Regarding https://review.openstack.org/#/c/145829/
The old code of DnsMasq will always get root_helper from
neutron.agent.dhcp.agent.
However, new code will only set run_as_root when namespace
is used. That will cause permission error when namespace
is disabled and dnsmasq need to be started.
Change-Id: Ib00d6e54dba44dbbbec158b9e0518e6e42baceec
Closes-Bug: #
1428007
uuid=self.network.id,
namespace=self.network.namespace,
default_cmd_callback=cmd_callback,
- pid_file=self.get_conf_file_name('pid'))
+ pid_file=self.get_conf_file_name('pid'),
+ run_as_root=True)
def disable(self, retain_port=False):
"""Disable DHCP for this network by killing the local process."""
"""Release a DHCP lease."""
cmd = ['dhcp_release', self.interface_name, ip, mac_address]
ip_wrapper = ip_lib.IPWrapper(namespace=self.network.namespace)
- ip_wrapper.netns.execute(cmd)
+ ip_wrapper.netns.execute(cmd, run_as_root=True)
def _output_config_files(self):
self._output_hosts_file()
"""
def __init__(self, conf, uuid, namespace=None, service=None,
pids_path=None, default_cmd_callback=None,
- cmd_addl_env=None, pid_file=None):
+ cmd_addl_env=None, pid_file=None, run_as_root=False):
self.conf = conf
self.uuid = uuid
self.cmd_addl_env = cmd_addl_env
self.pids_path = pids_path or self.conf.external_pids
self.pid_file = pid_file
+ self.run_as_root = run_as_root
if service:
self.service_pid_fname = 'pid.' + service
cmd = cmd_callback(self.get_pid_file_name())
ip_wrapper = ip_lib.IPWrapper(namespace=self.namespace)
- ip_wrapper.netns.execute(cmd, addl_env=self.cmd_addl_env)
+ ip_wrapper.netns.execute(cmd, addl_env=self.cmd_addl_env,
+ run_as_root=self.run_as_root)
elif reload_cfg:
self.reload_cfg()
self._as_root([], ('delete', name), use_root_namespace=True)
def execute(self, cmds, addl_env=None, check_exit_code=True,
- extra_ok_codes=None):
+ extra_ok_codes=None, run_as_root=False):
ns_params = []
- kwargs = {}
+ kwargs = {'run_as_root': run_as_root}
if self._parent.namespace:
kwargs['run_as_root'] = True
ns_params = ['ip', 'netns', 'exec', self._parent.namespace]
'--metadata_proxy_watch_log=false')
ip_mock.assert_has_calls([
mock.call(namespace=router_ns),
- mock.call().netns.execute(netns_execute_args, addl_env=None)
+ mock.call().netns.execute(netns_execute_args, addl_env=None,
+ run_as_root=False)
])
def test_spawn_metadata_proxy_with_agent_user(self):
callback.assert_called_once_with('pidfile')
self.execute.assert_called_once_with(['the', 'cmd'],
check_exit_code=True,
- extra_ok_codes=None)
+ extra_ok_codes=None,
+ run_as_root=False)
def test_enable_with_namespace(self):
callback = mock.Mock()
callback.assert_called_once_with('pidfile')
ip_lib.assert_has_calls([
mock.call.IPWrapper(namespace='ns'),
- mock.call.IPWrapper().netns.execute(['the', 'cmd'],
- addl_env=None)])
+ mock.call.IPWrapper().netns.execute(
+ ['the', 'cmd'], addl_env=None, run_as_root=False)])
def test_enable_with_namespace_process_active(self):
callback = mock.Mock()
self.netns_cmd.execute(['test'])
execute.assert_called_once_with(['test'],
check_exit_code=True,
- extra_ok_codes=None)
+ extra_ok_codes=None,
+ run_as_root=False)
class TestDeviceExists(base.BaseTestCase):
Code Review / openstack-build / neutron-build.git / commitdiff