dnsmasq needs access to /var/lib/neutron/dhcp
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron (Ubuntu) |
Fix Released
|
High
|
Unassigned |
Bug Description
I installed a fresh test cloud in focal. After creating some networks and subnets, neutron-dhcp-agent complained:
sudo journalctl -u neutron-dhcp-agent -e
Mar 05 11:43:53 network dnsmasq[13211]: failed to load names from /var/lib/
Mar 05 11:43:53 network dnsmasq[13211]: cannot read /var/lib/
Mar 05 11:43:53 network dnsmasq[13211]: cannot read /var/lib/
dnsmasq runs as user nobody and needs to read several files under /var/lib/
/var/lib/
Changing UMask=0027 to UMask=0022 in /lib/systemd/
sudo journalctl -u neutron-dhcp-agent -e
Mar 05 13:44:49 network dnsmasq-
Mar 05 13:44:49 network dnsmasq-
Mar 05 13:44:49 network dnsmasq[15266]: read /var/lib/
Mar 05 13:44:49 network dnsmasq-
Mar 05 13:44:49 network dnsmasq-
neutron-dhcp-agent:
Installed: 2:16.0.
neutron-
Installed: 2:16.0.
Changed in neutron (Ubuntu): | |
status: | New → Triaged |
importance: | Undecided → High |
milestone: | none → ubuntu-20.03 |
tags: | added: umask |
I re-installed the neutron node from scratch, with neutron 2:16.0. 0~b3~git2020032 420.a0e1b5804e- 0ubuntu2
Now neutron-common postinst does chmod 0750 /var/lib/neutron which makes the dhcp files unreadable:
Mar 27 20:36:15 network dnsmasq[6218]: failed to load names from /var/lib/ neutron/ dhcp/53519892- 89b9-42cc- be0d-413938ed52 30/addn_ hosts: Permission denied neutron/ dhcp/53519892- 89b9-42cc- be0d-413938ed52 30/host: Permission denied neutron/ dhcp/53519892- 89b9-42cc- be0d-413938ed52 30/opts: Permission denied
Mar 27 20:36:15 network dnsmasq[6218]: cannot read /var/lib/
Mar 27 20:36:15 network dnsmasq[6218]: cannot read /var/lib/
ubuntu@network:~$ sudo ls -la /var/lib/ neutron/ dhcp 8ea0-4656- b872-6d2008e298 c3 89b9-42cc- be0d-413938ed52 30
total 16
drwxr-xr-x 4 neutron neutron 4096 Mar 27 20:35 .
drwxr-x--- 8 neutron neutron 4096 Mar 27 20:35 ..
drwxr-xr-x 2 neutron neutron 4096 Mar 27 20:36 2dd85a27-
drwxr-xr-x 2 neutron neutron 4096 Mar 27 20:36 53519892-
ubuntu@network:~$ cat /var/lib/ neutron/ dhcp/53519892- 89b9-42cc- be0d-413938ed52 30/host neutron/ dhcp/53519892- 89b9-42cc- be0d-413938ed52 30/host: Permission denied
cat: /var/lib/
After changing /var/lib/neutron/ to mode 755 (or 751) dnsmasq works fine again