yahoo-eng-team team mailing list archive

[Rodolfo Alonso <ralonsoh@xxxxxxxxxx>]

Public bug reported:

Since [1], the radvd daemon is spawned with parameter "-u username".
This drops the root privileges and changes the user ID to "username".

In some deployments (e.g. TripleO), the "neutron" user does not have,
inside the L3 agent container, the permissions to modify the host kernel
interfaces (from journal.log):

wrz 13 13:08:15 controller-2 radvd[904324]: failed to set LinkMTU (1500) for qr-7befc0a3-04: Permission denied
wrz 13 13:08:15 controller-2 radvd[904324]: failed to set CurHopLimit (64) for qr-7befc0a3-04: Permission denied


[1] https://review.opendev.org/#/q/Ic5d976ba71a966a537d1f31888f82997a7ccb0de

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1844688

Title:
  "radvd" daemon does not work by default in some containers

Status in neutron:
  New

Bug description:
  Since [1], the radvd daemon is spawned with parameter "-u username".
  This drops the root privileges and changes the user ID to "username".

  In some deployments (e.g. TripleO), the "neutron" user does not have,
  inside the L3 agent container, the permissions to modify the host
  kernel interfaces (from journal.log):

  wrz 13 13:08:15 controller-2 radvd[904324]: failed to set LinkMTU (1500) for qr-7befc0a3-04: Permission denied
  wrz 13 13:08:15 controller-2 radvd[904324]: failed to set CurHopLimit (64) for qr-7befc0a3-04: Permission denied

  
  [1] https://review.opendev.org/#/q/Ic5d976ba71a966a537d1f31888f82997a7ccb0de

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1844688/+subscriptions