Ubuntu
manila package

Missing sudoers record to allow privset-helper

Bug #2045845 reported by Takashi Kajinami on 2023-12-07

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	manila (Ubuntu)	New	Undecided	Unassigned

Bug Description

It seems the sudoers file installed by manila packages do not include the required records to allow usage of privsep-helper. Because of this lvm backend can't be used.

snippet in manila.conf
```
[DEFAULT]
enabled_share_backends=lvm

[lvm]
share_backend_name=lvm
share_driver=manila.share.drivers.lvm.LVMShareDriver
driver_handles_share_servers=False
lvm_share_export_ips=127.0.0.1
```

The error seen in manila-share.log .
```
2023-12-07 02:59:16.941 42613 DEBUG manila.share.manager [None req-7eb117c5-8a4a-4f41-adb0-e9dae5b070a3 - - - - - -] Start initialization of driver: 'LVMShareDriver@np0035967877@lvm' _driver_setup /usr/lib/python3/dist-packages/manila/share/manager.py:364
2023-12-07 02:59:16.944 42613 INFO oslo.privsep.daemon [None req-7eb117c5-8a4a-4f41-adb0-e9dae5b070a3 - - - - - -] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/etc/manila/manila.conf', '--privsep_context', 'manila.privsep.sys_admin_pctxt', '--privsep_sock_path', '/tmp/tmp4uzpays_/privsep.sock']
2023-12-07 02:59:16.955 42613 WARNING oslo.privsep.daemon [-] privsep log: sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
2023-12-07 02:59:16.956 42613 WARNING oslo.privsep.daemon [-] privsep log: sudo: a password is required
2023-12-07 02:59:16.957 42613 CRITICAL oslo.privsep.daemon [None req-7eb117c5-8a4a-4f41-adb0-e9dae5b070a3 - - - - - -] privsep helper command exited non-zero (1)
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager [None req-7eb117c5-8a4a-4f41-adb0-e9dae5b070a3 - - - - - -] Error encountered during initialization of driver LVMShareDriver@np0035967877@lvm: oslo_privsep.daemon.FailedToDropPrivileges: privsep helper command exited non-zero (1)
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager Traceback (most recent call last):
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager File "/usr/lib/python3/dist-packages/manila/share/manager.py", line 367, in _driver_setup
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager self.driver.check_for_setup_error()
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager File "/usr/lib/python3/dist-packages/manila/share/drivers/lvm.py", line 76, in check_for_setup_error
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager out, err = privsep_lvm.list_vgs_get_name()
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 269, in _wrap
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager self.start()
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager File "/usr/lib/python3/dist-packages/oslo_privsep/priv_context.py", line 283, in start
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager channel = daemon.RootwrapClientChannel(context=self)
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager File "/usr/lib/python3/dist-packages/oslo_privsep/daemon.py", line 358, in __init__
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager raise FailedToDropPrivileges(msg)
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager oslo_privsep.daemon.FailedToDropPrivileges: privsep helper command exited non-zero (1)
2023-12-07 02:59:16.958 42613 ERROR manila.share.manager
```

Revision history for this message

JONGIN (jongini27) wrote on 2024-02-19:

I have the same issue.

