yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #85753
[Bug 1923198] [NEW] custom kill scripts don't works after migration to privsep
Public bug reported:
It seems that custom kill scripts aren't working properly if they are in the PATH which isn't in the standard PATH now.
When we were using rootwrap to run such scripts it was fine when scripts were e.g. in default path which is /etc/neutron/kill_scripts/ as this directory is added in the rootwrap's exec_dirs: https://github.com/openstack/neutron/blob/07b7da2251fbb607d599d48e80e4a701fa6b394e/etc/rootwrap.conf#L13 and rootwrap is looking for binary to execute in the directories from that config option.
But now we moved to privsep and we have errors like:
2021-04-09 12:01:19.348 176680 DEBUG oslo.privsep.daemon [-] privsep: Exception during request[140575473731280]: [Errno 2] No such file or directory: 'dnsmasq-kill': 'dnsmasq-kill' _process_cmd /usr/lib/python3.6/site-packages/oslo_privsep/daemon.py:490
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/oslo_privsep/daemon.py", line 485, in _process_cmd
ret = func(*f_args, **f_kwargs)
File "/usr/lib/python3.6/site-packages/oslo_privsep/priv_context.py", line 249, in _wrap
return func(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/neutron/privileged/agent/linux/utils.py", line 56, in execute_process
obj, cmd = _create_process(cmd, addl_env=addl_env)
File "/usr/lib/python3.6/site-packages/neutron/privileged/agent/linux/utils.py", line 83, in _create_process
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
File "/usr/lib/python3.6/site-packages/eventlet/green/subprocess.py", line 58, in __init__
subprocess_orig.Popen.__init__(self, args, 0, *argss, **kwds)
File "/usr/lib64/python3.6/subprocess.py", line 729, in __init__
restore_signals, start_new_session)
File "/usr/lib64/python3.6/subprocess.py", line 1364, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'dnsmasq-kill': 'dnsmasq-kill'
Even if dnsmasq-kill script is in the /etc/neutron/kill_scripts directory.
We didn't spot it in our CI jobs as we don't run any job with those
custom kill scripts. But it is used e.g. by Tripleo and they spot it in
their jobs.
** Affects: neutron
Importance: High
Assignee: Slawek Kaplonski (slaweq)
Status: Confirmed
** Tags: l3-ipam-dhcp
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1923198
Title:
custom kill scripts don't works after migration to privsep
Status in neutron:
Confirmed
Bug description:
It seems that custom kill scripts aren't working properly if they are in the PATH which isn't in the standard PATH now.
When we were using rootwrap to run such scripts it was fine when scripts were e.g. in default path which is /etc/neutron/kill_scripts/ as this directory is added in the rootwrap's exec_dirs: https://github.com/openstack/neutron/blob/07b7da2251fbb607d599d48e80e4a701fa6b394e/etc/rootwrap.conf#L13 and rootwrap is looking for binary to execute in the directories from that config option.
But now we moved to privsep and we have errors like:
2021-04-09 12:01:19.348 176680 DEBUG oslo.privsep.daemon [-] privsep: Exception during request[140575473731280]: [Errno 2] No such file or directory: 'dnsmasq-kill': 'dnsmasq-kill' _process_cmd /usr/lib/python3.6/site-packages/oslo_privsep/daemon.py:490
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/oslo_privsep/daemon.py", line 485, in _process_cmd
ret = func(*f_args, **f_kwargs)
File "/usr/lib/python3.6/site-packages/oslo_privsep/priv_context.py", line 249, in _wrap
return func(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/neutron/privileged/agent/linux/utils.py", line 56, in execute_process
obj, cmd = _create_process(cmd, addl_env=addl_env)
File "/usr/lib/python3.6/site-packages/neutron/privileged/agent/linux/utils.py", line 83, in _create_process
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
File "/usr/lib/python3.6/site-packages/eventlet/green/subprocess.py", line 58, in __init__
subprocess_orig.Popen.__init__(self, args, 0, *argss, **kwds)
File "/usr/lib64/python3.6/subprocess.py", line 729, in __init__
restore_signals, start_new_session)
File "/usr/lib64/python3.6/subprocess.py", line 1364, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'dnsmasq-kill': 'dnsmasq-kill'
Even if dnsmasq-kill script is in the /etc/neutron/kill_scripts directory.
We didn't spot it in our CI jobs as we don't run any job with those
custom kill scripts. But it is used e.g. by Tripleo and they spot it
in their jobs.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1923198/+subscriptions
Follow ups
