oslo.privsep

neutron cannot work with privsep errors

Bug #1908525 reported by gundami
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
oslo.privsep
New
Undecided
Unassigned

Bug Description

neutron dhcp, l3 angent, linuxbridge agent all cannot work and have the same privsep log:

2020-12-17 07:58:42.693 195226 INFO neutron.agent.dhcp.agent [-] Starting network ee9772c2-ef75-4215-a241-e6071bd70bf4 dhcp configuration
2020-12-17 07:58:42.696 195226 INFO oslo.privsep.daemon [-] Running privsep helper: ['sudo', 'neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'privsep-helper', '--config-file', '/usr/share/neutron/neutron-dist.conf', '--config-file', '/etc/neutron/neutron.conf', '--config-file', '/etc/neutron/dhcp_agent.ini', '--config-dir', '/etc/neutron/conf.d/neutron-dhcp-agent', '--privsep_context', 'neutron.privileged.default', '--privsep_sock_path', '/tmp/tmpt9sini8p/privsep.sock']
2020-12-17 07:58:44.318 195226 CRITICAL oslo.privsep.daemon [-] privsep helper command exited non-zero (1)
2020-12-17 07:58:44.320 195226 ERROR neutron.agent.dhcp.agent [-] Unable to enable dhcp for ee9772c2-ef75-4215-a241-e6071bd70bf4.: oslo_privsep.daemon.FailedToDropPrivileges: privsep helper command exited non-zero (1)

/etc/sudoers.d/nova

Defaults:nova !requiretty

nova ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *
nova ALL = (root) NOPASSWD: /usr/bin/privsep-helper *
nova ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap

/etc/sudoers.d/neutron

Defaults:neutron !requiretty

neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf *
neutron ALL = (root) NOPASSWD: /usr/bin/privsep-helper *
neutron ALL = (root) NOPASSWD: /usr/sbin/iptables-save *

Revision history for this message
glm100 (glm100) wrote :

the same problem to me.

Revision history for this message
ITROBOT (itrobot) wrote :

the same problem to me.

Revision history for this message
hakim (hakim951753) wrote :

is there anyone solved this problem

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.