neutron

rootwrap filter for iptables-save/restore incomplete

Bug #1156044 reported by Dirk Mueller on 2013-03-16

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	neutron	Fix Released	Medium	Dirk Mueller	neutron 2013.2 "havana"
	Grizzly	Fix Released	Medium	Dirk Mueller	neutron 2013.1.2

Bug Description

On SUSE, iptables-save and iptables-restore is in /usr/sbin/ on SUSE. The current rootwrap filters are not providing an entry for this location, so their calls are failing.

It seems Quantum needs a port of https://review.openstack.org/#/c/16766/ to solve this for all possible variants.

Tags:

OpenStack Infra (hudson-openstack) on 2013-03-16

Changed in quantum:
assignee:	nobody → Dirk Mueller (dmllr)
status:	New → In Progress

Mark McClain (markmcclain) on 2013-03-21

Changed in quantum:
importance:	Undecided → Medium
tags:	added: rootwrap

Revision history for this message

Thierry Carrez (ttx) wrote on 2013-04-12:

Making Quantum converge to use the oslo common rootwrap is planned for Havana... so maybe the best for the moment is to quickly fix this by duplicating filters so that they allow both paths.

Revision history for this message

Dirk Mueller (dmllr) wrote on 2013-04-14:

Actually it is my plan to submit a oslo based rotwrap update for Quantum. See the pending review request.

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-05-18: Fix proposed to quantum (stable/grizzly)

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/29645

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-05-29: Fix merged to quantum (master)

Reviewed: https://review.openstack.org/24539
Committed: http://github.com/openstack/quantum/commit/d1a623bc97d26b55dde5431d6445a556b5a27c21
Submitter: Jenkins
Branch: master

commit d1a623bc97d26b55dde5431d6445a556b5a27c21
Author: Dirk Mueller <email address hidden>
Date: Sat May 18 17:06:30 2013 +0200

Use exec_dirs for rootwrap commands

    Avoid depending on platform specific paths for rootwrap
    by using exec_dirs in rootwrap. Fixes rootwrap configuration
    for SUSE.

Fixes bug #1156044

Change-Id: I54d082c543fd84b40db0caa3571300ac0bb07b57

Changed in quantum:
status:	In Progress → Fix Committed

Thierry Carrez (ttx) on 2013-05-29

Changed in quantum:
milestone:	none → havana-1
status:	Fix Committed → Fix Released

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-05-29: Fix proposed to quantum (stable/grizzly)

Fix proposed to branch: stable/grizzly
Review: https://review.openstack.org/30870

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2013-05-30: Fix merged to quantum (stable/grizzly)

Reviewed: https://review.openstack.org/29645
Committed: http://github.com/openstack/quantum/commit/db364347408cbf55740259c6be33ee5574d30560
Submitter: Jenkins
Branch: stable/grizzly

commit db364347408cbf55740259c6be33ee5574d30560
Author: Dirk Mueller <email address hidden>
Date: Sat May 18 17:13:02 2013 +0200

Add _usr variants for iptables rootwraps

On SUSE, the paths are inside /usr for totally
weird reasons.

Fixes bug #1156044

Change-Id: I7f98359f89236891289fc24d62949d7097d774dd

tags:

added: in-stable-grizzly

Alan Pevec (apevec) on 2013-08-06

tags:

removed: in-stable-grizzly

Thierry Carrez (ttx) on 2013-10-17

Changed in neutron:
milestone:	havana-1 → 2013.2

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.