killfilter should handle updated/deleted executables

Bug #1073768 reported by Dan Prince on 2012-11-01
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron
Undecided
Dan Prince
Folsom
Medium
Gary Kotton
quantum (Ubuntu)
Undecided
Unassigned
Quantal
Undecided
Unassigned

Bug Description

Using the latest Quantum Grizzly builds on Fedora 17 (git cf54850).

I'm hitting issues with Quantum's DHCP agent where the dnsmasq fail to be killed correctly when using rootwrap;

2012-10-31 21:34:40 ERROR [quantum.agent.dhcp_agent] Unable to reload_allocations dhcp.
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/quantum/agent/dhcp_agent.py", line 91, in call_driver
    getattr(driver, action)()
  File "/usr/lib/python2.7/site-packages/quantum/agent/linux/dhcp.py", line 277, in reload_allocations
    utils.execute(cmd, self.root_helper)
  File "/usr/lib/python2.7/site-packages/quantum/agent/linux/utils.py", line 60, in execute
    raise RuntimeError(m)
RuntimeError:
Command: ['sudo', '/usr/bin/quantum-rootwrap', '/etc/quantum/rootwrap.conf', 'kill', '-HUP', '18037']
Exit code: 1
Stdout: ''

-----------

The issue seems to be similar to something I've hit in Nova as well...

From Nova ticket: https://bugs.launchpad.net/nova/+bug/967931

The KillFilter class used by rootwrapper currently relies on the /proc/PID/exe symlink to determine the command used to execute a process. This works fine until an executable is updated/deleted while a process is running.

The fix seems to be to strip ' (deleted)' off of the readlink command.

Dan Prince (dan-prince) on 2012-11-01
Changed in quantum:
assignee: nobody → Dan Prince (dan-prince)
status: New → In Progress
Gary Kotton (garyk) on 2012-11-01
tags: added: folsom-backport-potential

Reviewed: https://review.openstack.org/15169
Committed: http://github.com/openstack/quantum/commit/f4c02899a1ea8ccd69278d7314be0b1409c8fa66
Submitter: Jenkins
Branch: master

commit f4c02899a1ea8ccd69278d7314be0b1409c8fa66
Author: Dan Prince <email address hidden>
Date: Wed Oct 31 22:11:42 2012 -0400

    Update KillFilter to handle 'deleted' exe's.

    Updates KillFilter so that it handles the case where the executable
    linked to by /proc/PID/exe is updated or deleted.

    Includes new test case with coverage for this fix as well.

    Fixes LP Bug #1073768

    Change-Id: If568693e0b491f8806ff0156701766929ca0b3e0

Changed in quantum:
status: In Progress → Fix Committed

Reviewed: https://review.openstack.org/15486
Committed: http://github.com/openstack/quantum/commit/9ba453a1ae65b1ee450a3a42314038f6c9011630
Submitter: Jenkins
Branch: stable/folsom

commit 9ba453a1ae65b1ee450a3a42314038f6c9011630
Author: Dan Prince <email address hidden>
Date: Wed Oct 31 22:11:42 2012 -0400

    Update KillFilter to handle 'deleted' exe's.

    Updates KillFilter so that it handles the case where the executable
    linked to by /proc/PID/exe is updated or deleted.

    Includes new test case with coverage for this fix as well.

    Fixes LP Bug #1073768

    Change-Id: If568693e0b491f8806ff0156701766929ca0b3e0

tags: added: in-stable-folsom
Gary Kotton (garyk) on 2012-11-11
tags: removed: folsom-backport-potential
Thierry Carrez (ttx) on 2012-11-21
Changed in quantum:
milestone: none → grizzly-1
status: Fix Committed → Fix Released
Changed in quantum (Ubuntu):
status: New → Fix Released
Changed in quantum (Ubuntu Quantal):
status: New → Confirmed

Hello Dan, or anyone else affected,

Accepted quantum into quantal-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/quantum/2012.2.1-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in quantum (Ubuntu Quantal):
status: Confirmed → Fix Committed
tags: added: verification-needed
Mark McLoughlin (markmc) on 2013-01-22
tags: removed: in-stable-folsom
Launchpad Janitor (janitor) wrote :
Download full text (3.8 KiB)

This bug was fixed in the package quantum - 2012.2.1-0ubuntu1

---------------
quantum (2012.2.1-0ubuntu1) quantal-proposed; urgency=low

  * Resynchronize with stable/folsom (1e774867) (LP: #1085255):
    - [aeabb42] There are routing problems when the dnsmasq port does not come
      first in the routing table (LP: #1083238)
    - [04aab72] Quantum linux bridge not optimized with libvirt (LP: #1078210)
    - [ca7fc10] getting quotas from database has severe performance implications
      (LP: #1075369)
    - [66605e8] failed to update an external network into non external network
      (LP: #1083387)
    - [c60051a] Quantum test suite leaks memory like a sieve (LP: #1065276)
    - [3179dfc] clear_db() does incomplete db teardown (LP: #1080988)
    - [c1e19d7] Unauthorized command: cat /proc/None/cmdline (LP: #1077651)
    - [af9e076] At times a instance will not receive an IP address from the DHCP
      agent (LP: #1081664)
    - [e0d1a7d] allow multiple floating-ip on single port if they use different
      fixed ips and/or external nets (LP: #1057844)
    - [8471d79] Delete port fails to gateway ip (LP: #1079980)
    - [aca8b4a] fixed_ip allocation which is not included within
      allocation_pools makes error when delete port or re-create port
      (LP: #1077292)
    - [eacc9d3] Mapping same bridge to different phyiscal networks succeed
      (LP: #1067669)
    - [51b4c82] python-quantum: not region aware (LP: #1080793)
    - [6f0a486] delete floatingip should be in one transaction to delete port
      (LP: #1080516)
    - [db6cda7] Remove qpid configuration variables no longer supported
    - [a112840] Allow NVP plugin to use per-tenant quota extension
    - [82b1a55] Quantum service does not restart after reboot (LP: #1073999)
    - [c01a839] There are some cases that L3 API with an invalid parameter
      returns 500. (LP: #1064765)
    - [26b383f] external network can be plugged also as internal network for one
      router (LP: #1053633)
    - [49f649c] There is a lot of cases that API with an invalid parameter
      returns 500. (LP: #1062046)
    - [4546a18] When create subnet, you con set up the value as cidr (the value
      isn't cidr form). (LP: #1067959)
    - [9ba453a] killfilter should handle updated/deleted executables
      (LP: #1073768)
    - [7c8a55c] a port which is not able to delete is made when floatingip
      create fails. (LP: #1064748)
    - [c9b84cf] Linux bridge port update causes exception (LP: #1072713)
    - [cb57932] I can't add interface to router, if there is another port in
      non-shared network of other tenant (LP: #1057558)
    - [574e278] Ryu plugin does not support Security Groups (LP: #1059393)
    - [607f486] tap device added to integration bridge without tag
      (LP: #1064070)
    - [21a0fdf] L3 agent external network flag (LP: #1056720)
    - [5cbaff4] router create with external_gateway_info fails with 500 always.
      (LP: #1064235)
    - [63b81f6] l3 db operations failed in multiple transactions (LP: #1070335)
    - [bff17fb] Ensure that the SqlSoup import is still supported.
    - [e091a29] l3_nat_agent was renamed to l3_agent
    - [9030969] remove default value of 'local_ip' of 10...

Read more...

Changed in quantum (Ubuntu Quantal):
status: Fix Committed → Fix Released
Thierry Carrez (ttx) on 2013-04-04
Changed in quantum:
milestone: grizzly-1 → 2013.1
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers