Description of problem:

File permission errors are generated when attempting to access ISO virtual media files mastered for virtual media boot. Customer engineer contacted the upstream development team asking questions regarding Lenovo virtual media hardware compatibility. Since it is not officially documented as supported, and given their environment configuration they ran into some issues, one being the file permission issue. In this particular environment, the customer operates swift which the driver uses by default, however their BMCs are unable to access swift and they are not wanting to make the change to do so, and thus they needed to set [redfish]use_swift=False in the ironic configuration file.

<timeu> after adding the config flag, it tries to download the iso but fails with: PermissionError: [Errno 13] Permission denied: '/var/lib/ironic/httpboot/redfish/boot-01c9e448-b833-4a11-a561-3282b27e1205'
<timeu> seems like that the created redfish directory has some weird permissions: dr-x---r-t. 2 ironic ironic         6 Jul 21 21:33 redfish


Turns out, we already found and fixed this upstream, just never backported it to ?Victoria?, Ussuri, and Train releases of OpenStack.


Version-Release number of selected component (if applicable):

16.1

How reproducible:

Always when attempting to operate virtual media without swift, i.e. setting [redfish]use_swift=False.

Steps to Reproduce:
1. Set [redfish]use_swift=False in ironic.conf
2. Setup node for redfish virtual media based deployment
3. Deploy!

Actual results:

Deployment fails with underlying permission error in the logs. Ramdisk never boots.

Expected results:

Ramdisk boots in order to perform deployment.

Additional info:

Upstream fix which was confirmed to fix this in OCP has already been merged, and just needs to be backported upstream and then downstream where applicable.