[Openstack] How do I manually start dnsmasq with rootwrap?

Zhi-Wei Lu zwlu at ucdavis.edu
Thu May 29 23:54:12 UTC 2014


I grabbed this command from /var/log/nova/network.log under debug mode on a different server!
/etc/nova/rootwrap.conf was meant to be run by user "nova"

Thank you.

Zhi-Wei Lu
IET-CR-Network Operations Center
University of California, Davis
(530) 752-0155

-----Original Message-----
From: Thierry Carrez [mailto:thierry at openstack.org] 
Sent: Thursday, May 29, 2014 1:50 AM
To: openstack at lists.openstack.org
Subject: Re: [Openstack] How do I manually start dnsmasq with rootwrap?

Zhi-Wei Lu wrote:
> /usr/bin/nova-rootwrap: Unauthorized command:
> CONFIG_FILE=[/usr/share/nova/nova-dist.conf, /etc/nova/nova.conf]
> NETWORK_ID=3 dnsmasq --strict-order --bind-interfaces --conf-file=
> --pid-file=/var/lib/nova/networks/nova-br100.pid
> --listen-address= --except-interface=lo
> --dhcp-range=set:demo-net,,static,,120s
> --dhcp-lease-max=256
> --dhcp-hostsfile=/var/lib/nova/networks/nova-br100.conf
> --dhcp-script=/usr/bin/nova-dhcpbridge --leasefile-ro --domain=novalocal
> exec (no filter matched)

I think the error comes from the CONFIG_FILE value (should just be the
name of a file ?)

That said, it's probably simpler to just run that command under sudo:

sudo CONFIG_FILE=/etc/nova/nova.conf NETWORK_ID=3 dnsmasq --strict-order ...

rather than use "su" to run as "nova" a command that would let you
escalate back to root :)

Hope this helps,

Thierry Carrez (ttx)

Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Post to     : openstack at lists.openstack.org
Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack

More information about the Openstack mailing list