yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #03622
[Bug 1185872] Re: dom0 rootwrap filters out ip command
** Changed in: neutron
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1185872
Title:
dom0 rootwrap filters out ip command
Status in OpenStack Neutron (virtual network service):
Fix Released
Bug description:
Using XenServer, the dom0's agent dies with the following, just after
it's started:
2013-05-30 15:28:22.839 28018 DEBUG quantum.agent.linux.utils [-] Running command: ['/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0', '/etc/quantum/rootwrap.conf', 'ip', '-o', 'link', 'show', 'xapi1'] execute /opt/stack/quantum/quantum/agent/linux/utils.py:42
2013-05-30 15:28:23.022 28018 DEBUG quantum.agent.linux.utils [-]
Command: ['/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0', '/etc/quantum/rootwrap.conf', 'ip', '-o', 'link', 'show', 'xapi1']
Exit code: 1
Stdout: ''
Stderr: 'Traceback (most recent call last):\n File "/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0", line 119, in <module>\n print main()\n File "/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0", line 113, in main\n filter_command(exec_name, config[\'filters_path\'], user_args)\n File "/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0", line 91, in filter_command\n filter_match = wrapper.match_filter(filters, user_args)\n File "/opt/stack/quantum/quantum/rootwrap/wrapper.py", line 155, in match_filter\n raise FilterMatchNotExecutable(match=first_not_executable_filter)\nquantum.rootwrap.wrapper.FilterMatchNotExecutable\n' execute /opt/stack/quantum/quantum/agent/linux/utils.py:59
2013-05-30 15:28:23.023 28018 ERROR quantum.plugins.openvswitch.agent.ovs_quantum_agent [-] Bridge xapi1 for physical network physnet1 does not exist. Agent terminated!
Running the command manually:
stack@DevStackOSDomU:~/quantum$ /opt/stack/quantum/bin/quantum-rootwrap-xen-dom0 /etc/quantum/rootwrap.conf ip -o link show xapi1
Traceback (most recent call last):
File "/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0", line 119, in <module>
print main()
File "/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0", line 113, in main
filter_command(exec_name, config['filters_path'], user_args)
File "/opt/stack/quantum/bin/quantum-rootwrap-xen-dom0", line 91, in filter_command
filter_match = wrapper.match_filter(filters, user_args)
File "/opt/stack/quantum/quantum/rootwrap/wrapper.py", line 155, in match_filter
raise FilterMatchNotExecutable(match=first_not_executable_filter)
quantum.rootwrap.wrapper.FilterMatchNotExecutable
Config file:
stack@DevStackOSDomU:~/quantum$ cat /etc/quantum/rootwrap.conf
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=/etc/quantum/rootwrap.d
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
[XENAPI]
# XenAPI configuration is only required by the L2 agent if it is to
# target a XenServer/XCP compute host's dom0.
xenapi_connection_url=http://10.219.10.25
xenapi_connection_username=root
xenapi_connection_password=pass
Maybe we just need to disable filtering with dom0 rootwrap ?
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1185872/+subscriptions
