Bug #20056
closedceph-osd: Permission Denied when reading a monmap
0%
Description
I am trying to manually deploy an OSD, and regardless of the ownership or permissions for the 'activate.monmap' file I get the following error:
[vagrant@node3 ~]$ sudo ceph-osd --cluster ceph --mkfs --mkkey -i 0 --monmap /home/vagrant/osd/activate.monmap --osd-data /home/vagrant/osd --osd-journal /home/vagrant/osd/journal --osd-uuid 29cc3418-ff24-4085-bddd-0ef524313b2c --keyring /home/vagrant/osd/keyring --setuser ceph --setgroup ceph unable to read/decode monmap from /home/vagrant/osd/activate.monmap: (13) Permission denied
This BZ lead me to believe it might be related to deploying an OSD onto a directory: https://bugzilla.redhat.com/show_bug.cgi?id=1361228
In this case, I am trying to deploy to a directory, however the issue here is why would I be getting a "Permission denied" error if the monmap is perfectly readable?
What is the problem that causes a permission denied error in this particular case?
[vagrant@node3 ~]$ ceph --version ceph version 11.2.0 (f223e27eeb35991352ebc1f67423d4ebc252adb7)
Updated by Alfredo Deza almost 7 years ago
- Status changed from New to Closed
Further digging this with Dan, we tried getting permissions up to the directory:
[root@node3 vagrant]# namei -lmo /home/vagrant/osd/activate.monmap f: /home/vagrant/osd/activate.monmap dr-xr-xr-x root root / drwxr-xr-x root root home drwx------ vagrant vagrant vagrant drwxrwxrwx ceph ceph osd -rwxrwxrwx ceph ceph activate.monmap
In this case the 'vagrant' dir doesn't have execute perms on group and others, which causes anything that is not root, or vagrant, to be able to traverse that dir.
Adding the 'x' permissions for both group and others allowed the command to proceed.
The command uses --setuser and --setgroup to ceph, so it was really the ceph user trying to read the file and failing at the /home/vagrant/ dir. This isn't really a problem with Ceph, just a gotcha for deployment