chown not in rootwrap when only installing cinder-backup
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
cinder (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bionic |
New
|
Undecided
|
Unassigned |
Bug Description
series: bionic
openstack: queens
We have an issue with a user, where the cinder-backup and services are installed, and separated from cinder-volume nodes.
As part of the cinder-backup, it is required to grab iscsi devices, and hence the likes of /dev/sd* would be there to be consumed.
As part of this process we can see that cinder-rootwrap is being run, similar to the command below
sudo cinder-rootwrap /etc/cinder/
By default, this then gives permission denied, and does not move forward
We then added the excerpt below following into a new file in /etc/cinder/
[Filters]
chown: CommandFilter, chown, root
This then moved things along for the user.
After further analysis, we found that post bionic, i.e. cosmic and beyond, the volume.filters file is now located in cinder-common package rather than the cinder-volume
My request is, can we do the same for queens, such that this file is in cinder-common?