[openstack-dev] [cinder] [nova] os-brick privsep failures and an upgrade strategy?
sean at dague.net
Wed Jun 15 01:40:03 UTC 2016
On 06/14/2016 06:11 PM, Angus Lees wrote:
> Yep (3) is quite possible, and the only reason it doesn't just do this
> already is because there's no way to find the name of the rootwrap
> command to use (from any library, privsep or os-brick) - and I was never
> very happy with the current need to specify a command line in
> oslo.config purely for this lame reason.
> As Sean points out, all the others involve some sort of configuration
> change preceding the code. I had imagined rollouts would work by
> pushing out the harmless conf or sudoers change first, but hadn't
> appreciated the strict change phases imposed by grenade (and ourselves).
> If all "end-application" devs are happy calling something like (3)
> before the first privileged operation occurs, then we should be good. I
> might even take the opportunity to phrase it as a general privsep.init()
> function, and then we can use it for any other top-of-main()
> privilege-setup steps that need to be taken in the future.
That sounds promising. It would be fine to emit a warning if it only was
using the default, asking people to make a configuration change to make
it go away. We're totally good with things functioning with warnings
after transitions, that ops can adjust during their timetable.
More information about the OpenStack-dev