Description of problem: File permission errors are generated when attempting to access ISO virtual media files mastered for virtual media boot. Customer engineer contacted the upstream development team asking questions regarding Lenovo virtual media hardware compatibility. Since it is not officially documented as supported, and given their environment configuration they ran into some issues, one being the file permission issue. In this particular environment, the customer operates swift which the driver uses by default, however their BMCs are unable to access swift and they are not wanting to make the change to do so, and thus they needed to set [redfish]use_swift=False in the ironic configuration file. <timeu> after adding the config flag, it tries to download the iso but fails with: PermissionError: [Errno 13] Permission denied: '/var/lib/ironic/httpboot/redfish/boot-01c9e448-b833-4a11-a561-3282b27e1205' <timeu> seems like that the created redfish directory has some weird permissions: dr-x---r-t. 2 ironic ironic 6 Jul 21 21:33 redfish Turns out, we already found and fixed this upstream, just never backported it to ?Victoria?, Ussuri, and Train releases of OpenStack. Version-Release number of selected component (if applicable): 16.1 How reproducible: Always when attempting to operate virtual media without swift, i.e. setting [redfish]use_swift=False. Steps to Reproduce: 1. Set [redfish]use_swift=False in ironic.conf 2. Setup node for redfish virtual media based deployment 3. Deploy! Actual results: Deployment fails with underlying permission error in the logs. Ramdisk never boots. Expected results: Ramdisk boots in order to perform deployment. Additional info: Upstream fix which was confirmed to fix this in OCP has already been merged, and just needs to be backported upstream and then downstream where applicable.
Updating for the proposed train backport
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Release of components for Red Hat OpenStack Platform 16.2.2), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:1001