neutron-netns-cleanup does not configure privsep correctly
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Miguel Angel Ajo |
Bug Description
It crashes when trying to invoke privsep:
2018-06-12 10:37:05.932 1038529 INFO neutron.
2018-06-12 10:37:05.932 1038529 INFO neutron.
2018-06-12 10:37:05.932 1038529 DEBUG neutron.
2018-06-12 10:37:05.933 1038529 INFO oslo.privsep.daemon [-] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/usr/share/
2018-06-12 10:37:05.954 1038529 WARNING oslo.privsep.daemon [-] privsep log:
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: We trust you have received the usual lecture from the local System
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: Administrator. It usually boils down to these three things:
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: #1) Respect the privacy of others.
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: #2) Think before you type.
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: #3) With great power comes great responsibility.
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:
2018-06-12 10:37:05.956 1038529 WARNING oslo.privsep.daemon [-] privsep log: sudo: no tty present and no askpass program specified
2018-06-12 10:37:05.955 1038529 CRITICAL oslo.privsep.daemon [-] privsep helper command exited non-zero (1)
2018-06-12 10:37:05.961 1038529 CRITICAL neutron [-] Unhandled error: FailedToDropPri
2018-06-12 10:37:05.961 1038529 ERROR neutron Traceback (most recent call last):
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/bin/
2018-06-12 10:37:05.961 1038529 ERROR neutron sys.exit(main())
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/
2018-06-12 10:37:05.961 1038529 ERROR neutron cleanup_
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/
2018-06-12 10:37:05.961 1038529 ERROR neutron ip_lib.
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/
2018-06-12 10:37:05.961 1038529 ERROR neutron return privileged.
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/
2018-06-12 10:37:05.961 1038529 ERROR neutron self.start()
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/
2018-06-12 10:37:05.961 1038529 ERROR neutron channel = daemon.
2018-06-12 10:37:05.961 1038529 ERROR neutron File "/usr/lib/
2018-06-12 10:37:05.961 1038529 ERROR neutron raise FailedToDropPri
2018-06-12 10:37:05.961 1038529 ERROR neutron FailedToDropPri
2018-06-12 10:37:05.961 1038529 ERROR neutron
We need to initialise privsep properly at start:
def get_root_ helper( conf): root_helper
return conf.AGENT.
def setup_privsep(): context. init(root_ helper= shlex.split( get_root_ helper( cfg.CONF) ))
priv_