Public bug reported:
series: bionic
openstack: queens
We have an issue with a user, where the cinder-backup and services are
installed, and separated from cinder-volume nodes.
As part of the cinder-backup, it is required to grab iscsi devices, and
hence the likes of /dev/sd* would be there to be consumed.
As part of this process we can see that cinder-rootwrap is being run,
similar to the command below
sudo cinder-rootwrap /etc/cinder/rootwrap.conf chown 64061 /dev/sda
By default, this then gives permission denied, and does not move forward
We then added the excerpt below following into a new file in
/etc/cinder/rootwrap.d/backup.filters, borrowed from
/etc/cinder/rootwrap.d/volume.filters (which is typically from cinder-
volume package in bionic)
[Filters]
chown: CommandFilter, chown, root
This then moved things along for the user.
After further analysis, we found that post bionic, i.e. cosmic and
beyond, the volume.filters file is now located in cinder-common package
rather than the cinder-volume
My request is, can we do the same for queens, such that this file is in
cinder-common?
** Affects: cinder (Ubuntu)
Importance: Undecided
Status: New
** Affects: cinder (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: cinder (Ubuntu Bionic)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1947351
Title:
chown not in rootwrap when only installing cinder-backup
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cinder/+bug/1947351/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
