Skip to content

qa/cephfs: don't use sudo to write files in /tmp#40431

Merged
batrick merged 2 commits intoceph:masterfrom
rishabh-d-dave:fs-fix-tmp-files-writes
Apr 10, 2021
Merged

qa/cephfs: don't use sudo to write files in /tmp#40431
batrick merged 2 commits intoceph:masterfrom
rishabh-d-dave:fs-fix-tmp-files-writes

Conversation

@rishabh-d-dave
Copy link
Contributor

@rishabh-d-dave rishabh-d-dave commented Mar 26, 2021
edited
Loading

Files in /tmp cannot be written by any user( including the root user)
other than the file owner even if the permission mode on the file is
777.

Fixes: https://tracker.ceph.com/issues/49466

Marked DNM because -
Depends on ceph/teuthology#1634.
To fix the same issue for vstart_runner.py this PR depends on #37655.

Checklist

  • References tracker ticket
Show available Jenkins commands
  • jenkins retest this please
  • jenkins test classic perf
  • jenkins test crimson perf
  • jenkins test signed
  • jenkins test make check
  • jenkins test make check arm64
  • jenkins test submodules
  • jenkins test dashboard
  • jenkins test api
  • jenkins test docs
  • jenkins render docs
  • jenkins test ceph-volume all
  • jenkins test ceph-volume tox

@github-actions github-actions bot added cephfs Ceph File System tests labels Mar 26, 2021
@rishabh-d-dave rishabh-d-dave requested review from a team, batrick and lxbsz March 26, 2021 10:23
@rishabh-d-dave
Copy link
Contributor Author

rishabh-d-dave commented Mar 26, 2021

Got this flake8 error (from make check) fixed locally -

./tasks/cephfs/cephfs_test_case.py:7:1: F401 'io.StringIO' imported but unused

I'll update the PR after this job finishes running - http://pulpito.front.sepia.ceph.com/rishabh-2021-03-26_11:20:12-fs-wip-rishabh-vr-set-shell-to-True-distro-basic-smithi/

@rishabh-d-dave rishabh-d-dave force-pushed the fs-fix-tmp-files-writes branch from 5367afd to 5a5cc5c Compare March 26, 2021 12:06
jtlayton
jtlayton approved these changes Mar 26, 2021
View reviewed changes
@rishabh-d-dave rishabh-d-dave force-pushed the fs-fix-tmp-files-writes branch from 5a5cc5c to f89f31e Compare March 30, 2021 09:24
@rishabh-d-dave rishabh-d-dave mentioned this pull request Mar 30, 2021
Merged
@batrick
Copy link
Member

batrick commented Mar 31, 2021

jenkins test api

@batrick
Copy link
Member

batrick commented Mar 31, 2021

jenkins test api

batrick
batrick requested changes Apr 6, 2021
View reviewed changes
qa/tasks/cephfs/cephfs_test_case.py Outdated
# required when triggered using vstart_runner.py.
remote.run(args=['chmod', '644', keyring_path])
# mode must be 644 for vstart_runner.py.
keyring_path = remote.mktemp(data=keyring, mode='644')
Copy link
Member

@batrick batrick Apr 6, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

2021-04-01T01:07:43.141 INFO:tasks.cephfs_test_runner:======================================================================
2021-04-01T01:07:43.147 INFO:tasks.cephfs_test_runner:ERROR: test_mount_all_caps_absent (tasks.cephfs.test_multifs_auth.TestClientsWithoutAuth)
2021-04-01T01:07:43.147 INFO:tasks.cephfs_test_runner:----------------------------------------------------------------------
2021-04-01T01:07:43.148 INFO:tasks.cephfs_test_runner:Traceback (most recent call last):
2021-04-01T01:07:43.149 INFO:tasks.cephfs_test_runner:  File "/home/teuthworker/src/git.ceph.com_ceph-c_5c92bde19d0b1ad5e2a680f5925b00ec1f942c7d/qa/tasks/cephfs/test_multifs_auth.py", line 279, in test_mount_all_caps_absent
2021-04-01T01:07:43.149 INFO:tasks.cephfs_test_runner:    keyring)
2021-04-01T01:07:43.150 INFO:tasks.cephfs_test_runner:  File "/home/teuthworker/src/git.ceph.com_ceph-c_5c92bde19d0b1ad5e2a680f5925b00ec1f942c7d/qa/tasks/cephfs/cephfs_test_case.py", line 447, in create_keyring_file
2021-04-01T01:07:43.150 INFO:tasks.cephfs_test_runner:    keyring_path = remote.mktemp(data=keyring, mode='644')
2021-04-01T01:07:43.151 INFO:tasks.cephfs_test_runner:TypeError: mktemp() got an unexpected keyword argument 'mode'

From: /ceph/teuthology-archive/pdonnell-2021-04-01_00:45:34-fs-wip-pdonnell-testing-20210331.222326-distro-basic-smithi/6013903/teuthology.log

@rishabh-d-dave
qa/cephfs: don't use sudo to write files in /tmp
e213849 
Files in /tmp cannot be written by any user( including the root user)
other than the file owner even if the permission mode on the file is
777.

Fixes: https://tracker.ceph.com/issues/49466
Signed-off-by: Rishabh Dave <ridave@redhat.com>
@rishabh-d-dave
qa/cephfs: remove create_keyring_file from cephfs_test_case.py
511434a 
Since teuthology.orchestra.remote.mktemp() can write a temporary file
and not just create it, create_keyring_file() is now redundant.

Signed-off-by: Rishabh Dave <ridave@redhat.com>
@rishabh-d-dave rishabh-d-dave force-pushed the fs-fix-tmp-files-writes branch from f89f31e to 511434a Compare April 8, 2021 08:06
@lxbsz
Copy link
Member

lxbsz commented Apr 9, 2021

Test the tmp file mentioned above on CentOS 8.1 with the ceph-client's latest kernel, please see bellow:

[root@ceph src]# uname -r
5.12.0-rc2+

[root@ceph src]# echo 11 > /tmp/tmp.RVXPYRVdIjG
[root@ceph src]# cat !$
cat /tmp/tmp.RVXPYRVdIjG
11
[root@ceph src]# ls -l /tmp/tmp.RVXPYRVdIjG
-rw-------. 1 lxb lxb 3 Apr  9 11:47 /tmp/tmp.RVXPYRVdIjG
[root@ceph src]#

The root user can write to the tmp files not owned by it.

@batrick
Copy link
Member

batrick commented Apr 10, 2021

https://tracker.ceph.com/projects/cephfs/wiki/Master#2021-Apr-08

@batrick batrick merged commit 76ac006 into ceph:master Apr 10, 2021
@rishabh-d-dave rishabh-d-dave deleted the fs-fix-tmp-files-writes branch April 20, 2021 08:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@batrick batrick batrick approved these changes

@lxbsz lxbsz Awaiting requested review from lxbsz

+1 more reviewer

@jtlayton jtlayton jtlayton approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

bug-fix cephfs Ceph File System needs-qa tests vstart_runner wip-pdonnell-testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@rishabh-d-dave @batrick @lxbsz @jtlayton