scylla_setup: allow running scylla_setup with strict umask setting

We currently deny running scylla_setup when umask != 0022. To remove this limitation, run os.chmod(0o644) on every file creation to allow reading from scylla user. Note that perftune.yaml is not really needed to set 0644 since perftune.py is running in root user, but setting it to align permission with other files. Fixes #8049 Closes #8119 (cherry picked from commit f3a82f4685)
2026-05-13 03:12:13 +00:00 · 2021-02-19 02:29:49 +09:00
parent 49cd0b87f0
commit f96ea8e011
3 changed files with 5 additions and 11 deletions
--- a/dist/common/scripts/scylla_io_setup
+++ b/dist/common/scripts/scylla_io_setup
@@ -281,3 +281,5 @@ if __name__ == "__main__":
                run_iotune()
        else:
            run_iotune()
+        os.chmod(etcdir() + '/scylla.d/io_properties.yaml', 0o644)
+        os.chmod(etcdir() + '/scylla.d/io.conf', 0o644)
--- a/dist/common/scripts/scylla_prepare
+++ b/dist/common/scripts/scylla_prepare
@@ -82,6 +82,7 @@ def create_perftune_conf(cfg):
        yaml = run('/opt/scylladb/scripts/perftune.py ' + params, shell=True, check=True, capture_output=True, encoding='utf-8').stdout.strip()
        with open('/etc/scylla.d/perftune.yaml', 'w') as f:
            f.write(yaml)
+        os.chmod('/etc/scylla.d/perftune.yaml', 0o644)
        return True
    else:
        return False
--- a/dist/common/scripts/scylla_setup
+++ b/dist/common/scripts/scylla_setup
@@ -176,11 +176,6 @@ def warn_offline(setup):
 def warn_offline_missing_pkg(setup, pkg):
    colorprint('{red}{setup} disabled by default, since {pkg} not available.{nocolor}', setup=setup, pkg=pkg)

-def current_umask():
-    current = os.umask(0)
-    os.umask(current)
-    return current
-
 if __name__ == '__main__':
    if not is_nonroot() and os.getuid() > 0:
        print('Requires root permission.')
@@ -331,12 +326,6 @@ if __name__ == '__main__':
    selinux_reboot_required = False
    set_clocksource = False

-    umask = current_umask()
-    # files have to be world-readable
-    if not is_nonroot() and (umask & 0o7) != 0o2:
-        colorprint('{red}Scylla does not work with current umask setting ({umask}),\nplease restore umask to the default value (0022).{nocolor}', umask='{0:o}'.format(umask).zfill(4))
-        sys.exit(1)
-
    if interactive:
        colorprint('{green}Skip any of the following steps by answering \'no\'{nocolor}')

@@ -375,11 +364,13 @@ if __name__ == '__main__':
            if version_check:
                with open('/etc/scylla.d/housekeeping.cfg', 'w') as f:
                    f.write('[housekeeping]\ncheck-version: True\n')
+                os.chmod('/etc/scylla.d/housekeeping.cfg', 0o644)
                systemd_unit('scylla-housekeeping-daily.timer').unmask()
                systemd_unit('scylla-housekeeping-restart.timer').unmask()
            else:
                with open('/etc/scylla.d/housekeeping.cfg', 'w') as f:
                    f.write('[housekeeping]\ncheck-version: False\n')
+                os.chmod('/etc/scylla.d/housekeeping.cfg', 0o644)
                hk_daily = systemd_unit('scylla-housekeeping-daily.timer')
                hk_daily.mask()
                hk_daily.stop()