Description of problem: /var/log/messages is being flooded with below messages on all nodes: -- Feb 18 08:24:32 tb-compute-1 systemd: Configuration file /usr/lib/systemd/system/wpa_supplicant.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:24:32 tb-compute-1 systemd: Configuration file /usr/lib/systemd/system/ebtables.service is marked executable. Please remove executable permission bits. Proceeding anyway. -- Additionally these messages are flooding on Controller nodes: -- Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-novncproxy.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-scheduler.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-api.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-metadata-api.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-console.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-consoleauth.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-xvpvncproxy.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-api.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-api.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-scheduler.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-scheduler.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-conductor.service is marked executable. Please remove executable permission bits. Proceeding anyway. Feb 18 08:26:01 tb-controller-1 systemd: Configuration file /usr/lib/systemd/system/openstack-nova-conductor.service is marked executable. Please remove executable permission bits. Proceeding anyway. Version-Release number of selected component (if applicable): openstack-nova-2014.2.3-54.el7ost.src.rpm How reproducible: Steps to Reproduce: 1. Install latest nova packages for openstack 6 2. monitor logs Actual results: many errors in logs Expected results: no errors in logs Additional info: I've checked the spec files from all src.rpm packages from the latest openstack repo and only the openstack-nova package is installing service files with incorrect permissions. (755 vs 644)
This also happens in RHOSP7 (Kilo). And perhaps in RHOSP8 (Liberty).
rpm-master review https://review.rdoproject.org/r/1352
Verified as follows - Permission for nova .service files have been restored to 644 as like other component service files. Further, no error messages were observed in nova logs. ********* VERSION ********* [root@serverA ~]# yum list installed | grep openstack-nova openstack-nova-api.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-cert.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-common.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-compute.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-conductor.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-console.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-novncproxy.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle openstack-nova-scheduler.noarch 2014.2.3-73.el7ost @rhelosp-6.0-puddle *********** LOGS *********** [root@serverA ~]# ls -l /usr/lib/systemd/system/*openstack*service -rw-r--r--. 1 root root 274 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-alarm-evaluator.service -rw-r--r--. 1 root root 274 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-alarm-notifier.service -rw-r--r--. 1 root root 237 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-api.service -rw-r--r--. 1 root root 253 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-central.service -rw-r--r--. 1 root root 256 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-collector.service -rw-r--r--. 1 root root 253 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-compute.service -rw-r--r--. 1 root root 274 May 12 18:23 /usr/lib/systemd/system/openstack-ceilometer-notification.service -rw-r--r--. 1 root root 307 Feb 28 17:23 /usr/lib/systemd/system/openstack-cinder-api.service -rw-r--r--. 1 root root 316 Feb 28 17:23 /usr/lib/systemd/system/openstack-cinder-backup.service -rw-r--r--. 1 root root 325 Feb 28 17:23 /usr/lib/systemd/system/openstack-cinder-scheduler.service -rw-r--r--. 1 root root 316 Feb 28 17:23 /usr/lib/systemd/system/openstack-cinder-volume.service -rw-r--r--. 1 root root 261 Feb 5 19:25 /usr/lib/systemd/system/openstack-glance-api.service -rw-r--r--. 1 root root 271 Feb 5 19:25 /usr/lib/systemd/system/openstack-glance-registry.service -rw-r--r--. 1 root root 267 Feb 5 19:25 /usr/lib/systemd/system/openstack-glance-scrubber.service -rw-r--r--. 1 root root 242 May 6 05:57 /usr/lib/systemd/system/openstack-keystone.service -rw-r--r--. 1 root root 571 Jun 15 22:33 /usr/lib/systemd/system/openstack-losetup.service -rw-r--r--. 1 root root 195 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-api.service -rw-r--r--. 1 root root 197 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-cert.service -rw-r--r--. 1 root root 267 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-compute.service -rw-r--r--. 1 root root 207 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-conductor.service -rw-r--r--. 1 root root 216 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-consoleauth.service -rw-r--r--. 1 root root 209 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-console.service -rw-r--r--. 1 root root 213 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-metadata-api.service -rw-r--r--. 1 root root 285 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-novncproxy.service -rw-r--r--. 1 root root 207 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-scheduler.service -rw-r--r--. 1 root root 197 Jun 9 16:59 /usr/lib/systemd/system/openstack-nova-xvpvncproxy.service -rw-r--r--. 1 root root 286 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account-auditor.service -rw-r--r--. 1 root root 264 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account-auditor@.service -rw-r--r--. 1 root root 247 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account-reaper.service -rw-r--r--. 1 root root 262 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account-reaper@.service -rw-r--r--. 1 root root 322 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account-replicator.service -rw-r--r--. 1 root root 270 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account-replicator@.service -rw-r--r--. 1 root root 282 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account.service -rw-r--r--. 1 root root 297 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-account@.service -rw-r--r--. 1 root root 255 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-auditor.service -rw-r--r--. 1 root root 270 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-auditor@.service -rw-r--r--. 1 root root 265 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-reconciler.service -rw-r--r--. 1 root root 328 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-replicator.service -rw-r--r--. 1 root root 276 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-replicator@.service -rw-r--r--. 1 root root 288 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container.service -rw-r--r--. 1 root root 303 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container@.service -rw-r--r--. 1 root root 255 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-updater.service -rw-r--r--. 1 root root 270 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-container-updater@.service -rw-r--r--. 1 root root 283 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-auditor.service -rw-r--r--. 1 root root 261 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-auditor@.service -rw-r--r--. 1 root root 247 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-expirer.service -rw-r--r--. 1 root root 319 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-replicator.service -rw-r--r--. 1 root root 267 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-replicator@.service -rw-r--r--. 1 root root 279 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object.service -rw-r--r--. 1 root root 294 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object@.service -rw-r--r--. 1 root root 246 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-updater.service -rw-r--r--. 1 root root 261 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-object-updater@.service -rw-r--r--. 1 root root 276 Jan 29 09:02 /usr/lib/systemd/system/openstack-swift-proxy.service
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1280