Merge "Fixes permission problem when restoring backup"

This commit is contained in:
Zuul 2023-03-22 16:28:34 +00:00 committed by Gerrit Code Review
commit 5046b8ab52
2 changed files with 61 additions and 29 deletions

View File

@ -1,4 +1,4 @@
FROM ubuntu:18.04 FROM ubuntu:20.04
LABEL maintainer="anlin.kong@gmail.com" LABEL maintainer="anlin.kong@gmail.com"
ARG DATASTORE="mysql5.7" ARG DATASTORE="mysql5.7"

View File

@ -205,14 +205,40 @@ class MySqlManager(manager.Manager):
root_pass = utils.generate_random_password() root_pass = utils.generate_random_password()
self.app.save_password('root', root_pass) self.app.save_password('root', root_pass)
with tempfile.NamedTemporaryFile(mode='w') as init_file, \ init_file = tempfile.NamedTemporaryFile(mode='w')
tempfile.NamedTemporaryFile(suffix='.err') as err_file:
operating_system.write_file( operating_system.write_file(
init_file.name, init_file.name,
f"ALTER USER 'root'@'localhost' IDENTIFIED BY '{root_pass}';" f"ALTER USER 'root'@'localhost' IDENTIFIED BY '{root_pass}';"
) )
err_file = tempfile.NamedTemporaryFile(suffix='.err')
# Get the original file owner and group before changing the owner.
from pathlib import Path
init_file_path = Path(init_file.name)
init_file_owner = init_file_path.owner()
init_file_group = init_file_path.group()
# Allow database service user to access the temporary files.
try:
for file in [init_file.name, err_file.name]:
operating_system.chown(file, CONF.database_service_uid,
CONF.database_service_uid, force=True,
as_root=True)
except Exception as err:
LOG.error('Failed to change file owner, error: %s', str(err))
for file in [init_file.name, err_file.name]:
LOG.debug('Reverting the %s owner to %s '
'before close it.', file, init_file_owner)
operating_system.chown(file, init_file_owner,
init_file_group, force=True,
as_root=True)
init_file.close()
err_file.close()
raise err
# Allow database service user to access the temporary files.
command = ( command = (
f'mysqld_safe --init-file={init_file.name} ' f'mysqld --init-file={init_file.name} '
f'--log-error={err_file.name} ' f'--log-error={err_file.name} '
f'--datadir={data_dir} ' f'--datadir={data_dir} '
) )
@ -221,27 +247,33 @@ class MySqlManager(manager.Manager):
err_file.name: {"bind": err_file.name, "mode": "rw"}, err_file.name: {"bind": err_file.name, "mode": "rw"},
} }
# Allow database service user to access the temporary files. # Start the database container process.
for file in [init_file.name, err_file.name]:
operating_system.chmod(file,
operating_system.FileMode.SET_ALL_RWX(),
force=True, as_root=True)
try: try:
self.app.start_db(ds_version=ds_version, command=command, self.app.start_db(ds_version=ds_version, command=command,
extra_volumes=extra_volumes) extra_volumes=extra_volumes)
except Exception as err: except Exception as err:
LOG.error('Failed to reset password for restore, error: %s', LOG.error('Failed to reset password for restore, error: %s',
str(err)) str(err))
LOG.debug('Content in init error log file: %s', raise err # re-raised at the end of the finally clause
err_file.read())
raise err
finally: finally:
try:
LOG.debug( LOG.debug(
'The init container log: %s', 'The init container log: %s',
docker_util.get_container_logs(self.app.docker_client) docker_util.get_container_logs(self.app.docker_client)
) )
docker_util.remove_container(self.app.docker_client) docker_util.remove_container(self.app.docker_client)
except Exception as err:
LOG.error('Failed to remove container. error: %s',
str(err))
pass
for file in [init_file.name, err_file.name]:
LOG.debug('Reverting the %s owner to %s '
'before close it.', file, init_file_owner)
operating_system.chown(file, init_file_owner,
init_file_group, force=True,
as_root=True)
init_file.close()
err_file.close()
LOG.info('Finished to reset password for restore') LOG.info('Finished to reset password for restore')