Ubuntu
neutron package

dnsmasq needs access to /var/lib/neutron/dhcp/* as nobody

Bug #1873438 reported by Albert Damen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
neutron (Ubuntu)
Fix Released
High
James Page

Bug Description

After bug 1866187 "dnsmasq needs access to /var/lib/neutron/dhcp" was fixed we now got a new error:

/var/lib/neutron/dhcp/<guid> is not accessible.

due to: find /var/lib/neutron -type f -exec chmod 0640 "{}" + -o -type d -exec chmod 0750 "{}" +

Apr 17 10:57:16 network dnsmasq[11259]: failed to load names from /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/addn_h>
Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/host: Permission den>
Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/opts: Permission den>

where dnsmasq is running as user nobody.

and now
~$ ls -la /var/lib/neutron/dhcp/
total 16
drwxr-xr-x 4 neutron neutron 4096 Apr 17 09:09 .
drwxr-xr-x 8 neutron neutron 4096 Apr 17 09:27 ..
drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 493a63a2-8110-4d88-a3cd-49f6643b670c
drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 78adc3ed-9e9c-47f7-83a2-315277a5be53

chmod 751 on both directories solves the issue.

neutron-common:
  Installed: 2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu1

See original description
Albert Damen (albrt)
description: updated
Revision history for this message
James Page (james-page) wrote :

Earlier fix would have resolved new installation issues, but would break on package upgrades.

Changed in neutron (Ubuntu):
importance: Undecided → High
assignee: nobody → James Page (james-page)
status: New → In Progress
summary: - dnsmasq needs access to /var/lib/neutron/dhcp/*
+ dnsmasq needs access to /var/lib/neutron/dhcp/* as nobody
Revision history for this message
James Page (james-page) wrote :

Fix uploaded which will ensure all files and subdirectories under /var/lib/neutron/dhcp are readable by the default dnsmasq process owner, nobody.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package neutron - 2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu2

---------------
neutron (2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu2) focal; urgency=medium

  * d/neutron-common.postinst: Ensure subdirectories and files under
    /var/lib/neutron/dhcp are readable by the nobody user which is used
    by dnsmasq (LP: #1873438).

 -- James Page <email address hidden> Fri, 17 Apr 2020 12:27:46 +0100

Changed in neutron (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.