From b4abe21d2fd55ced0f56baff5c4892a4826aa0f7 Mon Sep 17 00:00:00 2001
From: nicholasyang <nicholas.yang@suse.com>
Date: Tue, 25 Oct 2022 13:28:40 +0800
Subject: [PATCH] fix: log: fail to open log file even if user is in haclient
 group (bsc#1204670)

The file had been created with umask 0022 in usual so that it was not
group-writable.

Call chown and chmod explicitly to fix it.
---
 crmsh/log.py | 21 ++++++++++-----------
 1 file changed, 10 insertions(+), 11 deletions(-)

--- a/crmsh/log.py
+++ b/crmsh/log.py
@@ -423,14 +423,6 @@
             self.logger.info("offending xml: %s", xml)
 
 
-def setup_directory_for_logfile():
-    """
-    Create log file's parent directory
-    """
-    _dir = os.path.dirname(CRMSH_LOG_FILE)
-    os.makedirs(_dir, exist_ok=True)
-
-
 def setup_logging(only_help=False):
     """
     Setup log directory and loadding logging config dict
@@ -439,10 +431,17 @@
     if only_help:
         LOGGING_CFG["handlers"]["file"] = {'class': 'logging.NullHandler'}
     else:
-        setup_directory_for_logfile()
+        # dirname(CRMSH_LOG_FILE) should be created by package manager during installation
+        with open(CRMSH_LOG_FILE, 'a') as f:
+            try:
+                shutil.chown(CRMSH_LOG_FILE, group=constants.HA_GROUP)
+                os.fchmod(f.fileno(), 0o664)
+                shutil.chown(CRMSH_LOG_FILE, user=constants.HA_USER)
+            except PermissionError:
+                # The file has been open with O_APPEND, oo logging can write to it.
+                # Failing to change owner or mode is not a fatal error.
+                pass
     logging.config.dictConfig(LOGGING_CFG)
-    if os.path.exists(CRMSH_LOG_FILE):
-        shutil.chown(CRMSH_LOG_FILE, constants.HA_USER, constants.HA_GROUP)
 
 
 def setup_logger(name):