[pve-devel] [PATCH/RFC manager] pveceph: also install nvme-cli

Fabian Ebner f.ebner at proxmox.com
Mon Jul 5 11:50:00 CEST 2021

The nvme-cli package is recommended by (our) Ceph packages, but here
--no-install-recommends is used to avoid pulling in too much.

The issue with not installing nvme-cli is that a "security
information" mail notification is triggered by sudo each time Ceph
tries to get the device health metrics. While there is a sudoers
rule for /usr/sbin/nvme, Ceph uses 'sudo nvme ...', so it does not
apply when the package is not installed.

This didn't seem to happen with sudo in buster.

It's about 1 MiB of additional packages (nvme-cli + uuid-runtime).

Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>

An alternative would be to patch Ceph to use the full /usr/sbin/nvme
for its call (not tested).

 PVE/CLI/pveceph.pm | 1 +
 1 file changed, 1 insertion(+)

diff --git a/PVE/CLI/pveceph.pm b/PVE/CLI/pveceph.pm
index f23a996d..356af282 100755
--- a/PVE/CLI/pveceph.pm
+++ b/PVE/CLI/pveceph.pm
@@ -173,6 +173,7 @@ __PACKAGE__->register_method ({
+	    nvme-cli
 	print "start installation\n";

More information about the pve-devel mailing list