neutron-dhcp-agent attemps to read pid.haproxy but can't
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| neutron |
Invalid
|
Undecided
|
Unassigned | ||
Bug Description
Hi,
From neutron-
/var/lib/
It used to be that these files where having the unix rights (at least in Debian 11, aka Bullseye):
-rw-r--r--
However, in Debian 12 (aka Bookworm), for a reason, they now are:
-rw-r-----
and then the agent doesn't have the necessary rights to read these files.
Note that in devstack, these PIDs are owned by the stack user, so that's not an issue. But that's not the case in a Debian package, where haproxy writes these pid files as root:root, when the neutron-dhcp-agent is running under neutron:neutron, and therefore, can't read the files.
One possibility would be reading the PIDs through privsep.
Another fix would be to understand why the PID files aren't world readable. At this point, I can't tell why.
| Bernard Cafarelli (bcafarel) wrote | #1 |
| Thomas Goirand (thomas-goirand) wrote | #2 |
| Bernard Cafarelli (bcafarel) wrote | #3 |
| Changed in neutron: | |
| status: | New → Invalid |
Per IRC last week:
I found out, it's my startup script for neutron-dhcp-agent that has "umask 0026" ...
@zigo so can we close this bug? I do not remember any recent change on that pid file handling in neutron itself