A couple thoughts on this
- I was initially confused about $(groups | awk '{print 3}) , as '3' seemed strange. groups does seem to output the primary group of a user as the first field, but I think that 'id -gn <user>' more explicitly requests that. I will admit to wishing the documentation for 'id' said "primary group" rather than just "effective group", but I looked at source and it does: 'rgid = egid = pwd->pw_gid;'.
I know this is nitpick.
- I'm concerned about the '-mount' argument to 'find'.
If the user has done something like:
mount --bind /some/large/filesystem /var/lib/nova/instances
or even:
mount /dev/sdb1 /var/lib/nova/instances
I think that we'd avoid changing ownership of those files. I don't know how serious this is.
One quick fix I had would be to do this:
# change ownership of files under /var/lib/nova/ except rootfs (LP: #861260)
find /var/lib/nova/ -name 'rootfs' -prune -o -exec chown nova:nova {} \;
A couple thoughts on this
- I was initially confused about $(groups | awk '{print 3}) , as '3' seemed strange. groups does seem to output the primary group of a user as the first field, but I think that 'id -gn <user>' more explicitly requests that. I will admit to wishing the documentation for 'id' said "primary group" rather than just "effective group", but I looked at source and it does: 'rgid = egid = pwd->pw_gid;'.
I know this is nitpick.
- I'm concerned about the '-mount' argument to 'find'. filesystem /var/lib/ nova/instances nova/instances
If the user has done something like:
mount --bind /some/large/
or even:
mount /dev/sdb1 /var/lib/
I think that we'd avoid changing ownership of those files. I don't know how serious this is.
One quick fix I had would be to do this:
# change ownership of files under /var/lib/nova/ except rootfs (LP: #861260)
find /var/lib/nova/ -name 'rootfs' -prune -o -exec chown nova:nova {} \;