
| tree | fed8397a8bb87632b17d1a242a82a61c5dba36f6 | |
| parent | 65264180a386c7f10af5756175fdd8e096a7b115 (diff) | |
geo-rep: Fix permissions with non-root setup
Problem:
In non-root fail-over/fail-back(FO/FB), when slave is
promoted as master, the session goes to 'Faulty'
Cause:
The command 'gluster-mountbroker <mountbroker-root> <group>'
is run as a pre-requisite on slave in non-root setup.
It modifies the permission and group of following required
directories and files recursively
[1] /var/lib/glusterd/geo-replication
[2] /var/log/glusterfs/geo-replication-slaves
In a normal setup, this is executed on slave node and hence
doing it recursively is not an issue on [1]. But when original
master becomes slave in non-root during FO/FB, it contains
ssh public keys and modifying permissions on them causes
geo-rep to fail with incorrect permissions.
Fix:
Don't do permission change recursively. Fix permissions for
required files.
Backport of:
> Patch: https://review.gluster.org/#/c/glusterfs/+/21689/
> BUG: bz#1651498
> Change-Id: I68a744644842e3b00abc26c95c06f123aa78361d
> Signed-off-by: Kotresh HR <khiremat@redhat.com>
(cherry picked from commit b2776b1ec1ad845ba568c4439bca3b57cc4d2592)
fixes: bz#1654117
Change-Id: I68a744644842e3b00abc26c95c06f123aa78361d
Signed-off-by: Kotresh HR <khiremat@redhat.com>
| -rw-r--r-- | geo-replication/src/peer_mountbroker.py.in | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/geo-replication/src/peer_mountbroker.py.in b/geo-replication/src/peer_mountbroker.py.in index 77b938646e8..54f95c4b38d 100644 --- a/geo-replication/src/peer_mountbroker.py.in +++ b/geo-replication/src/peer_mountbroker.py.in @@ -11,6 +11,7 @@ from gluster.cliutils import (execute, Cmd, node_output_ok, from prettytable import PrettyTable LOG_DIR = "@localstatedir@/log/glusterfs/geo-replication-slaves" +CLI_LOG = "@localstatedir@/log/glusterfs/cli.log" GEOREP_DIR = "@GLUSTERD_WORKDIR@/geo-replication" GLUSTERD_VOLFILE = "@GLUSTERD_VOLFILE@" @@ -145,7 +146,7 @@ class NodeSetup(Cmd): # chgrp -R <grp> /var/log/glusterfs/geo-replication-slaves # chgrp -R <grp> /var/lib/glusterd/geo-replication # chmod -R 770 /var/log/glusterfs/geo-replication-slaves - # chmod -R 770 /var/lib/glusterd/geo-replication + # chmod 770 /var/lib/glusterd/geo-replication # mkdir -p <mnt_root> # chmod 0711 <mnt_root> # If selinux, @@ -195,8 +196,13 @@ class NodeSetup(Cmd): execute(["chgrp", "-R", args.group, GEOREP_DIR]) execute(["chgrp", "-R", args.group, LOG_DIR]) - execute(["chmod", "-R", "770", GEOREP_DIR]) - execute(["chmod", "-R", "770", args.group, LOG_DIR]) + execute(["chgrp", args.group, CLI_LOG]) + execute(["chmod", "770", args.group, GEOREP_DIR]) + execute(["find", LOG_DIR, "-type", "d", "-exec", "chmod", "770", "{}", + "+"]) + execute(["find", LOG_DIR, "-type", "f", "-exec", "chmod", "660", "{}", + "+"]) + execute(["chmod", "660", CLI_LOG]) m.set_mount_root_and_group(args.mount_root, args.group) m.save() |