[openstack-dev] [cinder] [nova] os-brick privsep failures and an upgrade strategy?

Sean Dague sean at dague.net
Wed Jun 15 01:40:03 UTC 2016

On 06/14/2016 06:11 PM, Angus Lees wrote:
> Yep (3) is quite possible, and the only reason it doesn't just do this
> already is because there's no way to find the name of the rootwrap
> command to use (from any library, privsep or os-brick) - and I was never
> very happy with the current need to specify a command line in
> oslo.config purely for this lame reason.
> As Sean points out, all the others involve some sort of configuration
> change preceding the code.  I had imagined rollouts would work by
> pushing out the harmless conf or sudoers change first, but hadn't
> appreciated the strict change phases imposed by grenade (and ourselves).
> If all "end-application" devs are happy calling something like (3)
> before the first privileged operation occurs, then we should be good.  I
> might even take the opportunity to phrase it as a general privsep.init()
> function, and then we can use it for any other top-of-main()
> privilege-setup steps that need to be taken in the future.

That sounds promising. It would be fine to emit a warning if it only was 
using the default, asking people to make a configuration change to make 
it go away. We're totally good with things functioning with warnings 
after transitions, that ops can adjust during their timetable.


Sean Dague

More information about the OpenStack-dev mailing list