Bug #53130
closedcephadm SYSCTL_DIR path not FHS compliant
0%
Description
By default, cephadm uses '/usr/lib/sysctl.d/' (→ cephadm:L65) as default path for the osd-specific sysctl settings.
According to the Filesystem Hierarchy Standard /usr is the second major section of the filesystem. /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts and must not be written to. (→ FHS 3.0 Sec. 4.1)
I would recommend that '/etc/sysctl.d' is used instead, because that would be a proper place for host specific, non-distribution sysctl configuration files.
Uncompliance with that specific FHS rule may break technologies that rely on '/usr/lib/sysctl.d/' being either read-only or completely overwritten (an example would be SUSE's transactional-update).
BackportingRegarding backporting there would be several different strategies:
- Leave ceph sysctl configuration at '/usr/lib/sysctl.d'
PRO: No changes to stable branches
CON: Older branches stay uncompliant/ unusable with certain technologies. - Use '/etc/sysctl.d/' if '/usr/lib/sysctl.d/' is unwritable as root (→ read-only)
PRO: No changes to already set up systems.
PRO: Will be useable with read-only filesystem.
CON: Not working if '/usr/lib/sysctl.d/' is overwritten by the distribution - Migrate configuration from '/usr/lib/sysctl.d' to '/etc/sysctl.d'
PRO: Full FHS compliance; read-only and overwrite scenarios supported.
CON: Changes on already set up systems.
Updated by Sebastian Wagner over 2 years ago
- Related to Bug #52481: cephadm: install_sysctl: FileNotFoundError: [Errno 2] No such file or directory: '/usr/lib/sysctl.d/90-ceph-...' added
Updated by Sebastian Wagner over 2 years ago
Thanks for the report! Let's properly migrate things. If we don't migrate things, we have to deal with the legacy location for all eternity.
Updated by Lukas Mayer over 2 years ago
I have created a pull request for the 'master' branch: #43796
Let's properly migrate things. If we don't migrate things, we have to deal with the legacy location for all eternity.
In theory, this would be all that is needed.
For stable branches, it would be an idea to have a mechanism that deletes files from '/usr/bin/sysctl.d'.
But this may introduce more issues, because of the read-only nature of '/usr'.
If you do not want to introduce more routines to fix that on existing systems, already created files will be left in the wrong place. Which is not nice, but breaks noting if it already works.
A configuration file will be created in the right place (→/etc/sysctl.d) the next time a daemon that requires that particular sysctl configuration is created.
If you think that this should be done in advance, I could implement something like this.
Updated by Kefu Chai over 2 years ago
- Status changed from New to Fix Under Review
- Pull request ID set to 43796
Updated by Sebastian Wagner over 2 years ago
- Status changed from Fix Under Review to Pending Backport
Updated by Sebastian Wagner over 2 years ago
- Status changed from Pending Backport to Fix Under Review
Updated by Redouane Kachach Elhichou almost 2 years ago
- Status changed from Fix Under Review to Resolved