Ceph » rgw

After a bit of instrumentation of global_init()/global_pre_init(), it appears the first attempt at opening/creating the logfile is done as a result of:

global_pre_init():
...
    conf->apply_changes(NULL);
...

I'm not familiar with this code path, so I need to investigate this further... but I suspect Log.cc:void Log::reopen_log_file() is being invoked.

Digging a bit deeper into this, it appears to only happen when "log_file" is explicitly set in ceph.conf.

During global_pre_init() (ie. before setuid()/setgid() is called), md_config_t::apply_changes() is
invoked, running all configuration observers. Specifically, LogObs::handle_conf_change() is invoked
as "log_file" has been set in ceph.conf.

class LogObs : public md_config_obs_t {
...
void handle_conf_change()
...
  if (changed.count("log_file")) {
    log->set_log_file(conf->log_file);
    log->reopen_log_file();
  }
...

Finally

void Log::reopen_log_file()
{
...
  if (m_log_file.length()) {
    m_fd = ::open(m_log_file.c_str(), O_CREAT|O_WRONLY|O_APPEND, 0644);
...
}

Since the above is invoked before radosgw has been dropped to the appropriate
user and group, our logfile is created with "root:root" ownership.

The immediate workaround is to not explicitly set "log_file" in the ceph.conf
and allow the defaults to be created. This should affect any daemon that tries
to explicitly set it's logfile location.