The packages from the ppa fix the issue for me. In order to reproduce, install neutron-vpn-agent from Newton UCA and run:
# mkdir /tmp/test # ip netns add testns # ip netns exec testns neutron-vpn-netns-wrapper --mount_paths "/var/run:/tmp/test" --cmd "ipsec,status" 2017-02-07 18:17:06.729 17492 INFO neutron.common.config [-] Logging enabled! 2017-02-07 18:17:06.730 17492 INFO neutron.common.config [-] /usr/bin/neutron-vpn-netns-wrapper version 9.0.0 Command: ['ipsec', 'status'] Exit code: 0 Stdout: Stderr: connecting to 'unix:///var/run/charon.ctl' failed: Permission denied failed to connect to stroke socket 'unix:///var/run/charon.ctl'
With fixed package: # ip netns exec testns neutron-vpn-netns-wrapper --mount_paths "/var/run:/tmp/test" --cmd "ipsec,status" 2017-02-07 18:21:29.119 22248 INFO neutron.common.config [-] Logging enabled! 2017-02-07 18:21:29.120 22248 INFO neutron.common.config [-] /usr/bin/neutron-vpn-netns-wrapper version 9.0.0 Command: ['mount', '--bind', '/tmp/test', '/var/run'] Exit code: 0 Stdout: Stderr: 2017-02-07 18:21:29.126 22248 INFO neutron_vpnaas.services.vpn.common.netns_wrapper [-] /tmp/test has been bind-mounted in /var/run Command: ['ipsec', 'status'] Exit code: 3 Stdout: Stderr:
The packages from the ppa fix the issue for me. In order to reproduce, install neutron-vpn-agent from Newton UCA and run:
# mkdir /tmp/test vpn-netns- wrapper --mount_paths "/var/run: /tmp/test" --cmd "ipsec,status" common. config [-] Logging enabled! common. config [-] /usr/bin/ neutron- vpn-netns- wrapper version 9.0.0 //var/run/ charon. ctl' failed: Permission denied //var/run/ charon. ctl'
# ip netns add testns
# ip netns exec testns neutron-
2017-02-07 18:17:06.729 17492 INFO neutron.
2017-02-07 18:17:06.730 17492 INFO neutron.
Command: ['ipsec', 'status'] Exit code: 0 Stdout: Stderr: connecting to 'unix:/
failed to connect to stroke socket 'unix:/
With fixed package: vpn-netns- wrapper --mount_paths "/var/run: /tmp/test" --cmd "ipsec,status" common. config [-] Logging enabled! common. config [-] /usr/bin/ neutron- vpn-netns- wrapper version 9.0.0 vpnaas. services. vpn.common. netns_wrapper [-] /tmp/test has been bind-mounted in /var/run
# ip netns exec testns neutron-
2017-02-07 18:21:29.119 22248 INFO neutron.
2017-02-07 18:21:29.120 22248 INFO neutron.
Command: ['mount', '--bind', '/tmp/test', '/var/run'] Exit code: 0 Stdout: Stderr: 2017-02-07 18:21:29.126 22248 INFO neutron_
Command: ['ipsec', 'status'] Exit code: 3 Stdout: Stderr: