Sandro Bonazzola has uploaded a new change for review. Change subject: packaging: setup: fix local state dirs ownership ......................................................................
packaging: setup: fix local state dirs ownership - clean up /var/tmp/ovirt-engine - chown -Rh ovirt:ovirt /var/lib/ovirt-engine/deployments Previous versions mixed root/ovirt ownership in thosw directories Change-Id: I180fa0b1c3ded975c052405126819d91524a829f Signed-off-by: Sandro Bonazzola <[email protected]> --- M packaging/setup/ovirt_engine_setup/constants.py M packaging/setup/plugins/ovirt-engine-common/system/environment.py M packaging/setup/plugins/ovirt-engine-setup/system/__init__.py A packaging/setup/plugins/ovirt-engine-setup/system/localstate.py 4 files changed, 92 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/17/15117/1 diff --git a/packaging/setup/ovirt_engine_setup/constants.py b/packaging/setup/ovirt_engine_setup/constants.py index 80e72b3..c1bb429 100644 --- a/packaging/setup/ovirt_engine_setup/constants.py +++ b/packaging/setup/ovirt_engine_setup/constants.py @@ -278,6 +278,17 @@ OVIRT_ENGINE_SYSCONFDIR, 'uninstall.d' ) + OVIRT_ENGINE_DEPLOYMENTS_DIR = os.path.join( + LOCALSTATEDIR, + 'lib', + 'ovirt-engine', + 'deployments', + ) + OVIRT_ENGINE_TMP_DIR = os.path.join( + LOCALSTATEDIR, + 'tmp', + 'ovirt-engine', + ) ISO_DOMAIN_DEFAULT_NFS_MOUNT_POINT = os.path.join( LOCALSTATEDIR, @@ -361,6 +372,7 @@ DEFAULT_SYSTEM_USER_APACHE = 'apache' DEFAULT_SYSTEM_USER_VDSM = 'vdsm' DEFAULT_SYSTEM_GROUP_KVM = 'kvm' + DEFAULT_SYSTEM_GROUP_ENGINE = 'ovirt' DEFAULT_SYSTEM_USER_POSTGRES = 'postgres' DEFAULT_SYSTEM_SHMMAX = 35554432 @@ -633,6 +645,7 @@ USER_APACHE = 'OVESETUP_SYSTEM/userApache' USER_VDSM = 'OVESETUP_SYSTEM/userVdsm' GROUP_KVM = 'OVESETUP_SYSTEM/groupKvm' + GROUP_ENGINE = 'OVESETUP_SYSTEM/groupEngine' USER_POSTGRES = 'OVESETUP_SYSTEM/userPostgres' SHMMAX = 'OVESETUP_SYSTEM/shmmax' diff --git a/packaging/setup/plugins/ovirt-engine-common/system/environment.py b/packaging/setup/plugins/ovirt-engine-common/system/environment.py index 7dfdd06..21c2068 100644 --- a/packaging/setup/plugins/ovirt-engine-common/system/environment.py +++ b/packaging/setup/plugins/ovirt-engine-common/system/environment.py @@ -45,10 +45,12 @@ def _init(self): if self.environment[osetupcons.CoreEnv.DEVELOPER_MODE]: rootUser = engineUser = apacheUser = pwd.getpwuid(os.geteuid())[0] + engineGroup = pwd.getpwuid(os.geteuid())[4] else: rootUser = osetupcons.Defaults.DEFAULT_SYSTEM_USER_ROOT engineUser = osetupcons.Defaults.DEFAULT_SYSTEM_USER_ENGINE apacheUser = osetupcons.Defaults.DEFAULT_SYSTEM_USER_APACHE + engineGroup = osetupcons.Defaults.DEFAULT_SYSTEM_GROUP_ENGINE self.environment.setdefault( osetupcons.SystemEnv.USER_ROOT, @@ -71,6 +73,10 @@ osetupcons.Defaults.DEFAULT_SYSTEM_GROUP_KVM ) self.environment.setdefault( + osetupcons.SystemEnv.GROUP_ENGINE, + engineGroup + ) + self.environment.setdefault( osetupcons.SystemEnv.USER_POSTGRES, osetupcons.Defaults.DEFAULT_SYSTEM_USER_POSTGRES ) diff --git a/packaging/setup/plugins/ovirt-engine-setup/system/__init__.py b/packaging/setup/plugins/ovirt-engine-setup/system/__init__.py index 0337708..0d9928f 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/system/__init__.py +++ b/packaging/setup/plugins/ovirt-engine-setup/system/__init__.py @@ -27,6 +27,7 @@ from . import nfs from . import exportfs from . import selinux +from . import localstate @util.export @@ -36,6 +37,7 @@ nfs.Plugin(context=context) exportfs.Plugin(context=context) selinux.Plugin(context=context) + localstate.Plugin(context=context) # vim: expandtab tabstop=4 shiftwidth=4 diff --git a/packaging/setup/plugins/ovirt-engine-setup/system/localstate.py b/packaging/setup/plugins/ovirt-engine-setup/system/localstate.py new file mode 100644 index 0000000..2677b6c --- /dev/null +++ b/packaging/setup/plugins/ovirt-engine-setup/system/localstate.py @@ -0,0 +1,71 @@ +# +# ovirt-engine-setup -- ovirt engine setup +# Copyright (C) 2013 Red Hat, Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + + +""" +Local state directory upgrade cleanups plugin +""" + +import os +import shutil +import gettext +_ = lambda m: gettext.dgettext(message=m, domain='ovirt-engine-setup') + + +from otopi import util +from otopi import plugin + + +from ovirt_engine_setup import constants as osetupcons +from ovirt_engine_setup import util as osetuputil + + [email protected] +class Plugin(plugin.PluginBase): + """ + Local state directory upgrade cleanups plugin. + Previous versions mixed root/ovirt ownership in local state directories + """ + + def __init__(self, context): + super(Plugin, self).__init__(context=context) + self._enabled = True + + @plugin.event( + stage=plugin.Stages.STAGE_MISC, + ) + def _misc(self): + if os.path.exists(osetupcons.FileLocations.OVIRT_ENGINE_TMP_DIR): + shutil.rmtree(osetupcons.FileLocations.OVIRT_ENGINE_TMP_DIR) + uid = osetuputil.getUid( + self.environment[osetupcons.SystemEnv.USER_ENGINE] + ) + gid = osetuputil.getUid( + self.environment[osetupcons.SystemEnv.GROUP_ENGINE] + ) + for root, dirs, files in os.walk( + top=osetupcons.FileLocations.OVIRT_ENGINE_DEPLOYMENTS_DIR, + followlinks=False, + ): + os.chown(root, uid, gid) + for name in dirs: + os.chown(os.path.join(root, name), uid, gid) + for name in files: + os.chown(os.path.join(root, name), uid, gid) + + +# vim: expandtab tabstop=4 shiftwidth=4 -- To view, visit http://gerrit.ovirt.org/15117 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I180fa0b1c3ded975c052405126819d91524a829f Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Sandro Bonazzola <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
