← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #93837

[Bug 2060974] [NEW] neutron-dhcp-agent attemps to read pid.haproxy but can't

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Hi,

>From neutron-dhcp-agent.log, I can see it's trying to access:

/var/lib/neutron/external/pids/*.pid.haproxy

It used to be that these files where having the unix rights (at least in
Debian 11, aka Bullseye):

-rw-r--r--

However, in Debian 12 (aka Bookworm), for a reason, they now are:

-rw-r-----

and then the agent doesn't have the necessary rights to read these
files.

Note that in devstack, these PIDs are owned by the stack user, so that's
not an issue. But that's not the case in a Debian package, where haproxy
writes these pid files as root:root, when the neutron-dhcp-agent is
running under neutron:neutron, and therefore, can't read the files.

One possibility would be reading the PIDs through privsep.

Another fix would be to understand why the PID files aren't world
readable. At this point, I can't tell why.

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/2060974

Title:
  neutron-dhcp-agent attemps to read pid.haproxy but can't

Status in neutron:
  New

Bug description:
  Hi,

  From neutron-dhcp-agent.log, I can see it's trying to access:

  /var/lib/neutron/external/pids/*.pid.haproxy

  It used to be that these files where having the unix rights (at least
  in Debian 11, aka Bullseye):

  -rw-r--r--

  However, in Debian 12 (aka Bookworm), for a reason, they now are:

  -rw-r-----

  and then the agent doesn't have the necessary rights to read these
  files.

  Note that in devstack, these PIDs are owned by the stack user, so
  that's not an issue. But that's not the case in a Debian package,
  where haproxy writes these pid files as root:root, when the neutron-
  dhcp-agent is running under neutron:neutron, and therefore, can't read
  the files.

  One possibility would be reading the PIDs through privsep.

  Another fix would be to understand why the PID files aren't world
  readable. At this point, I can't tell why.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/2060974/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next