[Bug 1873438] [NEW] dnsmasq needs access to /var/lib/neutron/dhcp/*

[Albert Damen]

Public bug reported:

After bug 1866187 "dnsmasq needs access to /var/lib/neutron/dhcp" was
fixed we now got a new error:

/var/lib/neutron/dhcp/<guid> is not accessible.

due to: find /var/lib/neutron -type f -exec chmod 0640 "{}" + -o -type d
-exec chmod 0750 "{}" +

Apr 17 10:57:16 network dnsmasq[11259]: failed to load names from /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/addn_h>
Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/host: Permission den>
Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/opts: Permission den>

where dnsmasq is running as user nobody.

and now
~$ ls -la /var/lib/neutron/dhcp/
total 16
drwxr-xr-x 4 neutron neutron 4096 Apr 17 09:09 .
drwxr-xr-x 8 neutron neutron 4096 Apr 17 09:27 ..
drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 493a63a2-8110-4d88-a3cd-49f6643b670c
drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 78adc3ed-9e9c-47f7-83a2-315277a5be53

chmod 751 on both directories solves the issue.

neutron-common:
  Installed: 2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu1

** Affects: neutron (Ubuntu)
     Importance: Undecided
         Status: New

** Description changed:

  After bug 1866187 "dnsmasq needs access to /var/lib/neutron/dhcp" was
  fixed we now got a new error:
  
  /var/lib/neutron/dhcp/<guid> is not accessible.
  
  due to: find /var/lib/neutron -type f -exec chmod 0640 "{}" + -o -type d
  -exec chmod 0750 "{}" +
  
  Apr 17 10:57:16 network dnsmasq[11259]: failed to load names from /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/addn_h>
  Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/host: Permission den>
  Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/opts: Permission den>
  
  where dnsmasq is running as user nobody.
  
  and now
  ~$ ls -la /var/lib/neutron/dhcp/
  total 16
  drwxr-xr-x 4 neutron neutron 4096 Apr 17 09:09 .
  drwxr-xr-x 8 neutron neutron 4096 Apr 17 09:27 ..
  drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 493a63a2-8110-4d88-a3cd-49f6643b670c
  drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 78adc3ed-9e9c-47f7-83a2-315277a5be53
  
  chmod 751 on both directories solves the issue.
+ 
+ neutron-common:
+   Installed: 2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu1

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to neutron in Ubuntu.
https://bugs.launchpad.net/bugs/1873438

Title:
  dnsmasq needs access to /var/lib/neutron/dhcp/*

Status in neutron package in Ubuntu:
  New

Bug description:
  After bug 1866187 "dnsmasq needs access to /var/lib/neutron/dhcp" was
  fixed we now got a new error:

  /var/lib/neutron/dhcp/<guid> is not accessible.

  due to: find /var/lib/neutron -type f -exec chmod 0640 "{}" + -o -type
  d -exec chmod 0750 "{}" +

  Apr 17 10:57:16 network dnsmasq[11259]: failed to load names from /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/addn_h>
  Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/host: Permission den>
  Apr 17 10:57:16 network dnsmasq[11259]: cannot read /var/lib/neutron/dhcp/493a63a2-8110-4d88-a3cd-49f6643b670c/opts: Permission den>

  where dnsmasq is running as user nobody.

  and now
  ~$ ls -la /var/lib/neutron/dhcp/
  total 16
  drwxr-xr-x 4 neutron neutron 4096 Apr 17 09:09 .
  drwxr-xr-x 8 neutron neutron 4096 Apr 17 09:27 ..
  drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 493a63a2-8110-4d88-a3cd-49f6643b670c
  drwxr-x--- 2 neutron neutron 4096 Apr 17 10:57 78adc3ed-9e9c-47f7-83a2-315277a5be53

  chmod 751 on both directories solves the issue.

  neutron-common:
    Installed: 2:16.0.0~b3~git2020041516.5f42488a9a-0ubuntu1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/neutron/+bug/1873438/+subscriptions