Import Cluster: VSM hasn't proper file system permissions.

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Import Cluster: VSM hasn't proper file system permissions.

Hi Yaguang,

When ceph is deployed with ceph-deploy prior to VSM, ceph-deploy creates a user and group, 'ceph' and assigns ownership of /var/lib/ceph directory structure to that user and group. Later, while attempting to start/stop servers, VSM needs to read the contents of some of the directories in this directory structure. It fails with permission denied because world rights are very limited and 'vsm' user is not a member of the 'ceph' group.

We've fixed this problem in our deployments by adding the 'vsm' user to the 'ceph' group:

$ sudo usermod -a -G ceph vsm && sudo service vsm-agent restart

This allows the 'vsm' user to have at least read rights in the directory structure. This must be done on all agent nodes, of course. Additionally, the vsm-agent must be restarted after the group membership is modified, because (apparently) the python os module is caching vsm's group membership.

In my mind, this is something of a hack. The VSM team should probably come up with a more unified strategy for handling the problem - I've opened a JIRA ticket, VSM-421.