[Openstack] How do I manually start dnsmasq with rootwrap?

Thierry Carrez thierry at openstack.org
Thu May 29 08:49:52 UTC 2014

Zhi-Wei Lu wrote:
> /usr/bin/nova-rootwrap: Unauthorized command:
> CONFIG_FILE=[/usr/share/nova/nova-dist.conf, /etc/nova/nova.conf]
> NETWORK_ID=3 dnsmasq --strict-order --bind-interfaces --conf-file=
> --pid-file=/var/lib/nova/networks/nova-br100.pid
> --listen-address= --except-interface=lo
> --dhcp-range=set:demo-net,,static,,120s
> --dhcp-lease-max=256
> --dhcp-hostsfile=/var/lib/nova/networks/nova-br100.conf
> --dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro --domain=novalocal
> exec (no filter matched)

I think the error comes from the CONFIG_FILE value (should just be the
name of a file ?)

That said, it's probably simpler to just run that command under sudo:

sudo CONFIG_FILE=/etc/nova/nova.conf NETWORK_ID=3 dnsmasq --strict-order ...

rather than use "su" to run as "nova" a command that would let you
escalate back to root :)

Hope this helps,

Thierry Carrez (ttx)

More information about the Openstack mailing list