[Bug 1456335] Re: neutron-vpn-netns-wrapper missing in Ubuntu Package
Csaba Kallai
kallaics at freemail.hu
Tue Jul 21 10:46:33 UTC 2015
I have a same problem under Ubuntu 14.04 and Openstack Kilo from Ubuntu
Cloud repo.
Part of the log file:
2015-07-21 12:42:52.154 11311 ERROR neutron.agent.linux.utils [-]
Command: ['sudo', '/usr/bin/neutron-rootwrap', '/etc/neutron/rootwrap.conf', 'ip', 'netns', 'exec', 'qrouter-e03c565d-9667-4fd4-a239-b9d92e43678f', 'neutron-vpn-netns-wrapper', '--mount_paths=/etc:/var/lib/neutron/ipsec/e03c565d-9667-4fd4-a239-b9d92e43678f/etc,/var/run:/var/lib/neutron/ipsec/e03c565d-9667-4fd4-a239-b9d92e43678f/var/run', '--cmd=ipsec,status']
Exit code: 99
Stdin:
Stdout:
Stderr: /usr/bin/neutron-rootwrap: Unauthorized command: ip netns exec qrouter-e03c565d-9667-4fd4-a239-b9d92e43678f neutron-vpn-netns-wrapper --mount_paths=/etc:/var/lib/neutron/ipsec/e03c565d-9667-4fd4-a239-b9d92e43678f/etc,/var/run:/var/lib/neutron/ipsec/e03c565d-9667-4fd4-a239-b9d92e43678f/var/run --cmd=ipsec,status (no filter matched)
vpnaas.filters
ip: IpFilter, ip, root
ip_exec: IpNetnsExecFilter, ip, root
ipsec: CommandFilter, ipsec, root
keepalived: IpNetnsExecFilter, keepalived, root
neutron_netns_wrapper: CommandFilter, neutron-vpn-netns-wrapper, root
neutron_netns_wrapper_local: CommandFilter, /usr/local/bin/neutron-vpn-netns-wrapper, root
I tried and the command 'neutron-vpn-netns-wrapper' is missing.
The neutron-vpn-agent package contains:
# dpkg -L neutron-vpn-agent
/.
/lib
/lib/systemd
/lib/systemd/system
/lib/systemd/system/neutron-vpn-agent.service
/usr
/usr/share
/usr/share/doc
/usr/share/doc/neutron-vpn-agent
/usr/share/doc/neutron-vpn-agent/copyright
/usr/bin
/usr/bin/neutron-vpn-agent
/etc
/etc/init.d
/etc/init.d/neutron-vpn-agent
/etc/neutron
/etc/neutron/neutron_vpnaas.conf
/etc/neutron/vpn_agent.ini
/etc/neutron/rootwrap.d
/etc/neutron/rootwrap.d/vpnaas.filters
/etc/init
/etc/init/neutron-vpn-agent.conf
/usr/share/doc/neutron-vpn-agent/changelog.Debian.gz
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to neutron-vpnaas in Ubuntu.
https://bugs.launchpad.net/bugs/1456335
Title:
neutron-vpn-netns-wrapper missing in Ubuntu Package
Status in neutron:
New
Status in neutron-vpnaas package in Ubuntu:
Confirmed
Bug description:
The executable neutron-vpn-netns-wrapper (path /usr/bin/neutron-vpn-
netns-wrapper) in Ubuntu 14.04 packages is missing for OpenStack Kilo.
I tried to enable VPNaaS with StrongSwan and it failed with this error message:
2015-05-18 19:20:41.510 3254 TRACE neutron_vpnaas.services.vpn.device_drivers.ipsec Stderr: /usr/bin/neutron-rootwrap: Unauthorized command: ip netns exec qrouter-0b4c88fa-4944-45a7-b1b3-fbee1d7fc2ac neutron-vpn-netns-wrapper --mount_paths=/etc:/var/lib/neutron/ipsec/0b4c88fa-4944-45a7-b1b3-fbee1d7fc2ac/etc,/var/run:/var/lib/neutron/ipsec/0b4c88fa-4944-45a7-b1b3-fbee1d7fc2ac/var/run --cmd=ipsec,start (no filter matched)
After copying the content of neutron-vpn-netns-wrapper from the Fedora
repository VPNaaS with StrongSwan worked.
The content of the vpn-netns-wrapper:
#!/usr/bin/python2
# PBR Generated from u'console_scripts'
import sys
from neutron_vpnaas.services.vpn.common.netns_wrapper import main
if __name__ == "__main__":
sys.exit(main())
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1456335/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list