Merge "Basic check for homedir permissions"
This commit is contained in:
commit
a20fb6d383
29
functions
29
functions
@ -1415,6 +1415,35 @@ function get_pip_command() {
|
||||
fi
|
||||
}
|
||||
|
||||
# Path permissions sanity check
|
||||
# check_path_perm_sanity path
|
||||
function check_path_perm_sanity() {
|
||||
# Ensure no element of the path has 0700 permissions, which is very
|
||||
# likely to cause issues for daemons. Inspired by default 0700
|
||||
# homedir permissions on RHEL and common practice of making DEST in
|
||||
# the stack user's homedir.
|
||||
|
||||
local real_path=$(readlink -f $1)
|
||||
local rebuilt_path=""
|
||||
for i in $(echo ${real_path} | tr "/" " "); do
|
||||
rebuilt_path=$rebuilt_path"/"$i
|
||||
|
||||
if [[ $(stat -c '%a' ${rebuilt_path}) = 700 ]]; then
|
||||
echo "*** DEST path element"
|
||||
echo "*** ${rebuilt_path}"
|
||||
echo "*** appears to have 0700 permissions."
|
||||
echo "*** This is very likely to cause fatal issues for devstack daemons."
|
||||
|
||||
if [[ -n "$SKIP_PATH_SANITY" ]]; then
|
||||
return
|
||||
else
|
||||
echo "*** Set SKIP_PATH_SANITY to skip this check"
|
||||
die $LINENO "Invalid path permissions"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
# Restore xtrace
|
||||
$XTRACE
|
||||
|
||||
|
3
stack.sh
3
stack.sh
@ -208,6 +208,9 @@ fi
|
||||
sudo mkdir -p $DEST
|
||||
sudo chown -R $STACK_USER $DEST
|
||||
|
||||
# a basic test for $DEST path permissions (fatal on error unless skipped)
|
||||
check_path_perm_sanity ${DEST}
|
||||
|
||||
# Set ``OFFLINE`` to ``True`` to configure ``stack.sh`` to run cleanly without
|
||||
# Internet access. ``stack.sh`` must have been previously run with Internet
|
||||
# access to install prerequisites and fetch repositories.
|
||||
|
Loading…
Reference in New Issue
Block a user