Remove code which allowed nova-manage to attempt to escalate
privileges so that configuration files can be read by users who
normally wouldn't have access, but do have sudo access.
The privilege escalation came into nova-manage with commit e9fd01e
to solve bug 805695. That bug report didn't describe a faulty behavior
but a change request.
NOTE: This is related to change I03063d2 from Kiall Mac Innes who did
this for the "designate" project. I'm reusing the change-id from his
change to make it clear that they are related to each other.
NOTE: I removed the try-except block completely, as it doesn't make
sense to continue when we cannot read the config file (due to a wrong
path or permission errors). That's the same approach we used in the
recent "nova/cmd/policy_check" module.
https://github.com/openstack/nova/blob/master/nova/cmd/policy_check.py#L158
Co-Authored-By: Kiall Mac Innes <kiall@macinnes.ie>
Closes-Bug: 1611171
Change-Id: I03063d2af14015e6506f1b6e958f5ff219aa4a87
The auto generated class documentation link was 404 in the notification
devref as that documenation is not generated automatically any more.
This patch modifies the notification devref to include the interesting
part of the class documentation inline.
Change-Id: I7cbea16fc9682fa3c00eac16a51c4ed8588ba45c
Replace 'stubs.Set' with 'stub_out' in
nova/tests/unit/api/openstack/compute/test_evacuate.py
Part of blueprint remove-mox-ocata
Change-Id: I5c9180d0424042d7e966287d2ac7faf9271c136f
The nova unit tests recently started to fail on systems lacking mkisofs
(like mac osx). Skip these mkisofs calls by patching _make_iso9660.
Change-Id: I350aafa878616f74df506c1bc9ee5f26ea06fe97
Closes-Bug: #1630420
When user tries to create snapshot of instance and at the same time
if another request tries to delete the instance, at that time image
goes in saving status for forever because of race between instance
delete and snapshot requests.
Caught exceptions(InstanceNotFound and UnexpectedDeletingTaskStateError)
in except block and deleting the image which got stuck in saving state.
Closes-Bug: #1555065
Change-Id: If0b918dc951030e6b6ffba147443225e0e4a370a
Due to lack of an error handling, delete-volume API returns HTTP500
error when deleting an attached volume.
This patch adds the error handling.
The corresponding Tempest test is Idb6267be770bcf2541595babebf269cdc71c2b8d
Closes-Bug: #1630783
Change-Id: Ia07556b2dc18678baa4c8fbd65820d8047362ef9
DevicePathInUse might be raised in attach action,
we didn't catch it so a 500 error might be returned
to end user.
Change-Id: Ic9f0979b5adef28bb47756e7fc2ce5a3d6493298
Closes-Bug: 1621452
Releasenote translation publishing is being prepared. 'locale_dirs'
needs to be defined in conf.py to generate translated version of the
release notes.
Change-Id: Ibf005a434417c7b6ad7b7bada27d45f3bf238db1
On revert_resize(), the migration context was dropped hence setting it
to None. The problem is that the migration context is needed when
executing finish_revert_resize() so that the neutron port can be updated
with the right binding profile.
This patch moves the instance.drop_migration_context() call out from the
resource tracker so that the migration context can be dropped at the
appropriate times: after RT.drop_move_claim() is called in the compute
manager's confirm_resize() call and after the virt driver's
finish_revert_resize() in the compute manager's finish_revert_resize()
call.
Change-Id: I1b7b2573de4380576dd8b801ed59d8955b0ab72a
Partial-bug: #1512880
Jenkins