Bug 1044155
Summary: | openstack-db command is too aggressive about redirecting stderr | ||
---|---|---|---|
Product: | [Community] RDO | Reporter: | Lars Kellogg-Stedman <lars> |
Component: | openstack-utils | Assignee: | Pádraig Brady <pbrady> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Ami Jeain <ajeain> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | unspecified | CC: | dron, hateya, pbrady, yeylon |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-01-10 17:01:41 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Lars Kellogg-Stedman
2013-12-17 21:31:38 UTC
Yes nova-manage should not be run as root. I'll need to check why I added that redirect, and will adjust. It seems pretty likely that people are going to be regularly running nova-manage as root. For example, after a packstack install, the keystone credentials are provisioned in /root/keystonerc-admin, so people will typically be operating as root when they first get started. One of the first things someone might do when diagnosing a problem is to run "nova-manage service list". In this case, it's not clear what actually happened: everyone who has encountered this particular problem has denied running nova-manage explicitly, and since the log file is zero-length it's not clear how it's getting created. But yeah, at least presenting the "permission denied" error message to the user would help tremendously. openstack-db should also attempt to: test -e /var/log/$APP/$APP-manage.log && chown $APP: /var/log/$APP/$APP-manage.log || : *** Bug 1048141 has been marked as a duplicate of this bug. *** I've made two changes in https://github.com/redhat-openstack/openstack-utils/pull/8: - remove the redirect of stderr - implement the chown in comment 3 This is now fixed in RDO |