Revision fe05a931
b/UPGRADE | ||
---|---|---|
47 | 47 |
(``cfgupgrade`` supports a number of parameters, run it with |
48 | 48 |
``--help`` for more information) |
49 | 49 |
|
50 |
#. Upgrade the directory permissions on all nodes:: |
|
51 |
|
|
52 |
$ /usr/lib/ganeti/ensure-dirs --full-run |
|
53 |
|
|
50 | 54 |
#. Restart daemons on all nodes:: |
51 | 55 |
|
52 | 56 |
$ /etc/init.d/ganeti restart |
b/lib/backend.py | ||
---|---|---|
2962 | 2962 |
|
2963 | 2963 |
# Write and replace the file atomically |
2964 | 2964 |
utils.WriteFile(file_name, data=_Decompress(content), uid=getents.masterd_uid, |
2965 |
gid=getents.masterd_gid)
|
|
2965 |
gid=getents.daemons_gid, mode=constants.JOB_QUEUE_FILES_PERMS)
|
|
2966 | 2966 |
|
2967 | 2967 |
|
2968 | 2968 |
def JobQueueRename(old, new): |
... | ... | |
2986 | 2986 |
|
2987 | 2987 |
getents = runtime.GetEnts() |
2988 | 2988 |
|
2989 |
utils.RenameFile(old, new, mkdir=True, mkdir_mode=0700,
|
|
2990 |
dir_uid=getents.masterd_uid, dir_gid=getents.masterd_gid)
|
|
2989 |
utils.RenameFile(old, new, mkdir=True, mkdir_mode=0750,
|
|
2990 |
dir_uid=getents.masterd_uid, dir_gid=getents.daemons_gid)
|
|
2991 | 2991 |
|
2992 | 2992 |
|
2993 | 2993 |
def BlockdevClose(instance_name, disks): |
b/lib/constants.py | ||
---|---|---|
1677 | 1677 |
# Job queue |
1678 | 1678 |
JOB_QUEUE_VERSION = 1 |
1679 | 1679 |
JOB_QUEUE_SIZE_HARD_LIMIT = 5000 |
1680 |
JOB_QUEUE_FILES_PERMS = 0640 |
|
1680 | 1681 |
|
1681 | 1682 |
JOB_ID_TEMPLATE = r"\d+" |
1682 | 1683 |
JOB_FILE_RE = re.compile(r"^job-(%s)$" % JOB_ID_TEMPLATE) |
b/lib/jqueue.py | ||
---|---|---|
1885 | 1885 |
""" |
1886 | 1886 |
getents = runtime.GetEnts() |
1887 | 1887 |
utils.WriteFile(file_name, data=data, uid=getents.masterd_uid, |
1888 |
gid=getents.masterd_gid) |
|
1888 |
gid=getents.daemons_gid, |
|
1889 |
mode=constants.JOB_QUEUE_FILES_PERMS) |
|
1889 | 1890 |
|
1890 | 1891 |
if replicate: |
1891 | 1892 |
names, addrs = self._GetNodeIp() |
b/lib/jstore.py | ||
---|---|---|
111 | 111 |
if version is None: |
112 | 112 |
# Write new version file |
113 | 113 |
utils.WriteFile(pathutils.JOB_QUEUE_VERSION_FILE, |
114 |
uid=getents.masterd_uid, gid=getents.masterd_gid, |
|
114 |
uid=getents.masterd_uid, gid=getents.daemons_gid, |
|
115 |
mode=constants.JOB_QUEUE_FILES_PERMS, |
|
115 | 116 |
data="%s\n" % constants.JOB_QUEUE_VERSION) |
116 | 117 |
|
117 | 118 |
# Read again |
... | ... | |
125 | 126 |
if serial is None: |
126 | 127 |
# Write new serial file |
127 | 128 |
utils.WriteFile(pathutils.JOB_QUEUE_SERIAL_FILE, |
128 |
uid=getents.masterd_uid, gid=getents.masterd_gid, |
|
129 |
uid=getents.masterd_uid, gid=getents.daemons_gid, |
|
130 |
mode=constants.JOB_QUEUE_FILES_PERMS, |
|
129 | 131 |
data="%s\n" % 0) |
130 | 132 |
|
