First Last Prev Next    This bug is not in your last search results.
Bug 1006902 - openstack-cinder-volume doesn't use rootwrap to mount NFS share
openstack-cinder-volume doesn't use rootwrap to mount NFS share
Status: CLOSED CURRENTRELEASE
Product: RDO
Classification: Community
Component: openstack-cinder (Show other bugs)
unspecified
Unspecified Unspecified
high Severity unspecified
: ---
: ---
Assigned To: Eric Harney
Giulio Fidente
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-11 09:29 EDT by Sandro Mathys
Modified: 2016-04-26 13:06 EDT (History)
2 users (show)

See Also:
Fixed In Version: openstack-cinder-2013.2-1.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-13 13:35:39 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Launchpad 1223879 None None None Never

  None (edit)
Description Sandro Mathys 2013-09-11 09:29:34 EDT 
Description of problem:
In Havana-3, if Cinder is configured with the NfsDriver, openstack-cinder-volume tries to execute mount directly with sudo instead of through the rootwrap.

Version-Release number of selected component (if applicable):
openstack-cinder-2013.2-0.8.b3.el6.noarch

How reproducible:
Unknown.

Steps to Reproduce:
1. Setup OpenStack
2. Configure Cinder to use the NfsDriver
3. Try to create a volume

Actual results:
2013-09-11 14:55:41.919 8586 INFO cinder.volume.manager [-] Updating volume status
2013-09-11 14:55:41.971 8586 WARNING cinder.volume.drivers.nfs [-] Exception during mounting Unexpected error while running command.
Command: sudo mount -t nfs -o rw,sync 192.168.100.30:/nfs/cs2_cinder1 /etc/cinder/volumes/08624ff4b087fa2469aa49ffe177f16a
Exit code: 1
Stdout: ''
Stderr: 'sudo: no tty present and no askpass program specified\n'

Expected results:
sudo /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf mount <...>

Additional info:
Installed with own Puppet manifests, using the stackforge Puppet modules. There's a hopefully correct "rootwrap_config = /etc/cinder/rootwrap.conf" line in /etc/cinder/cinder.conf and /etc/sudeors.d/cinder reads:
Defaults:cinder !requiretty

cinder ALL = (root) NOPASSWD: /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf *
Comment 1 Eric Harney 2013-09-11 09:31:30 EDT 
Likely introduced by https://review.openstack.org/#/c/43064/ .
Comment 2 Yukihiro KAWADA 2013-09-19 23:55:39 EDT 
I fixed like below.

diff -urp -rup cinder-2013.2.b3/cinder/brick/remotefs/remotefs.py cinder-my_2013.2.b3/cinder/brick/remotefs/remotefs.py
--- cinder-2013.2.b3/cinder/brick/remotefs/remotefs.py  2013-09-07 00:39:49.000000000 +0900
+++ cinder-my_2013.2.b3/cinder/brick/remotefs/remotefs.py       2013-09-20 12:24:52.450943786 +0900
@@ -60,7 +60,7 @@ class RemoteFsClient(object):
             self._mount_options = None
         else:
             raise exception.ProtocolNotSupported(protocol=mount_type)
-        self.root_helper = root_helper
+        self.root_helper = 'sudo cinder-rootwrap %s' % CONF.rootwrap_config
         self.set_execute(execute)

     def set_execute(self, execute):
Comment 3 Eric Harney 2014-01-13 13:35:39 EST 
Fixed in 2013.2 release.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.