yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #19648
[Bug 1362854] [NEW] Incorrect regex on rootwrap for encrypted volumes ln creation
Public bug reported:
While running Tempest tests against my device, the encryption tests
consistently fail to attach. Turns out the problem is an attempt to
create symbolic link for encryption process, however the rootwrap spec
is restricted to targets with the default openstack.org iqn.
Error Message from n-cpu:
Stderr: '/usr/local/bin/nova-rootwrap: Unauthorized command: ln
--symbolic --force /dev/mapper/ip-10.10.8.112:3260-iscsi-
iqn.2010-01.com.solidfire:3gd2.uuid-6f210923-36bf-46a4-b04a-
6b4269af9d4f.4710-lun-0 /dev/disk/by-path/ip-10.10.8.112:3260-iscsi-
iqn.2010-01.com.sol
Rootwrap entry currently implemented:
ln: RegExpFilter, ln, root, ln, --symbolic, --force, /dev/mapper/ip
-.*-iscsi-iqn.2010-10.org.openstack:volume-.*, /dev/disk/by-path/ip
-.*-iscsi-iqn.2010-10.org.openstack:volume-.*
** Affects: nova
Importance: Undecided
Status: New
** Summary changed:
- Missing rootwrap for encrypted volumes
+ Incorrect regex on rootwrap for encrypted volumes ln creation
** Description changed:
+ While running Tempest tests against my device, the encryption tests
+ consistently fail to attach. Turns out the problem is an attempt to
+ create symbolic link for encryption process, however the rootwrap spec
+ is restricted to targets with the default openstack.org iqn.
- Stderr: '/usr/local/bin/nova-rootwrap: Unauthorized command: ln --symbolic --force /dev/mapper/ip-10.10.8.112:3260-iscsi-iqn.2010-01.com.solidfire:3gd2.uuid-6f210923-36bf-46a4-b04a-6b4269af9d4f.4710-lun-0 /dev/disk/by-path/ip-10.10.8.112:3260-iscsi-iqn.2010-01.com.sol
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher Traceback (most recent call last):
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/oslo/messaging/rpc/dispatcher.py", line 134, in _dispatch_and_reply
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher incoming.message))
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/oslo/messaging/rpc/dispatcher.py", line 177, in _dispatch
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher return self._do_dispatch(endpoint, method, ctxt, args)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/usr/local/lib/python2.7/dist-packages/oslo/messaging/rpc/dispatcher.py", line 123, in _do_dispatch
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher result = getattr(endpoint, method)(ctxt, **new_args)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 412, in decorated_function
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher return function(self, context, *args, **kwargs)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/exception.py", line 88, in wrapped
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher payload)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/openstack/common/excutils.py", line 82, in __exit__
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher six.reraise(self.type_, self.value, self.tb)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/exception.py", line 71, in wrapped
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher return f(self, context, *args, **kw)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 296, in decorated_function
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher pass
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/openstack/common/excutils.py", line 82, in __exit__
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher six.reraise(self.type_, self.value, self.tb)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 282, in decorated_function
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher return function(self, context, *args, **kwargs)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 324, in decorated_function
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher kwargs['instance'], e, sys.exc_info())
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/openstack/common/excutils.py", line 82, in __exit__
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher six.reraise(self.type_, self.value, self.tb)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 312, in decorated_function
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher return function(self, context, *args, **kwargs)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 4358, in attach_volume
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher bdm.destroy(context)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/openstack/common/excutils.py", line 82, in __exit__
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher six.reraise(self.type_, self.value, self.tb)
- 2014-08-28 17:10:31.613 16021 TRACE oslo.messaging.rpc.dispatcher File "/opt/stack/nova/nova/compute/manager.py", line 4355, in attach_volume
+ Error Message from n-cpu:
+
+ Stderr: '/usr/local/bin/nova-rootwrap: Unauthorized command: ln
+ --symbolic --force /dev/mapper/ip-10.10.8.112:3260-iscsi-
+ iqn.2010-01.com.solidfire:3gd2.uuid-6f210923-36bf-46a4-b04a-
+ 6b4269af9d4f.4710-lun-0 /dev/disk/by-path/ip-10.10.8.112:3260-iscsi-
+ iqn.2010-01.com.sol
+
+
+ Rootwrap entry currently implemented:
+
+ ln: RegExpFilter, ln, root, ln, --symbolic, --force, /dev/mapper/ip
+ -.*-iscsi-iqn.2010-10.org.openstack:volume-.*, /dev/disk/by-path/ip
+ -.*-iscsi-iqn.2010-10.org.openstack:volume-.*
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1362854
Title:
Incorrect regex on rootwrap for encrypted volumes ln creation
Status in OpenStack Compute (Nova):
New
Bug description:
While running Tempest tests against my device, the encryption tests
consistently fail to attach. Turns out the problem is an attempt to
create symbolic link for encryption process, however the rootwrap spec
is restricted to targets with the default openstack.org iqn.
Error Message from n-cpu:
Stderr: '/usr/local/bin/nova-rootwrap: Unauthorized command: ln
--symbolic --force /dev/mapper/ip-10.10.8.112:3260-iscsi-
iqn.2010-01.com.solidfire:3gd2.uuid-6f210923-36bf-46a4-b04a-
6b4269af9d4f.4710-lun-0 /dev/disk/by-path/ip-10.10.8.112:3260-iscsi-
iqn.2010-01.com.sol
Rootwrap entry currently implemented:
ln: RegExpFilter, ln, root, ln, --symbolic, --force, /dev/mapper/ip
-.*-iscsi-iqn.2010-10.org.openstack:volume-.*, /dev/disk/by-path/ip
-.*-iscsi-iqn.2010-10.org.openstack:volume-.*
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1362854/+subscriptions
Follow ups
References
