[Rdo-list] Why is a bug fixed in RHOS/RHEL but not in Rawhide?

Richard W.M. Jones rjones at redhat.com
Thu Dec 18 11:32:21 UTC 2014 

On Thu, Dec 18, 2014 at 12:19:10PM +0100, Kashyap Chamarthy wrote:
> On Thu, Dec 18, 2014 at 09:16:17AM +0000, Richard W.M. Jones wrote:
> > On Wed, Dec 17, 2014 at 07:39:34PM +0000, Richard W.M. Jones wrote:
> > > 
> > >   https://bugzilla.redhat.com/show_bug.cgi?id=1132129
> > > 
> > > It looks as if this was fixed in RHOS 5 and upstream (16a766d81) back
> > > in August.
> > > 
> > > I've just cloned this bug for Rawhide where it is still not fixed:
> > > 
> > >   https://bugzilla.redhat.com/show_bug.cgi?id=1175460
> > > 
> > > Surely bugs should be fixed first upstream, then in Rawhide, and
> > > then in RHOS?
> > 
> > It turns out the commit fixing the bug was reverted upstream.
> > 
> > The bug still happens in a freshly created Rawhide VM that just runs
> > 'packstack --allinone'.  Any idea who/what it is that adds
> > net.bridge.bridge-nf-call-* rules into /etc/sysctl.conf? 
> 
> Looking up Bugzilla, seems like it's needed to get Neutron networking
> security groups working correctly, this is the bug
> 
>     https://bugzilla.redhat.com/show_bug.cgi?id=981144 -- need to set
>     net.bridge.bridge-nf-call-iptables=1 for --allinone installation
> 
> which says
> 
>     For the single node deployment with "packstack --allinone",
>     following kernel parms should be set so that the security group
>     works correctly.
>     
>     net.bridge.bridge-nf-call-ip6tables = 1
>     net.bridge.bridge-nf-call-iptables = 1
>     net.bridge.bridge-nf-call-arptables = 1

I believe the underlying problem is that 'br_netfilter' (a kernel
module) is not getting loaded.  This module is what creates
/proc/sys/net/bridge/bridge-nf-* files.

If I load the module manually before running packstack then I can get
around this problem.

There are a few possibilities here:

 - Because I'm starting from @Core (ie. a minimal package set), it
   could be that some other program that would normally be installed
   and which would load this module is not installed.  ie. A missing
   dependency.

 - Something in Rawhide previously loaded/required this module, but
   now doesn't.

 - Something specific to aarch64 (this one seems unlikely).

On a similar topic, here is a another bug which causes me some concern
about the state of RDO in Rawhide:

https://bugzilla.redhat.com/show_bug.cgi?id=1175472

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW

More information about the dev mailing list