From 3afab9a7032c66eaf1018742519b13a5a205fe10 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Thu, 27 Mar 2025 18:54:04 +0530
Subject: [PATCH] Updated setup-sysvm-tmplt script, to run cmds accessing
 destdir with sudo (#10263)

---
 scripts/storage/secondary/setup-sysvm-tmplt | 10 +++++-----
 server/conf/cloudstack-sudoers.in           |  2 +-
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/scripts/storage/secondary/setup-sysvm-tmplt b/scripts/storage/secondary/setup-sysvm-tmplt
index 8b656621891..06f0586fe34 100755
--- a/scripts/storage/secondary/setup-sysvm-tmplt
+++ b/scripts/storage/secondary/setup-sysvm-tmplt
@@ -99,7 +99,7 @@ if [[ -f $destdir/template.properties ]]; then
   failed 2 "Data already exists at destination $destdir"
 fi
 
-destfiles=$(find $destdir -name \*.$ext)
+destfiles=$(sudo find $destdir -name \*.$ext)
 if [[ "$destfiles" != "" ]]; then
   failed 2 "Data already exists at destination $destdir"
 fi
@@ -108,12 +108,12 @@ tmpfolder=/tmp/cloud/templates/
 mkdir -p $tmpfolder
 tmplfile=$tmpfolder/$localfile
 
-sudo touch $tmplfile
+touch $tmplfile
 if [[ $? -ne 0 ]]; then
   failed 2 "Failed to create temporary file in directory $tmpfolder -- is it read-only or full?\n"
 fi
 
-destcap=$(df -P $destdir | awk '{print $4}' | tail -1 )
+destcap=$(sudo df -P $destdir | awk '{print $4}' | tail -1 )
 [ $destcap -lt $DISKSPACE ] && echo "Insufficient free disk space for target folder $destdir: avail=${destcap}k req=${DISKSPACE}k" && failed 4
 
 localcap=$(df -P $tmpfolder | awk '{print $4}' | tail -1 )
@@ -146,9 +146,9 @@ fi
 
 
 tmpltfile=$destdir/$localfile
-tmpltsize=$(ls -l $tmpltfile | awk -F" " '{print $5}')
+tmpltsize=$(sudo ls -l $tmpltfile | awk -F" " '{print $5}')
 if [[ "$ext" == "qcow2" ]]; then
-  vrtmpltsize=$($qemuimgcmd info $tmpltfile | grep -i 'virtual size' | sed -ne 's/.*(\([0-9]*\).*/\1/p' | xargs)
+  vrtmpltsize=$(sudo $qemuimgcmd info $tmpltfile | grep -i 'virtual size' | sed -ne 's/.*(\([0-9]*\).*/\1/p' | xargs)
 else
   vrtmpltsize=$tmpltsize
 fi
diff --git a/server/conf/cloudstack-sudoers.in b/server/conf/cloudstack-sudoers.in
index 5c879f3303f..710241022f5 100644
--- a/server/conf/cloudstack-sudoers.in
+++ b/server/conf/cloudstack-sudoers.in
@@ -18,7 +18,7 @@
 # The CloudStack management server needs sudo permissions
 # without a password.
 
-Cmnd_Alias CLOUDSTACK = /bin/mkdir, /bin/mount, /bin/umount, /bin/cp, /bin/chmod, /usr/bin/keytool, /bin/keytool, /bin/touch
+Cmnd_Alias CLOUDSTACK = /bin/mkdir, /bin/mount, /bin/umount, /bin/cp, /bin/chmod, /usr/bin/keytool, /bin/keytool, /bin/touch, /bin/find, /bin/df, /bin/ls, /bin/qemu-img
 
 Defaults:@MSUSER@ !requiretty