mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 02:50:30 +00:00
fscrypt: fix metadata directory permissions
Call Mount.Setup with SingleUserWritable constant instead of 0o755, which is silently ignored and causes the /.fscrypt/{policy,protector}/ directories to have mode 000. Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
This commit is contained in:
parent
4e38bdac10
commit
f1f50e0218
@ -379,7 +379,7 @@ func Unlock(
|
|||||||
|
|
||||||
// 1. Do we have a metadata directory (.fscrypt) set up?
|
// 1. Do we have a metadata directory (.fscrypt) set up?
|
||||||
metadataDirExists := false
|
metadataDirExists := false
|
||||||
if err = fscryptContext.Mount.Setup(0o755); err != nil {
|
if err = fscryptContext.Mount.Setup(fscryptfilesystem.SingleUserWritable); err != nil {
|
||||||
alreadySetupErr := &fscryptfilesystem.ErrAlreadySetup{}
|
alreadySetupErr := &fscryptfilesystem.ErrAlreadySetup{}
|
||||||
if errors.As(err, &alreadySetupErr) {
|
if errors.As(err, &alreadySetupErr) {
|
||||||
log.DebugLog(ctx, "fscrypt: metadata directory in %q already set up", alreadySetupErr.Mount.Path)
|
log.DebugLog(ctx, "fscrypt: metadata directory in %q already set up", alreadySetupErr.Mount.Path)
|
||||||
|
Loading…
Reference in New Issue
Block a user