1002187 – quantum user has no write perms on lock dir

Bug 1002187 - quantum user has no write perms on lock dir

Summary: quantum user has no write perms on lock dir

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-neutron
Sub Component:
Version:	3.0
Hardware:	All
OS:	All
Priority:	medium
Severity:	high
Target Milestone:	beta
Target Release:	4.0
Assignee:	Jakub Libosvar
QA Contact:	Ofer Blaut
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-08-28 15:11 UTC by Dan Yocum
Modified:	2016-04-26 18:16 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:	Previously a default path to a directory contained locks that caused packages to fail, if the user did not have write access for that directory. As a result, actions requiring locking failed because of permission issues, and the values had to be manually replaced in config files. Now, the default value for locking utilities was removed and set for iptables manager depending on path for state. As a result locks are stored to the correct location without any permission issues.
Clone Of:
Environment:
Last Closed:	2013-12-20 00:22:09 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Launchpad	1107950	0	None	None	None	Never
Red Hat Product Errata	RHEA-2013:1859	0	normal	SHIPPED_LIVE	Red Hat Enterprise Linux OpenStack Platform Enhancement Advisory	2013-12-21 00:01:48 UTC

Description Dan Yocum 2013-08-28 15:11:31 UTC

Description of problem:
2013-08-28 10:05:20    DEBUG [quantum.agent.linux.utils] Running command: ['sudo', 'quantum-rootwrap', '/etc/quantum/rootwrap.conf', 'ip', 'netns', 'list']
2013-08-28 10:05:20 CRITICAL [quantum] [Errno 13] Permission denied


This is a known bug - https://bugs.launchpad.net/neutron/+bug/1107950 - the problem is that only half the patches have been applied to RHOS-3 and RDO.  See comments #6 and #7 in launchpad.  

This patch has been applied:

https://github.com/openstack/oslo-incubator/commit/febbd005151e2ade521eed027a7d5372e6e3c0bc

This patch has *NOT* been applied:

https://github.com/openstack/neutron/commit/d5bfd9106148eec91f1109ea7f88b6fb41cd69d5

Since this blocks anyone from using quantum w/o applying the patches, I'd say this is pretty severe.

Version-Release number of selected component (if applicable):

Both in RDO and openstack-quantum-2013.1.2-4.el6ost.noarch


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 2 Ofer Blaut 2013-11-17 13:33:40 UTC

issue is not seen on RHOS 4.0 openstack-neutron-2013.2-5.el6ost.noarch

Comment 6 errata-xmlrpc 2013-12-20 00:22:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHEA-2013-1859.html

Note You need to log in before you can comment on or make changes to this bug.