From 181d8de082090f77bb6f5b8b816e172005f6a38c Mon Sep 17 00:00:00 2001
From: Tomoe Sugihara <tomoe@midokura.com>
Date: Fri, 17 Feb 2012 10:54:58 +0900
Subject: Run ovs-ofctl as root

Since ovs-ofctl requires root privilege, nova-network would
fail during allocate_for_instance. This fixes the issue.

Change-Id: I188f1a4fdf4998c51f8626b37efd175039d23227
---
 nova/network/linux_net.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'nova')

diff --git a/nova/network/linux_net.py b/nova/network/linux_net.py
index d7465e461..987a063db 100755
--- a/nova/network/linux_net.py
+++ b/nova/network/linux_net.py
@@ -1098,10 +1098,11 @@ class LinuxOVSInterfaceDriver(LinuxNetInterfaceDriver):
                 # If we weren't instructed to act as a gateway then add the
                 # appropriate flows to block all non-dhcp traffic.
                 _execute('ovs-ofctl',
-                    'add-flow', bridge, "priority=1,actions=drop")
+                    'add-flow', bridge, "priority=1,actions=drop",
+                     run_as_root=True)
                 _execute('ovs-ofctl', 'add-flow', bridge,
                     "udp,tp_dst=67,dl_dst=%s,priority=2,actions=normal" %
-                    mac_address)
+                    mac_address, run_as_root=True)
                 # .. and make sure iptbles won't forward it as well.
                 iptables_manager.ipv4['filter'].add_rule('FORWARD',
                         '--in-interface %s -j DROP' % bridge)
-- 
cgit