So it still seems that we are at an impasse here on getting new olso lockutils into cinder because it doesn't come with a working default.
As a recap - https://review.openstack.org/#/c/48935/ (that sync) is blocked by failing upgrade testing, because lock_path has no default, so it has to land config changes simultaneously on the commit otherwise explode cinder on startup (as not setting that variable explodes as a fatal error). I consider that an upgrade blocker, and am not comfortable with the work around - https://review.openstack.org/#/c/52070/3 I've proposed an oslo patch that would give us a default plus an ERROR log message if you used it - https://review.openstack.org/#/c/60274/ The primary concern here is that it opens up a local DOS attack because it's a well known directory. This is a valid concern. My feeling is you are lost anyway if you have malicious users on your system, and if we've narrowed them down to only DOSing (which there other ways they could do that), I think we've narrowed the surface enough to make this acceptable at the ERROR log level. However there are objections, so at this point it seems like we needed to summarize the state of the world, get this back onto the list with a more descriptive subject, and see who else wants to weigh in. -Sean -- Sean Dague http://dague.net
signature.asc
Description: OpenPGP digital signature
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
