From 7ad805df1fcb18f00d8848acd5a471355c3a1e52 Mon Sep 17 00:00:00 2001 From: cmart Date: Thu, 12 Apr 2018 14:58:30 -0400 Subject: [PATCH] Fix kernel post-installation script `/etc/kernel/postinst.d/nova-kernel-permissions.sh` (introduced to fix Bug #1507915) is supposed to make newly installed kernels readable to the nova user, as kernels on an Ubuntu system are otherwise only readable to the root user [0]. This script didn't work for a few reasons: - It never ran, because scripts in `/etc/kernel/postinst.d` are called by `run-parts`, and run-parts skips any script with a period in the name [1]. - Its shebang was missing its bang - If installation of the same kernel is installed more than once (e.g. reinstallation), `dpkg-statoverride` (and the whole kernel installation) would exit with error, complaining about an override already existing [2]. Fixed with these changes respectively: - Renamed script to remove the period - Fixed typo in shebang - Added `--force` flag to `dpkg-statoverride` [0] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/759725 [1] https://bugs.launchpad.net/ubuntu/+source/debianutils/+bug/38022 [2] https://bugs.launchpad.net/openstack-manuals/+bug/1275080 Change-Id: I0e130e3c3ecf2171dbdc0e9a809f8066c30d4bc9 Closes-Bug: 1763479 --- files/{nova_kernel_permissions.sh => nova_kernel_permissions} | 4 ++-- tasks/drivers/kvm/nova_kernel_permissions.yml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) rename files/{nova_kernel_permissions.sh => nova_kernel_permissions} (86%) diff --git a/files/nova_kernel_permissions.sh b/files/nova_kernel_permissions similarity index 86% rename from files/nova_kernel_permissions.sh rename to files/nova_kernel_permissions index 00808715..85bb3cf4 100644 --- a/files/nova_kernel_permissions.sh +++ b/files/nova_kernel_permissions @@ -1,4 +1,4 @@ -#/bin/sh +#!/bin/sh # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,4 +17,4 @@ version="$1" if [ -z "$version" ]; then exit 0 fi -exec dpkg-statoverride --update --add root nova 0640 "/boot/vmlinuz-${version}" +exec dpkg-statoverride --force --update --add root nova 0640 "/boot/vmlinuz-${version}" diff --git a/tasks/drivers/kvm/nova_kernel_permissions.yml b/tasks/drivers/kvm/nova_kernel_permissions.yml index 2cf5d9fe..755fa956 100644 --- a/tasks/drivers/kvm/nova_kernel_permissions.yml +++ b/tasks/drivers/kvm/nova_kernel_permissions.yml @@ -34,6 +34,6 @@ - name: Script installed to make future kernels readable to nova group/user copy: - src: 'nova_kernel_permissions.sh' - dest: '/etc/kernel/postinst.d/nova_kernel_permissions.sh' + src: 'nova_kernel_permissions' + dest: '/etc/kernel/postinst.d/nova_kernel_permissions' mode: '0755'