[Openstack-operators] Several openstack nova daemons refuse to start after a reboot

James Penick james_r_penick at yahoo.com
Wed Jul 30 21:55:50 UTC 2014


Also, these docs should help you out: https://wiki.openstack.org/wiki/Rootwrap

 
:)=
On , James Penick <james_r_penick at yahoo.com> wrote:
 


Can you paste the line you have for this headless user in /etc/sudoers?

make sure you have something like:

$userALL NOPASSWD: /usr/bin/nova-rootwrap


where $user is the name of the headless user you've created to execute this process.

-James


 

:)=


On Wednesday, July 30, 2014 12:16 PM, Abel Lopez <alopgeek at gmail.com> wrote:
 


Couple of things I’d check, first make sure /etc/sudoers has the “#includedir /etc/sudoers.d” 
It must have the #, that’s not a comment, that’s what the directive looks like.

Secondly, parse the file with visudo to make sure it’s syntactically correct, both the /etc/sudoers and any file that may be in /etc/sudoers.d/
Your nova user’s shell is fine, mine is /bin/false, 


On Jul 30, 2014, at 12:04 PM, Jeff Silverman <jeff at sweetlabs.com> wrote:

I had several openstack daemons running properly after going through the set up process.  I decided to reboot the machine (because it's going to reboot sooner or later and I wanted to find out what would go wrong before we pressed the system into production).  Several of the daemons don't start properly.  In all cases, there is an error message in the log files of the form:
>
>
>2014-07-30 10:56:57.349 878 CRITICAL nova [-] ProcessExecutionError: Unexpected error while running command.
>Command: sudo nova-nn /etc/nova/rootwrap.conf iptables-save -c
>Exit code: 1
>Stdout: ''
>Stderr: 'sudo: no tty present and no askpass program specified\n'
>
>
>
>I have googled the error message and I find several items of advice, all of which I have taken and none of which have resolved my issue:
>
>
>	* Remove the defaults requiretty from the /etc/sudoers file.  I have done both #Defaults requiretty and Defaults !requiretty  and tried again.  No joy.
>	* I added the following line to nova.conf:
>root_helper=sudo nova-rootwrap
>no joy, there, either.
>	* Interestingly enough, if I give the command sudo nova-rootwrap /etc/nova/rootwrap.conf iptables-save -c 
>from the command line as user root, then it works.
>	* I notice that user nova is in/etc/passwdwith shell/bin/nologin.  I assume that that's there for a reason, so I am reluctant to change it.
>	* If I give the command
>sudo nova-nn whoami
>I get:
>sudo: nova-nn: command not found
>	* 
>
>
>
>I am open to additional suggestions.  I am running on Centos 6.5
>
>
>
>-- 
>
>Jeff Silverman
>Systems Engineer
>(253) 459-2318 (c)
>
>
_______________________________________________
>OpenStack-operators mailing list
>OpenStack-operators at lists.openstack.org
>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>


_______________________________________________
OpenStack-operators mailing list
OpenStack-operators at lists.openstack.org
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-operators/attachments/20140730/937d5ecd/attachment.html>


More information about the OpenStack-operators mailing list