** Changed in: neutron
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1187107
Title:
quantum-ns-metadata-proxy runs as root
Status in OpenStack Neutron (virtual network service):
Fix Released
Bug description:
# ps -ef | grep quantum-ns-metadata-proxy
root 10239 1 0 19:01 ? 00:00:00 python
/usr/bin/quantum-ns-metadata-proxy
--pid_file=/var/lib/quantum/external/pids/7a44de32-3ac0-4f3e-92cc-1a37d8211db8.pid
--router_id=7a44de32-3ac0-4f3e-92cc-1a37d8211db8 --state_path=/var/lib/quantum
--debug
--log-file=quantum-ns-metadata-proxy7a44de32-3ac0-4f3e-92cc-1a37d8211db8.log
--log-dir=/var/log/quantum
Root is needed to open the namespace, but the quantum-ns-metadata-proxy does
not need root - it listens on 9697 by default not 80.
I tried changing /etc/quantum/rootwrap.d/l3.filters for it to run as
quantum instead:
metadata_proxy: CommandFilter, /usr/bin/quantum-ns-metadata-proxy,
quantum
but it still runs as root.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1187107/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
