Bug 1044155 - openstack-db command is too aggressive about redirecting stderr
openstack-db command is too aggressive about redirecting stderr
Status: CLOSED CURRENTRELEASE
Product: RDO
Classification: Community
Component: openstack-utils (Show other bugs)
unspecified
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Pádraig Brady
Ami Jeain
:
: 1048141 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-12-17 16:31 EST by Lars Kellogg-Stedman
Modified: 2017-03-09 22:00 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-10 12:01:41 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lars Kellogg-Stedman 2013-12-17 16:31:38 EST
Description of problem:

A few people have encountered this problem:

  # openstack-db --service nova --update
  Can't determine the existing sync level.
  Please ensure the database is running and already initialised.

In both cases, it turned out that the root cause was /var/log/nova/nova-manage.log had been created with root ownership, so "nova-manage", when run as the "nova" user, was failing with:

  IOError: [Errno 13] Permission denied: '/var/log/nova/nova-manage.log'

But because openstack-db is hiding this error...

  version=$(db_manage version 2>/dev/null) || return 1

...it leaves the user confused.


Version-Release number of selected component (if applicable):

  openstack-utils-2013.2-2.fc20.noarch

Note that on my system and on rdekel's system, something has created /var/log/nova/nova-manage.log as an empty root-owned file:

  # ls -l /var/log/nova/nova-manage.log 
  -rw-r--r--. 1 root root 0 Dec 11 14:49 /var/log/nova/nova-manage.log

Not sure what is causing this file to get created.
Comment 1 Pádraig Brady 2013-12-18 11:29:32 EST
Yes nova-manage should not be run as root.
I'll need to check why I added that redirect, and will adjust.
Comment 2 Lars Kellogg-Stedman 2013-12-19 09:33:08 EST
It seems pretty likely that people are going to be regularly running nova-manage as root.  For example, after a packstack install, the keystone credentials are provisioned in /root/keystonerc-admin, so people will typically be operating as root when they first get started.

One of the first things someone might do when diagnosing a problem is to run "nova-manage service list".

In this case, it's not clear what actually happened: everyone who has encountered this particular problem has denied running nova-manage explicitly, and since the log file is zero-length it's not clear how it's getting created.

But yeah, at least presenting the "permission denied" error message to the user would help tremendously.
Comment 3 Pádraig Brady 2014-01-03 22:28:47 EST
openstack-db should also attempt to:

test -e /var/log/$APP/$APP-manage.log && chown $APP: /var/log/$APP/$APP-manage.log || :
Comment 4 Pádraig Brady 2014-01-03 22:29:08 EST
*** Bug 1048141 has been marked as a duplicate of this bug. ***
Comment 5 Lars Kellogg-Stedman 2014-01-06 13:06:27 EST
I've made two changes in https://github.com/redhat-openstack/openstack-utils/pull/8:

- remove the redirect of stderr
- implement the chown in comment 3
Comment 6 Pádraig Brady 2014-01-10 12:01:41 EST
This is now fixed in RDO

Note You need to log in before you can comment on or make changes to this bug.