Fuel for OpenStack

wrong permissions for /etc/ceph/client.radosgw.gateway

Bug #1607304 reported by Dmitry Burmistrov on 2016-07-28

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Fuel for OpenStack	Fix Committed	High	Dmitry Burmistrov	Fuel for OpenStack 10.0

Bug Description

Detailed bug description:
Here is current ceph config directory:
root@node-5:~# ls -l /etc/ceph/
total 32
-rw------- 1 root root 127 Jul 28 08:56 ceph.client.admin.keyring
-rw------- 1 cinder cinder 193 Jul 28 09:09 ceph.client.backups.keyring
-rw------- 1 root root 113 Jul 28 08:56 ceph.client.bootstrap-osd.keyring
-rw------- 1 glance glance 167 Jul 28 09:09 ceph.client.images.keyring
-rw------- 1 cinder cinder 191 Jul 28 09:09 ceph.client.volumes.keyring
-rw-r--r-- 1 root root 1186 Jul 28 09:05 ceph.conf
-rw------- 1 root root 120 Jul 28 09:05 client.radosgw.gateway
-rw------- 1 root root 92 May 21 01:41 rbdmap

"client.radosgw.gateway" is owned by root. so "systemctl restart <email address hidden>" fails with these errors:
root@node-5:~# fgrep 'Permission denied' /var/log/*
/var/log/daemon.log:<30>Jul 28 09:05:34 node-5 radosgw[15475]: 2016-07-28 09:05:34.178617 7f5a5d808a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/daemon.log:<30>Jul 28 09:05:34 node-5 radosgw[15582]: 2016-07-28 09:05:34.641089 7f693b096a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/daemon.log:<30>Jul 28 09:05:34 node-5 radosgw[15608]: 2016-07-28 09:05:34.991811 7ff7f5bf6a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/daemon.log:<30>Jul 28 09:05:35 node-5 radosgw[15702]: 2016-07-28 09:05:35.256925 7f002b8eaa00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/daemon.log:<30>Jul 28 09:05:35 node-5 radosgw[15732]: 2016-07-28 09:05:35.639048 7f8959727a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:34 node-5 radosgw: 2016-07-28 09:05:34.178617 7f5a5d808a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:34 node-5 radosgw: 2016-07-28 09:05:34.178628 7f5a5d808a00 0 librados: client.radosgw.gateway initialization error (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:34 node-5 radosgw: 2016-07-28 09:05:34.641089 7f693b096a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:34 node-5 radosgw: 2016-07-28 09:05:34.641111 7f693b096a00 0 librados: client.radosgw.gateway initialization error (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:34 node-5 radosgw: 2016-07-28 09:05:34.991811 7ff7f5bf6a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:34 node-5 radosgw: 2016-07-28 09:05:34.991823 7ff7f5bf6a00 0 librados: client.radosgw.gateway initialization error (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:35 node-5 radosgw: 2016-07-28 09:05:35.256925 7f002b8eaa00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:35 node-5 radosgw: 2016-07-28 09:05:35.257781 7f002b8eaa00 0 librados: client.radosgw.gateway initialization error (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:35 node-5 radosgw: 2016-07-28 09:05:35.639048 7f8959727a00 -1 auth: unable to find a keyring on /etc/ceph/client.radosgw.gateway: (13) Permission denied
/var/log/debug:<15>Jul 28 09:05:35 node-5 radosgw: 2016-07-28 09:05:35.639057 7f8959727a00 0 librados: client.radosgw.gateway initialization error (13) Permission denied

The proper owner and group are "ceph".

Operation system: Ubuntu 16.04
Package versions:
root@node-5:~# dpkg -l | grep ceph
ii ceph 10.2.0-0ubuntu0.16.04.2 amd64 distributed storage and file system
ii ceph-common 10.2.0-0ubuntu0.16.04.2 amd64 common utilities to mount and interact with a ceph storage cluster
ii libcephfs1 10.2.0-0ubuntu0.16.04.2 amd64 Ceph distributed file system client library
ii python-cephfs 10.2.0-0ubuntu0.16.04.2 amd64 Python libraries for the Ceph libcephfs library
root@node-5:~# dpkg -l | grep rados
ii librados2 10.2.0-0ubuntu0.16.04.2 amd64 RADOS distributed object store client library
ii libradosstriper1 10.2.0-0ubuntu0.16.04.2 amd64 RADOS striping interface
ii python-rados 10.2.0-0ubuntu0.16.04.2 amd64 Python libraries for the Ceph librados library
ii radosgw 10.2.0-0ubuntu0.16.04.2 amd64 REST gateway for RADOS distributed object store

Dmitry Burmistrov (dmburmistrov) on 2016-07-28

Changed in fuel:
assignee:	nobody → Dmitry Burmistrov (dmburmistrov)

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-07-28: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/348221

Changed in fuel:
status:	New → In Progress

Ivan Berezovskiy (iberezovskiy) on 2016-07-28

Changed in fuel:
milestone:	none → 10.0
importance:	Undecided → High

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-07-28: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/348221
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=8e2f824cbbd043217d617aeabe98ba50aafbd4b9
Submitter: Jenkins
Branch: master

commit 8e2f824cbbd043217d617aeabe98ba50aafbd4b9
Author: dmburmistrov <email address hidden>
Date: Thu Jul 28 13:30:16 2016 +0300

fix ownership for radosgw keyring

blueprint: mos-xenial

Closes-bug: #1607304

Change-Id: I0ad62b36293e70b5799f3c2dc39b4b2babd08813

Changed in fuel:
status:	In Progress → Fix Committed

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-07-29: Fix proposed to fuel-library (master)

Fix proposed to branch: master
Review: https://review.openstack.org/348931

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-08-01: Fix merged to fuel-library (master)

Reviewed: https://review.openstack.org/348931
Committed: https://git.openstack.org/cgit/openstack/fuel-library/commit/?id=822a55230c207ad9cb914905fc213f0fa4b6a698
Submitter: Jenkins
Branch: master

commit 822a55230c207ad9cb914905fc213f0fa4b6a698
Author: dmburmistrov <email address hidden>
Date: Fri Jul 29 18:32:37 2016 +0300

ensure ceph user/group

blueprint: mos-xenial

Closes-bug: #1607304
Closes-bug: #1607757

Change-Id: Ieb4879f33235d19d63ee11ad1491f79c56837152

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-10-14: Fix included in openstack/fuel-library 10.0.0rc1

This issue was fixed in the openstack/fuel-library 10.0.0rc1 release candidate.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2016-12-07: Fix included in openstack/fuel-library 10.0.0

This issue was fixed in the openstack/fuel-library 10.0.0 release.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.