Train Series Release Notes¶
oslo.privsepclient can be called from a program using eventlet. If
eventlet.monkey_patch, some libraries will be patched, for example
os. When the root daemon is forked from the client process, those libraries remain patched. Now, when the daemon is forked from the client process, those libraries and methods are restored to the original values. The goal is to prevent some timeouts when using eventlet threads (user threads); system threads are preemptive and the code does not need to care about the executor token.
When the privsep helper dies, the client side PrivContext now restarts the client channel and the helper so that privileged commands can continue to be processed. See bug 1715374 for details. In conjunction with the fix for bug 1794708 in oslo.service, the nova-compute service now behaves correctly when it receives
This only works for the
ROOTWRAPmethod of starting the daemon. With the
FORKmethod we’ve dropped privileges and no longer have the ability to restart the daemon in privileged mode.