Description of problem: A few people have encountered this problem: # openstack-db --service nova --update Can't determine the existing sync level. Please ensure the database is running and already initialised. In both cases, it turned out that the root cause was /var/log/nova/nova-manage.log had been created with root ownership, so "nova-manage", when run as the "nova" user, was failing with: IOError: [Errno 13] Permission denied: '/var/log/nova/nova-manage.log' But because openstack-db is hiding this error... version=$(db_manage version 2>/dev/null) || return 1 ...it leaves the user confused. Version-Release number of selected component (if applicable): openstack-utils-2013.2-2.fc20.noarch Note that on my system and on rdekel's system, something has created /var/log/nova/nova-manage.log as an empty root-owned file: # ls -l /var/log/nova/nova-manage.log -rw-r--r--. 1 root root 0 Dec 11 14:49 /var/log/nova/nova-manage.log Not sure what is causing this file to get created.
Yes nova-manage should not be run as root. I'll need to check why I added that redirect, and will adjust.
It seems pretty likely that people are going to be regularly running nova-manage as root. For example, after a packstack install, the keystone credentials are provisioned in /root/keystonerc-admin, so people will typically be operating as root when they first get started. One of the first things someone might do when diagnosing a problem is to run "nova-manage service list". In this case, it's not clear what actually happened: everyone who has encountered this particular problem has denied running nova-manage explicitly, and since the log file is zero-length it's not clear how it's getting created. But yeah, at least presenting the "permission denied" error message to the user would help tremendously.
openstack-db should also attempt to: test -e /var/log/$APP/$APP-manage.log && chown $APP: /var/log/$APP/$APP-manage.log || :
*** Bug 1048141 has been marked as a duplicate of this bug. ***
I've made two changes in https://github.com/redhat-openstack/openstack-utils/pull/8: - remove the redirect of stderr - implement the chown in comment 3
This is now fixed in RDO