[Bug 1904745] Re: File permissions in /var/lib/nova/.ssh broken in upgrade

Jake Hill 1904745 at bugs.launchpad.net
Wed Nov 18 15:36:18 UTC 2020 

FWIW and perhaps expectedly, the subsequent do-release-upgrade step also
mangles the permissions.

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/1904745

Title:
  File permissions in /var/lib/nova/.ssh broken in upgrade

Status in nova package in Ubuntu:
  New

Bug description:
  I am doing series upgrade on charmed openstack following the normal
  procedure. The upgrade is cloud:bionic-ussuri to focal distro.

  On compute units I notice that running apt full-upgrade prior to doing
  do-release-upgrade results in incorrect file permissions on
  /var/lib/nova/.ssh/. This in turn breaks migrations at least.

  I did not catch if it was nova-common or nova-compute that did this
  during the upgrade, but something wrote 644 on everything.

  (osc) routergod at juju:~$ juju ssh 40 -- sudo ls -l /var/lib/nova/.ssh
  total 44
  -rw-r----- 1 nova nova 10615 Nov 10 17:34 authorized_keys
  -rw------- 1 nova nova  1675 Apr  9  2020 id_rsa
  -rw-r----- 1 nova nova   393 Apr  9  2020 id_rsa.pub
  -rw-r----- 1 nova nova 21216 Nov 10 17:34 known_hosts
  (osc) routergod at juju:~$ juju upgrade-series 40 prepare focal
  WARNING: This command will mark machine "40" as being upgraded to series "focal".
  This operation cannot be reverted or canceled once started.
  Units running on the machine will also be upgraded. These units include:
    nova-compute/11
    ntp/151
    neutron-openvswitch/67
    nova-compute-syslog/0
  [...]
  (osc) routergod at juju:~$ juju ssh 40 -- sudo apt update
  [...]
  (osc) routergod at juju:~$ juju ssh 40 -- sudo apt full-upgrade
  [...]
  (osc) routergod at juju:~$ juju ssh 40 -- sudo ls -l /var/lib/nova/.ssh
  total 44
  -rw-r--r-- 1 nova nova 10615 Nov 10 17:34 authorized_keys
  -rw-r--r-- 1 nova nova  1675 Apr  9  2020 id_rsa
  -rw-r--r-- 1 nova nova   393 Apr  9  2020 id_rsa.pub
  -rw-r--r-- 1 nova nova 21216 Nov 10 17:34 known_hosts

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1904745/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list