OpenStack Compute (nova)

--logfile_mode flag does not properly set logfile permissions

Bug #862969 reported by Adam Gandelman
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Compute (nova)
Fix Released
Undecided
Adam Gandelman
OpenStack Compute (nova) 2012.1 "essex"
Diablo
Fix Released
Undecided
Unassigned
OpenStack Compute (nova) 2011.3.1
nova (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

The default logfile_mode of 0644 is successfully enforced, however, using the flag to set permissions of logs to anything else results in incorrect permissions:

ubuntu@ip-10-114-85-19:/var/log/nova$ sudo nova-compute --logfile_mode=0644
ubuntu@ip-10-114-85-19:/var/log/nova$ ls -lh
total 4.0K
--w----r-T 1 root root 1.1K 2011-09-30 03:40 nova-compute.log
ubuntu@ip-10-114-85-19:/var/log/nova$ stat nova-compute.log | grep Access
Access: (1204/--w----r-T) Uid: ( 0/ root) Gid: ( 0/ root)

ubuntu@ip-10-114-85-19:/var/log/nova$ sudo nova-compute --logfile_mode=0600
ubuntu@ip-10-114-85-19:/var/log/nova$ ls -lh
total 4.0K
---x-wx--T 1 root root 1.6K 2011-09-30 03:41 nova-compute.log
ubuntu@ip-10-114-85-19:/var/log/nova$ stat nova-compute.log | grep Access
Access: (1130/---x-wx--T) Uid: ( 0/ root) Gid: ( 0/ root)

Revision history for this message
Adam Gandelman (gandelman-a) wrote :

At declaration of the flag, it looks like gflags converts the default logfile_mode octet "0644" to the proper decimal integer (420). When parsing argv or flagfile, gflags seems to convert the string to an integer, strips the leading zero and a decimal value (ie, 644) gets passed to os.chmod() in the end.

Patch proposed upstream @ https://review.openstack.org/#change,758

affects: ubuntu → nova (Ubuntu)
Robie Basak (racb)
Changed in nova (Ubuntu):
importance: Undecided → Low
Revision history for this message
Openstack Gerrit (openstack-gerrit) wrote : A change has been merged to openstack/nova

Reviewed: https://review.openstack.org/758
Committed: http://github.com/openstack/nova/commit/5b173ef5dfb7c41dbc2a4bb5c9976811516eb00f
Submitter: Jenkins
Branch: master

 status fixcommitted
 done

commit 5b173ef5dfb7c41dbc2a4bb5c9976811516eb00f
Author: Adam Gandelman <email address hidden>
Date: Thu Sep 29 21:06:06 2011 -0700

    Ensure non-default FLAGS.logfile_mode is properly converted to an octet.

    Fixes bug 862969.

    Change-Id: I35ac84d5f5f547fef8e3eec1d3a31f94ea8ae96e

Josh Kearney (jk0)
Changed in nova:
status: New → Fix Committed
Revision history for this message
Chuck Short (zulcss) wrote :

This is fixed in ubuntu as well.

Changed in nova (Ubuntu):
status: New → Fix Released
Revision history for this message
Openstack Gerrit (openstack-gerrit) wrote : Fix merged to nova (stable/diablo)

Reviewed: https://review.openstack.org/1085
Committed: http://github.com/openstack/nova/commit/fdcfe762a52e30e09223f4128a5f4da530aefcf9
Submitter: Jenkins
Branch: stable/diablo

 status fixcommitted
 done

commit fdcfe762a52e30e09223f4128a5f4da530aefcf9
Author: Adam Gandelman <email address hidden>
Date: Thu Sep 29 21:06:06 2011 -0700

    Ensure non-default FLAGS.logfile_mode is properly converted to an octet.

    Fixes bug 862969.

    (cherry picked from commit 5b173ef5dfb7c41dbc2a4bb5c9976811516eb00f)

    Change-Id: Ic89426e2e011e74d49ca57710ade93dc4e4740d0

Thierry Carrez (ttx)
Changed in nova:
milestone: none → essex-1
Thierry Carrez (ttx)
Changed in nova:
status: Fix Committed → Fix Released
Revision history for this message
Martin Pitt (pitti) wrote : Please test proposed package

Hello Adam, or anyone else affected,

Accepted nova into oneiric-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

tags: added: verification-needed
Revision history for this message
Adam Gandelman (gandelman-a) wrote :

Verified SRU in oneiric-proposed the issue in oneiric.

Log of test case available at http://paste.ubuntu.com/775542/

Thanks

Martin Pitt (pitti)
tags: added: verification-done
removed: verification-needed
Mark McLoughlin (markmc)
Changed in nova:
assignee: nobody → Adam Gandelman (gandelman-a)
Thierry Carrez (ttx)
Changed in nova:
milestone: essex-1 → 2012.1
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.