ovn migration executes scripts from /tmp directory
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Fix Released
|
Medium
|
Jakub Libosvar |
Bug Description
Description of problem:
The /tmp are often mounted with noexec option for security reasons. The migration roles rely that scripts in /tmp/ can be executed.
Version-Release number of selected component (if applicable):
16.1
How reproducible:
Always
Steps to Reproduce:
1. Have /tmp mounted with noexec option
2. Run migration from ovs to ovn
3.
Actual results:
fatal: [tpa-vim-
"changed": true,
"cmd": "/tmp/clone-
"delta": "0:00:00.001773",
"end": "2022-03-16 18:51:30.332449",
"invocation": {
"argv": null,
"warn": true
}
},
"msg": "non-zero return code",
"rc": 126,
"start": "2022-03-16 18:51:30.330676",
"stderr": "/bin/sh: /tmp/clone-
"stderr_lines": [
"/bin/sh: /tmp/clone-
],
"stdout": "",
"stdout_lines": []
}
Changed in neutron: | |
importance: | Undecided → Medium |
Fix proposed to branch: master /review. opendev. org/c/openstack /neutron/ +/834071
Review: https:/