← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #73254

[Bug 1776468] [NEW] neutron-netns-cleanup does not configure privsep correctly

  Thread PreviousDate PreviousThread Next 
Public bug reported:

It crashes when trying to invoke privsep:


2018-06-12 10:37:05.932 1038529 INFO neutron.common.config [-] Logging enabled!
2018-06-12 10:37:05.932 1038529 INFO neutron.common.config [-] /usr/bin/neutron-netns-cleanup version 13.0.0.0b2.dev174
2018-06-12 10:37:05.932 1038529 DEBUG neutron.common.config [-] command line: /usr/bin/neutron-netns-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent --agent-type l3 -d --force setup_logging /usr/lib/python2.7/site-packages/neutron/common/config.py:104
2018-06-12 10:37:05.933 1038529 INFO oslo.privsep.daemon [-] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/usr/share/neutron/neutron-dist.conf', '--config-file', '/etc/neutron/neutron.conf', '--config-file', '/etc/neutron/l3_agent.ini', '--config-dir', '/etc/neutron/conf.d/neutron-l3-agent', '--privsep_context', 'neutron.privileged.default', '--privsep_sock_path', '/tmp/tmpwc58JK/privsep.sock']
2018-06-12 10:37:05.954 1038529 WARNING oslo.privsep.daemon [-] privsep log:
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: We trust you have received the usual lecture from the local System
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: Administrator. It usually boils down to these three things:
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:     #1) Respect the privacy of others.
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:     #2) Think before you type.
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:     #3) With great power comes great responsibility.
2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:
2018-06-12 10:37:05.956 1038529 WARNING oslo.privsep.daemon [-] privsep log: sudo: no tty present and no askpass program specified
2018-06-12 10:37:05.955 1038529 CRITICAL oslo.privsep.daemon [-] privsep helper command exited non-zero (1)
2018-06-12 10:37:05.961 1038529 CRITICAL neutron [-] Unhandled error: FailedToDropPrivileges: privsep helper command exited non-zero (1)
2018-06-12 10:37:05.961 1038529 ERROR neutron Traceback (most recent call last):
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/bin/neutron-netns-cleanup", line 10, in <module>
2018-06-12 10:37:05.961 1038529 ERROR neutron     sys.exit(main())
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/neutron/cmd/netns_cleanup.py", line 289, in main
2018-06-12 10:37:05.961 1038529 ERROR neutron     cleanup_network_namespaces(conf)
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/neutron/cmd/netns_cleanup.py", line 259, in cleanup_network_namespaces
2018-06-12 10:37:05.961 1038529 ERROR neutron     ip_lib.list_network_namespaces()
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/neutron/agent/linux/ip_lib.py", line 1100, in list_network_namespaces
2018-06-12 10:37:05.961 1038529 ERROR neutron     return privileged.list_netns(**kwargs)
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/oslo_privsep/priv_context.py", line 206, in _wrap
2018-06-12 10:37:05.961 1038529 ERROR neutron     self.start()
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/oslo_privsep/priv_context.py", line 217, in start
2018-06-12 10:37:05.961 1038529 ERROR neutron     channel = daemon.RootwrapClientChannel(context=self)
2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/oslo_privsep/daemon.py", line 327, in __init__
2018-06-12 10:37:05.961 1038529 ERROR neutron     raise FailedToDropPrivileges(msg)
2018-06-12 10:37:05.961 1038529 ERROR neutron FailedToDropPrivileges: privsep helper command exited non-zero (1)
2018-06-12 10:37:05.961 1038529 ERROR neutron

** Affects: neutron
     Importance: Medium
     Assignee: Miguel Angel Ajo (mangelajo)
         Status: Confirmed

** Changed in: neutron
       Status: New => Confirmed

** Changed in: neutron
   Importance: Undecided => Medium

** Changed in: neutron
     Assignee: (unassigned) => Miguel Angel Ajo (mangelajo)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1776468

