Merge "Basic check for homedir permissions"
diff --git a/functions b/functions
index 0b2710c..669fa69 100644
--- a/functions
+++ b/functions
@@ -1415,6 +1415,35 @@
fi
}
+# Path permissions sanity check
+# check_path_perm_sanity path
+function check_path_perm_sanity() {
+ # Ensure no element of the path has 0700 permissions, which is very
+ # likely to cause issues for daemons. Inspired by default 0700
+ # homedir permissions on RHEL and common practice of making DEST in
+ # the stack user's homedir.
+
+ local real_path=$(readlink -f $1)
+ local rebuilt_path=""
+ for i in $(echo ${real_path} | tr "/" " "); do
+ rebuilt_path=$rebuilt_path"/"$i
+
+ if [[ $(stat -c '%a' ${rebuilt_path}) = 700 ]]; then
+ echo "*** DEST path element"
+ echo "*** ${rebuilt_path}"
+ echo "*** appears to have 0700 permissions."
+ echo "*** This is very likely to cause fatal issues for devstack daemons."
+
+ if [[ -n "$SKIP_PATH_SANITY" ]]; then
+ return
+ else
+ echo "*** Set SKIP_PATH_SANITY to skip this check"
+ die $LINENO "Invalid path permissions"
+ fi
+ fi
+ done
+}
+
# Restore xtrace
$XTRACE
diff --git a/stack.sh b/stack.sh
index 5a6945d..c0a314d 100755
--- a/stack.sh
+++ b/stack.sh
@@ -208,6 +208,9 @@
sudo mkdir -p $DEST
sudo chown -R $STACK_USER $DEST
+# a basic test for $DEST path permissions (fatal on error unless skipped)
+check_path_perm_sanity ${DEST}
+
# Set ``OFFLINE`` to ``True`` to configure ``stack.sh`` to run cleanly without
# Internet access. ``stack.sh`` must have been previously run with Internet
# access to install prerequisites and fetch repositories.