Public bug reported:
Hi,
Using neutron version 2:13.0.2-0ubuntu1~cloud0, l3ha, dvr-snat.
The L3 agent is not authorized to kill neutron-keepalived-state-change
(see traceback below), because it's a python3.6 process and the filters
only allow python3.5 :
$ grep python3 /etc/neutron/rootwrap.d/l3.filters
kill_metadata35: KillFilter, root, python3.5, -15, -9
So I guess we need to add python3.6 there :
$ ps wwp 20689
PID TTY STAT TIME COMMAND
20689 ? S 0:00 /usr/bin/python3.6
/usr/bin/neutron-keepalived-state-change
--router_id=73355faf-6060-4635-a15c-a9900b8cf100
--namespace=snat-73355faf-6060-4635-a15c-a9900b8cf100
--conf_dir=/var/lib/neutron/ha_confs/73355faf-6060-4635-a15c-a9900b8cf100
--monitor_interface=ha-fa344937-01 --monitor_cidr=169.254.0.1/24
--pid_file=/var/lib/neutron/external/pids/73355faf-6060-4635-a15c-a9900b8cf100.monitor.pid
--state_path=/var/lib/neutron --user=116 --group=122
Thanks
Traceback (the process above is the one mentioned below) :
2019-04-12 06:38:03.974 6656 ERROR neutron.agent.linux.utils [-] Exit
code: 99; Stdin: ; Stdout: ; Stderr: /usr/bin/neutron-rootwrap:
Unauthorized command: kill -15 20689 (no filter matched)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent [-] Error while
deleting router 73355faf-6060-4635-a15c-a9900b8cf100:
neutron.common.exceptions.ProcessExecutionError: Exit code: 99; Stdin: ;
Stdout: ; Stderr: /usr/bin/neutron-rootwrap: Unauthorized command: kill -15
20689 (no filter matched)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent Traceback (most
recent call last):
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/l3/agent.py", line 381, in
_safe_router_removed
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
self._router_removed(router_id)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/l3/agent.py", line 402, in
_router_removed
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent ri.delete()
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/l3/dvr_edge_router.py", line 220,
in delete
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
super(DvrEdgeRouter, self).delete()
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/l3/ha_router.py", line 451, in
delete
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
self.destroy_state_change_monitor(self.process_monitor)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/l3/ha_router.py", line 388, in
destroy_state_change_monitor
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
pm.disable(sig=str(int(signal.SIGTERM)))
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/linux/external_process.py", line
109, in disable
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
utils.execute(cmd, run_as_root=self.run_as_root)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent File
"/usr/lib/python3/dist-packages/neutron/agent/linux/utils.py", line 147, in
execute
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
returncode=returncode)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
neutron.common.exceptions.ProcessExecutionError: Exit code: 99; Stdin: ;
Stdout: ; Stderr: /usr/bin/neutron-rootwrap: Unauthorized command: kill -15
20689 (no filter matched)
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
2019-04-12 06:38:03.975 6656 ERROR neutron.agent.l3.agent
** Affects: neutron (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1824475
Title:
neutron-rootwrap not authorized to kill neutron-keepalived-state-
change
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1824475/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
