neutron

  1. Bug #1311804
  2. Comment #24

Comment 24 for bug 1311804

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to neutron (master)

Reviewed: https://review.openstack.org/109736
Committed: https://git.openstack.org/cgit/openstack/neutron/commit/?id=9833364fbd4705fc4a563192cf2707ffe8cf763d
Submitter: Jenkins
Branch: master

commit 9833364fbd4705fc4a563192cf2707ffe8cf763d
Author: Kevin Benton <email address hidden>
Date: Fri Jul 25 14:27:00 2014 -0700

    Option for root_helper when checking namespace

    Adds a configuration option to use the root helper in the ip netns list
    command executed by the IP library when checking for the existence of a
    namespace. This prevents an unprivileged l3 agent from erroneously trying
    to create another namespace when one already exists. This is necessary in
    environments with constrained permissions on /var/run/netns via umask or
    other access controls.

    However, due to the overhead incurred by calling sudo every time on systems
    where this restriction isn't in place, this configuration won't be desired
    all of the time. So this patch also adds a sanity check that reports back
    whether or not the root_helper is required for a deployment.

    DocImpact

    Closes-Bug: #1348812
    Closes-Bug: #1311804
    Change-Id: If7560161de3be6066af0d9866e6b5cd7c7247c33