review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Kevin Benton <blak111@gmail.com>
	Fri, 25 Jul 2014 21:27:00 +0000 (14:27 -0700)
committer	Kevin Benton <blak111@gmail.com>
	Wed, 17 Dec 2014 14:54:30 +0000 (06:54 -0800)
commit	9833364fbd4705fc4a563192cf2707ffe8cf763d
tree	86bc81f82bbdd74763e7eef077f251d70753db4a	tree \| snapshot
parent	2494da22007b204113e48f5fe2ccbcb8594ce1f2	commit \| diff

Option for root_helper when checking namespace

Adds a configuration option to use the root helper in the ip netns list
command executed by the IP library when checking for the existence of a
namespace. This prevents an unprivileged l3 agent from erroneously trying
to create another namespace when one already exists. This is necessary in
environments with constrained permissions on /var/run/netns via umask or
other access controls.

However, due to the overhead incurred by calling sudo every time on systems
where this restriction isn't in place, this configuration won't be desired
all of the time. So this patch also adds a sanity check that reports back
whether or not the root_helper is required for a deployment.

DocImpact

Closes-Bug: #1348812
Closes-Bug: #1311804
Change-Id: If7560161de3be6066af0d9866e6b5cd7c7247c33

etc/neutron.conf		diff \| blob \| history
neutron/agent/common/config.py		diff \| blob \| history
neutron/agent/linux/ip_lib.py		diff \| blob \| history
neutron/cmd/sanity/checks.py		diff \| blob \| history
neutron/cmd/sanity_check.py		diff \| blob \| history
neutron/tests/functional/agent/linux/base.py		diff \| blob \| history
neutron/tests/functional/sanity/test_sanity.py		diff \| blob \| history