<log>

2024-02-19 04:35:17.458 15 INFO oslo.privsep.daemon [None req-d1f86b5f-e7ee-4cb4-bd15-999208c0e8d1 - - - - - -] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/etc/manila/manila.conf', '--privsep_context', 'manila.privsep.sys_admin_pctxt', '--privsep_sock_path', '/tmp/tmp6d52_7wc/privsep.sock']
2024-02-19 04:35:17.474 15 WARNING oslo.privsep.daemon [-] privsep log: sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
2024-02-19 04:35:17.476 15 WARNING oslo.privsep.daemon [-] privsep log: sudo: a password is required
2024-02-19 04:35:17.485 15 CRITICAL oslo.privsep.daemon [None req-d1f86b5f-e7ee-4cb4-bd15-999208c0e8d1 - - - - - -] privsep helper command exited non-zero (1)
2024-02-19 04:35:17.486 15 ERROR manila.share.manager [None req-d1f86b5f-e7ee-4cb4-bd15-999208c0e8d1 - - - - - -] Error encountered during initialization of driver LVMShareDriver@share-01@manila-01: oslo_privsep.daemon.FailedToDropPrivileges: privsep helper command exited non-zero (1)
2024-02-19 04:35:17.486 15 ERROR manila.share.manager Traceback (most recent call last):
2024-02-19 04:35:17.486 15 ERROR manila.share.manager File "/var/lib/kolla/venv/lib/python3.10/site-packages/manila/share/manager.py", line 357, in _driver_setup
2024-02-19 04:35:17.486 15 ERROR manila.share.manager self.driver.check_for_setup_error()
2024-02-19 04:35:17.486 15 ERROR manila.share.manager File "/var/lib/kolla/venv/lib/python3.10/site-packages/manila/share/drivers/lvm.py", line 76, in check_for_setup_error
2024-02-19 04:35:17.486 15 ERROR manila.share.manager out, err = privsep_lvm.list_vgs_get_name()
2024-02-19 04:35:17.486 15 ERROR manila.share.manager File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_privsep/priv_context.py", line 269, in _wrap
2024-02-19 04:35:17.486 15 ERROR manila.share.manager self.start()
2024-02-19 04:35:17.486 15 ERROR manila.share.manager File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_privsep/priv_context.py", line 283, in start
2024-02-19 04:35:17.486 15 ERROR manila.share.manager channel = daemon.RootwrapClientChannel(context=self)
2024-02-19 04:35:17.486 15 ERROR manila.share.manager File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_privsep/daemon.py", line 358, in __init__
2024-02-19 04:35:17.486 15 ERROR manila.share.manager raise FailedToDropPrivileges(msg)

I have the same issue.

<log>

2024-02-19 04:35:17.458 15 INFO oslo.privsep.daemon [None req-d1f86b5f-e7ee-4cb4-bd15-999208c0e8d1 - - - - - -] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/etc/manila/manila.conf', '--privsep_context', 'manila.privsep.sys_admin_pctxt', '--privsep_sock_path', '/tmp/tmp6d52_7wc/privsep.sock']
2024-02-19 04:35:17.474 15 WARNING oslo.privsep.daemon [-] privsep log: sudo: a terminal is required to read the password; either use the -S option to read from standard input or configure an askpass helper
2024-02-19 04:35:17.476 15 WARNING oslo.privsep.daemon [-] privsep log: sudo: a password is required
2024-02-19 04:35:17.485 15 CRITICAL oslo.privsep.daemon [None req-d1f86b5f-e7ee-4cb4-bd15-999208c0e8d1 - - - - - -] privsep helper command exited non-zero (1)
2024-02-19 04:35:17.486 15 ERROR manila.share.manager [None req-d1f86b5f-e7ee-4cb4-bd15-999208c0e8d1 - - - - - -] Error encountered during initialization of driver LVMShareDriver@share-01@manila-01: oslo_privsep.daemon.FailedToDropPrivileges: privsep helper command exited non-zero (1)
2024-02-19 04:35:17.486 15 ERROR manila.share.manager Traceback (most recent call last):
2024-02-19 04:35:17.486 15 ERROR manila.share.manager   File "/var/lib/kolla/venv/lib/python3.10/site-packages/manila/share/manager.py", line 357, in _driver_setup
2024-02-19 04:35:17.486 15 ERROR manila.share.manager     self.driver.check_for_setup_error()
2024-02-19 04:35:17.486 15 ERROR manila.share.manager   File "/var/lib/kolla/venv/lib/python3.10/site-packages/manila/share/drivers/lvm.py", line 76, in check_for_setup_error
2024-02-19 04:35:17.486 15 ERROR manila.share.manager     out, err = privsep_lvm.list_vgs_get_name()
2024-02-19 04:35:17.486 15 ERROR manila.share.manager   File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_privsep/priv_context.py", line 269, in _wrap
2024-02-19 04:35:17.486 15 ERROR manila.share.manager     self.start()
2024-02-19 04:35:17.486 15 ERROR manila.share.manager   File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_privsep/priv_context.py", line 283, in start
2024-02-19 04:35:17.486 15 ERROR manila.share.manager     channel = daemon.RootwrapClientChannel(context=self)
2024-02-19 04:35:17.486 15 ERROR manila.share.manager   File "/var/lib/kolla/venv/lib/python3.10/site-packages/oslo_privsep/daemon.py", line 358, in __init__
2024-02-19 04:35:17.486 15 ERROR manila.share.manager     raise FailedToDropPrivileges(msg)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntumanila package

Missing sudoers record to allow privset-helper

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
manila package