[Bug 1885269] [NEW] ussuri: unable to stop and start an instance post upgrade

Fri, 26 Jun 2020 04:21:17 -0700 

Public bug reported:

bionic or focal with OpenStack Ussuri.

The latest version of the nova package sets permissions on package
update for /var/lib/nova:

  find /var/lib/nova -exec chown nova:nova "{}" +
  find /var/lib/nova -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 
0750 "{}" +

However, when managing vm's via libvirt, various ownership changes
happen to the underlying disks that mean that nova can no longer access
the disk files with 0640 permissions.

The disks (and base image) for a vm are created as nova:nova; libvirt
then shifts the ownership to libvirt-qemu:kvm as the vm starts.  When
the vm is stopped the ownership reverts to root:root.

0640 permissions are maintained - however nova is not part of the root
or kvm groups so cannot access the file - which means the instance
cannot be restarted.

The following permissions are required for correct operation:

  find /var/lib/nova -type f -exec chmod 0644 "{}" + -o -type d -exec
chmod 0755 "{}" +

** Affects: cloud-archive
     Importance: Critical
         Status: Triaged

** Affects: cloud-archive/ussuri
     Importance: Critical
         Status: Triaged

** Affects: cloud-archive/victoria
     Importance: Critical
         Status: Triaged

** Affects: nova (Ubuntu)
     Importance: Critical
         Status: Triaged

** Affects: nova (Ubuntu Focal)
     Importance: Critical
         Status: Triaged

** Affects: nova (Ubuntu Groovy)
     Importance: Critical
         Status: Triaged

** Also affects: nova (Ubuntu Groovy)
   Importance: Undecided
       Status: New

** Also affects: nova (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: cloud-archive
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/ussuri
   Importance: Undecided
       Status: New

** Also affects: cloud-archive/victoria
   Importance: Undecided
       Status: New

** Changed in: cloud-archive/victoria
       Status: New => Triaged

** Changed in: cloud-archive/ussuri
       Status: New => Triaged

** Changed in: nova (Ubuntu Focal)
       Status: New => Triaged

** Changed in: nova (Ubuntu Groovy)
       Status: New => Triaged

** Changed in: cloud-archive/ussuri
   Importance: Undecided => Critical

** Changed in: cloud-archive/victoria
   Importance: Undecided => Critical

** Changed in: nova (Ubuntu Focal)
   Importance: Undecided => Critical

** Changed in: nova (Ubuntu Groovy)
   Importance: Undecided => Critical

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1885269

Title:
  ussuri: unable to stop and start an instance post upgrade

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1885269/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to