Reviewed: https://review.openstack.org/574703 Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=5106dfe5217b5274305ab565e23dbd1548c1f756 Submitter: Zuul Branch: master
commit 5106dfe5217b5274305ab565e23dbd1548c1f756 Author: Miguel Angel Ajo <[email protected]> Date: Tue Jun 12 14:02:58 2018 +0200 Configure privsep helper in neutron-netns-cleanup This closes a bug that makes netns-cleanup crash when trying to invoke privsep helper, because the rootwrap config isn't correctly passed down to the privsep helper library. Closes-Bug: #1776468 Change-Id: I8258a44a9e2542ec222ebac72c4b889858ab2fc2 ** Changed in: neutron Status: In Progress => Fix Released -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to neutron. https://bugs.launchpad.net/bugs/1776468 Title: neutron-netns-cleanup does not configure privsep correctly Status in neutron: Fix Released Bug description: It crashes when trying to invoke privsep: 2018-06-12 10:37:05.932 1038529 INFO neutron.common.config [-] Logging enabled! 2018-06-12 10:37:05.932 1038529 INFO neutron.common.config [-] /usr/bin/neutron-netns-cleanup version 13.0.0.0b2.dev174 2018-06-12 10:37:05.932 1038529 DEBUG neutron.common.config [-] command line: /usr/bin/neutron-netns-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent --agent-type l3 -d --force setup_logging /usr/lib/python2.7/site-packages/neutron/common/config.py:104 2018-06-12 10:37:05.933 1038529 INFO oslo.privsep.daemon [-] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/usr/share/neutron/neutron-dist.conf', '--config-file', '/etc/neutron/neutron.conf', '--config-file', '/etc/neutron/l3_agent.ini', '--config-dir', '/etc/neutron/conf.d/neutron-l3-agent', '--privsep_context', 'neutron.privileged.default', '--privsep_sock_path', '/tmp/tmpwc58JK/privsep.sock'] 2018-06-12 10:37:05.954 1038529 WARNING oslo.privsep.daemon [-] privsep log: 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: We trust you have received the usual lecture from the local System 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: Administrator. It usually boils down to these three things: 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: #1) Respect the privacy of others. 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: #2) Think before you type. 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: #3) With great power comes great responsibility. 2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: 2018-06-12 10:37:05.956 1038529 WARNING oslo.privsep.daemon [-] privsep log: sudo: no tty present and no askpass program specified 2018-06-12 10:37:05.955 1038529 CRITICAL oslo.privsep.daemon [-] privsep helper command exited non-zero (1) 2018-06-12 10:37:05.961 1038529 CRITICAL neutron [-] Unhandled error: FailedToDropPrivileges: privsep helper command exited non-zero (1) 2018-06-12 10:37:05.961 1038529 ERROR neutron Traceback (most recent call last): 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/bin/neutron-netns-cleanup", line 10, in <module> 2018-06-12 10:37:05.961 1038529 ERROR neutron sys.exit(main()) 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/python2.7/site-packages/neutron/cmd/netns_cleanup.py", line 289, in main 2018-06-12 10:37:05.961 1038529 ERROR neutron cleanup_network_namespaces(conf) 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/python2.7/site-packages/neutron/cmd/netns_cleanup.py", line 259, in cleanup_network_namespaces 2018-06-12 10:37:05.961 1038529 ERROR neutron ip_lib.list_network_namespaces() 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/python2.7/site-packages/neutron/agent/linux/ip_lib.py", line 1100, in list_network_namespaces 2018-06-12 10:37:05.961 1038529 ERROR neutron return privileged.list_netns(**kwargs) 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/python2.7/site-packages/oslo_privsep/priv_context.py", line 206, in _wrap 2018-06-12 10:37:05.961 1038529 ERROR neutron self.start() 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/python2.7/site-packages/oslo_privsep/priv_context.py", line 217, in start 2018-06-12 10:37:05.961 1038529 ERROR neutron channel = daemon.RootwrapClientChannel(context=self) 2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/python2.7/site-packages/oslo_privsep/daemon.py", line 327, in __init__ 2018-06-12 10:37:05.961 1038529 ERROR neutron raise FailedToDropPrivileges(msg) 2018-06-12 10:37:05.961 1038529 ERROR neutron FailedToDropPrivileges: privsep helper command exited non-zero (1) 2018-06-12 10:37:05.961 1038529 ERROR neutron To manage notifications about this bug go to: https://bugs.launchpad.net/neutron/+bug/1776468/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
