From 825649185e25b795ea42d686d44b83f2f3737b03 Mon Sep 17 00:00:00 2001
From: Humble Chirammal <hchiramm@redhat.com>
Date: Fri, 7 Jan 2022 20:44:11 +0530
Subject: [PATCH] rbd: dont attempt explicit permission mod change from the RBD
 driver

currently we are overriding the permission to `0o777` at time of node
stage which is not the correct action. That said, this permission
change causes an extra permission correction at time of nodestaging
by the CO while the FSGROUP change policy has been set to
`OnRootMismatch`.

Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
(cherry picked from commit bf4ba0ec84cd7bb8c5cf2f93b7a8dfea227dd1ae)
---
 internal/rbd/nodeserver.go | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/internal/rbd/nodeserver.go b/internal/rbd/nodeserver.go
index 43c151956..209c4610e 100644
--- a/internal/rbd/nodeserver.go
+++ b/internal/rbd/nodeserver.go
@@ -366,7 +366,6 @@ func (ns *NodeServer) stageTransaction(
 	transaction := &stageTransaction{}
 
 	var err error
-	var readOnly bool
 
 	// Allow image to be mounted on multiple nodes if it is ROX
 	if req.VolumeCapability.AccessMode.Mode == csi.VolumeCapability_AccessMode_MULTI_NODE_READER_ONLY {
@@ -421,7 +420,7 @@ func (ns *NodeServer) stageTransaction(
 	transaction.isStagePathCreated = true
 
 	// nodeStage Path
-	readOnly, err = ns.mountVolumeToStagePath(ctx, req, staticVol, stagingTargetPath, devicePath)
+	_, err = ns.mountVolumeToStagePath(ctx, req, staticVol, stagingTargetPath, devicePath)
 	if err != nil {
 		return transaction, err
 	}
@@ -436,11 +435,6 @@ func (ns *NodeServer) stageTransaction(
 		return transaction, err
 	}
 
-	if !readOnly {
-		// #nosec - allow anyone to write inside the target path
-		err = os.Chmod(stagingTargetPath, 0o777)
-	}
-
 	return transaction, err
 }