Remove run_as_root which fails without root_helper
It appears that this library is typically run as the root user which shouldn't require 'run_as_root'. When running as an unprivileged user the required permissions can be granted by specifying 'AmbientCapabilities = CAP_NET_ADMIN' in the service, rather than 'CapabilityBoundingSet'. An alternative approach would be to specify a 'root_helper' or to switch to oslo.privsep, but these don't fully solve the problem as the 'pyroute2' library also requires 'CAP_NET_ADMIN'. Closes-Bug: #1852105 Change-Id: I9d0942f1cfc06cc3a7585683a030516096297767
This commit is contained in:
parent
f09977423b
commit
cdb9fe351d
@ -70,5 +70,4 @@ def _set_vf_interface_vlan(pf_ifname, vf_num, mac_addr, vlan=0):
|
||||
'vf', vf_num,
|
||||
'mac', mac_addr,
|
||||
'vlan', vlan,
|
||||
run_as_root=True,
|
||||
check_exit_code=exit_code)
|
||||
|
@ -114,7 +114,7 @@ def port_unbind(endpoint_id, neutron_port, **kwargs):
|
||||
network_id = neutron_port['network_id']
|
||||
stdout, stderr = processutils.execute(
|
||||
unbinding_exec_path, constants.UNBINDING_SUBCOMMAND, port_id, ifname,
|
||||
endpoint_id, mac_address, vif_details, network_id, run_as_root=True)
|
||||
endpoint_id, mac_address, vif_details, network_id)
|
||||
try:
|
||||
utils.remove_device(ifname)
|
||||
except pyroute2.NetlinkError:
|
||||
@ -148,6 +148,5 @@ def _configure_host_iface(ifname, endpoint_id, port_id, net_id, project_id,
|
||||
stdout, stderr = processutils.execute(
|
||||
binding_exec_path, constants.BINDING_SUBCOMMAND, port_id, ifname,
|
||||
endpoint_id, hwaddr, net_id, project_id,
|
||||
lib_utils.string_mappings(details),
|
||||
run_as_root=True)
|
||||
lib_utils.string_mappings(details))
|
||||
return stdout, stderr
|
||||
|
@ -63,7 +63,6 @@ class TestHwVebDriver(base.TestCase):
|
||||
'vf', fake_vf_num,
|
||||
'mac', fake_port['port']['mac_address'],
|
||||
'vlan', fake_vlan_id,
|
||||
run_as_root=True,
|
||||
check_exit_code=[0, 2, 254])
|
||||
|
||||
@mock.patch('oslo_concurrency.processutils.execute',
|
||||
@ -91,5 +90,4 @@ class TestHwVebDriver(base.TestCase):
|
||||
'vf', fake_vf_num,
|
||||
'mac', fake_port['port']['mac_address'],
|
||||
'vlan', 0,
|
||||
run_as_root=True,
|
||||
check_exit_code=[0, 2, 254])
|
||||
|
Loading…
Reference in New Issue
Block a user