Title:
  neutron-netns-cleanup does not configure privsep correctly

Status in neutron:
  Confirmed

Bug description:
  It crashes when trying to invoke privsep:

  
  2018-06-12 10:37:05.932 1038529 INFO neutron.common.config [-] Logging enabled!
  2018-06-12 10:37:05.932 1038529 INFO neutron.common.config [-] /usr/bin/neutron-netns-cleanup version 13.0.0.0b2.dev174
  2018-06-12 10:37:05.932 1038529 DEBUG neutron.common.config [-] command line: /usr/bin/neutron-netns-cleanup --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-dir /etc/neutron/conf.d/common --config-dir /etc/neutron/conf.d/neutron-l3-agent --agent-type l3 -d --force setup_logging /usr/lib/python2.7/site-packages/neutron/common/config.py:104
  2018-06-12 10:37:05.933 1038529 INFO oslo.privsep.daemon [-] Running privsep helper: ['sudo', 'privsep-helper', '--config-file', '/usr/share/neutron/neutron-dist.conf', '--config-file', '/etc/neutron/neutron.conf', '--config-file', '/etc/neutron/l3_agent.ini', '--config-dir', '/etc/neutron/conf.d/neutron-l3-agent', '--privsep_context', 'neutron.privileged.default', '--privsep_sock_path', '/tmp/tmpwc58JK/privsep.sock']
  2018-06-12 10:37:05.954 1038529 WARNING oslo.privsep.daemon [-] privsep log:
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: We trust you have received the usual lecture from the local System
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log: Administrator. It usually boils down to these three things:
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:     #1) Respect the privacy of others.
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:     #2) Think before you type.
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:     #3) With great power comes great responsibility.
  2018-06-12 10:37:05.955 1038529 WARNING oslo.privsep.daemon [-] privsep log:
  2018-06-12 10:37:05.956 1038529 WARNING oslo.privsep.daemon [-] privsep log: sudo: no tty present and no askpass program specified
  2018-06-12 10:37:05.955 1038529 CRITICAL oslo.privsep.daemon [-] privsep helper command exited non-zero (1)
  2018-06-12 10:37:05.961 1038529 CRITICAL neutron [-] Unhandled error: FailedToDropPrivileges: privsep helper command exited non-zero (1)
  2018-06-12 10:37:05.961 1038529 ERROR neutron Traceback (most recent call last):
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/bin/neutron-netns-cleanup", line 10, in <module>
  2018-06-12 10:37:05.961 1038529 ERROR neutron     sys.exit(main())
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/neutron/cmd/netns_cleanup.py", line 289, in main
  2018-06-12 10:37:05.961 1038529 ERROR neutron     cleanup_network_namespaces(conf)
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/neutron/cmd/netns_cleanup.py", line 259, in cleanup_network_namespaces
  2018-06-12 10:37:05.961 1038529 ERROR neutron     ip_lib.list_network_namespaces()
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/neutron/agent/linux/ip_lib.py", line 1100, in list_network_namespaces
  2018-06-12 10:37:05.961 1038529 ERROR neutron     return privileged.list_netns(**kwargs)
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/oslo_privsep/priv_context.py", line 206, in _wrap
  2018-06-12 10:37:05.961 1038529 ERROR neutron     self.start()
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/oslo_privsep/priv_context.py", line 217, in start
  2018-06-12 10:37:05.961 1038529 ERROR neutron     channel = daemon.RootwrapClientChannel(context=self)
  2018-06-12 10:37:05.961 1038529 ERROR neutron   File "/usr/lib/python2.7/site-packages/oslo_privsep/daemon.py", line 327, in __init__
  2018-06-12 10:37:05.961 1038529 ERROR neutron     raise FailedToDropPrivileges(msg)
  2018-06-12 10:37:05.961 1038529 ERROR neutron FailedToDropPrivileges: privsep helper command exited non-zero (1)
  2018-06-12 10:37:05.961 1038529 ERROR neutron

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1776468/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next