131 | 133 |
# Read again |
... | ... | |
174 | 176 |
|
175 | 177 |
if drain_flag: |
176 | 178 |
utils.WriteFile(pathutils.JOB_QUEUE_DRAIN_FILE, data="", |
177 |
uid=getents.masterd_uid, gid=getents.masterd_gid) |
|
179 |
uid=getents.masterd_uid, gid=getents.daemons_gid, |
|
180 |
mode=constants.JOB_QUEUE_FILES_PERMS) |
|
178 | 181 |
else: |
179 | 182 |
utils.RemoveFile(pathutils.JOB_QUEUE_DRAIN_FILE) |
180 | 183 |
|
b/lib/tools/ensure_dirs.py | ||
---|---|---|
159 | 159 |
getent.noded_uid, getent.noded_gid, False)) |
160 | 160 |
|
161 | 161 |
paths.extend([ |
162 |
(pathutils.QUEUE_DIR, DIR, 0700, getent.masterd_uid, getent.masterd_gid),
|
|
163 |
(pathutils.QUEUE_DIR, QUEUE_DIR, 0600,
|
|
164 |
getent.masterd_uid, getent.masterd_gid),
|
|
162 |
(pathutils.QUEUE_DIR, DIR, 0750, getent.masterd_uid, getent.daemons_gid),
|
|
163 |
(pathutils.QUEUE_DIR, QUEUE_DIR, constants.JOB_QUEUE_FILES_PERMS,
|
|
164 |
getent.masterd_uid, getent.daemons_gid),
|
|
165 | 165 |
(pathutils.JOB_QUEUE_DRAIN_FILE, FILE, 0644, |
166 |
getent.masterd_uid, getent.masterd_gid, False),
|
|
167 |
(pathutils.JOB_QUEUE_LOCK_FILE, FILE, 0600,
|
|
168 |
getent.masterd_uid, getent.masterd_gid, False),
|
|
169 |
(pathutils.JOB_QUEUE_SERIAL_FILE, FILE, 0600,
|
|
170 |
getent.masterd_uid, getent.masterd_gid, False),
|
|
171 |
(pathutils.JOB_QUEUE_VERSION_FILE, FILE, 0600,
|
|
172 |
getent.masterd_uid, getent.masterd_gid, False),
|
|
173 |
(pathutils.JOB_QUEUE_ARCHIVE_DIR, DIR, 0700,
|
|
174 |
getent.masterd_uid, getent.masterd_gid),
|
|
166 |
getent.masterd_uid, getent.daemons_gid, False),
|
|
167 |
(pathutils.JOB_QUEUE_LOCK_FILE, FILE, constants.JOB_QUEUE_FILES_PERMS,
|
|
168 |
getent.masterd_uid, getent.daemons_gid, False),
|
|
169 |
(pathutils.JOB_QUEUE_SERIAL_FILE, FILE, constants.JOB_QUEUE_FILES_PERMS,
|
|
170 |
getent.masterd_uid, getent.daemons_gid, False),
|
|
171 |
(pathutils.JOB_QUEUE_VERSION_FILE, FILE, constants.JOB_QUEUE_FILES_PERMS,
|
|
172 |
getent.masterd_uid, getent.daemons_gid, False),
|
|
173 |
(pathutils.JOB_QUEUE_ARCHIVE_DIR, DIR, 0740,
|
|
174 |
getent.masterd_uid, getent.daemons_gid),
|
|
175 | 175 |
(rapi_dir, DIR, 0750, getent.rapi_uid, getent.masterd_gid), |
176 | 176 |
(pathutils.RAPI_USERS_FILE, FILE, 0640, |
177 | 177 |
getent.rapi_uid, getent.masterd_gid, False), |
... | ... | |
244 | 244 |
|
245 | 245 |
if opts.full_run: |
246 | 246 |
RecursiveEnsure(pathutils.JOB_QUEUE_ARCHIVE_DIR, getent.masterd_uid, |
247 |
getent.masterd_gid, 0700, 0600)
|
|
247 |
getent.daemons_gid, 0750, constants.JOB_QUEUE_FILES_PERMS)
|
|
248 | 248 |
except errors.GenericError, err: |
249 | 249 |
logging.error("An error occurred while setting permissions: %s", err) |
250 | 250 |
return constants.EXIT_FAILURE |
Also available in: Unified diff