Reviewed: https://review.openstack.org/535208 Committed: https://git.openstack.org/cgit/openstack/neutron-vpnaas/commit/?id=65a3e5dfbe619b9d7ea861e90dd772e30d22043d Submitter: Zuul Branch: master
commit 65a3e5dfbe619b9d7ea861e90dd772e30d22043d Author: Jeffrey Zhang <[email protected]> Date: Thu Jan 18 15:54:23 2018 +0800 Drop the root requirement for LibreSwanDriver Change-Id: I880ef5dad6723de06da5dd8a424f7158d65b5a35 Closes-Bug: #1644517 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1644517 Title: [neutron-vpnaas] libreswan driver requires root Status in neutron: Fix Released Bug description: The libreswan device driver attempts to both cleanup[0] and chown[1] ipsec.secrets to root, using the bare python os module. From what I can gather it should use neutron-rootwrap to do these operations, otherwise the operator is forced to run the agent as root. [0] https://github.com/openstack/neutron-vpnaas/blob/master/neutron_vpnaas/services/vpn/device_drivers/libreswan_ipsec.py#L40-L42 [1] https://github.com/openstack/neutron-vpnaas/blob/master/neutron_vpnaas/services/vpn/device_drivers/libreswan_ipsec.py#L50-L51 To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1644517/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
