OpenStack-Ansible

/etc/rabbitmq not readable by rabbit

Bug #1509317 reported by Hugh Saunders on 2015-10-23

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenStack-Ansible	Fix Released	Undecided	Hugh Saunders	OpenStack-Ansible 11.2.5

Bug Description

Rabbit failed to start during an upgrade from Juno to Kilo.

The error in the startup log was:

---------------------------------------------
BOOT FAILED
===========

Error description:
   {error,
       {cannot_read_enabled_plugins_file,"/etc/rabbitmq/enabled_plugins",
           eacces}}
---------------------------------------------

Ther perms on /etc/rabbitmq are root:root 0750, which doesn't allow the rabbitmq user to read.

The perms are set in pre_install to 0755: https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/rabbitmq_server/tasks/rabbitmq_pre_install.yml#L54

The perms are overwritten by the memcached module to 0750 here: https://github.com/openstack/openstack-ansible/blob/master/playbooks/roles/rabbitmq_server/tasks/rabbitmq_ssl_key_distribute.yml#L26-L27

I think the solution is to remove the dir_mode from "Distribute self signed ssl" then the memcached module will use its default of 0755.

This is related to bug #1506992

Hugh Saunders (hughsaunders) on 2015-10-23

Changed in openstack-ansible:
assignee:	nobody → Hugh Saunders (hughsaunders)
status:	New → In Progress

Hugh Saunders (hughsaunders) on 2015-10-28

Changed in openstack-ansible:
status:	In Progress → Fix Committed
milestone:	none → 11.2.5

Jesse Pretorius (jesse-pretorius) on 2015-11-20

Changed in openstack-ansible:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.