9833364fbd
Adds a configuration option to use the root helper in the ip netns list command executed by the IP library when checking for the existence of a namespace. This prevents an unprivileged l3 agent from erroneously trying to create another namespace when one already exists. This is necessary in environments with constrained permissions on /var/run/netns via umask or other access controls. However, due to the overhead incurred by calling sudo every time on systems where this restriction isn't in place, this configuration won't be desired all of the time. So this patch also adds a sanity check that reports back whether or not the root_helper is required for a deployment. DocImpact Closes-Bug: #1348812 Closes-Bug: #1311804 Change-Id: If7560161de3be6066af0d9866e6b5cd7c7247c33 |
||
|---|---|---|
| .. | ||
| sanity | ||
| __init__.py | ||
| sanity_check.py | ||
| usage_audit.py | ||