openstack/devstack
Code Issues Proposed changes

Merge "Support for running Nova with oslo.rootwrap daemon"

Browse Source
This commit is contained in:
Jenkins 2015-05-19 20:26:14 +00:00 committed by Gerrit Code Review
commit 5dd889f4e1
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
inc/rootwrap
View File

@ -59,12 +59,16 @@ function configure_rootwrap {
sudo install -o root -g root -m 644 $rootwrap_conf_src_dir/rootwrap.conf /etc/${project}/rootwrap.conf sudo install -o root -g root -m 644 $rootwrap_conf_src_dir/rootwrap.conf /etc/${project}/rootwrap.conf
sudo sed -e "s:^filters_path=.*$:filters_path=/etc/${project}/rootwrap.d:" -i /etc/${project}/rootwrap.conf sudo sed -e "s:^filters_path=.*$:filters_path=/etc/${project}/rootwrap.d:" -i /etc/${project}/rootwrap.conf
# Specify rootwrap.conf as first parameter to rootwrap
rootwrap_sudo_cmd="$rootwrap_bin /etc/${project}/rootwrap.conf *"
# Set up the rootwrap sudoers # Set up the rootwrap sudoers
local tempfile=$(mktemp) local tempfile=$(mktemp)
# Specify rootwrap.conf as first parameter to rootwrap
rootwrap_sudo_cmd="${rootwrap_bin} /etc/${project}/rootwrap.conf *"
echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudo_cmd" >$tempfile echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudo_cmd" >$tempfile
if [ -f ${bin_dir}/${project}-rootwrap-daemon ]; then
# rootwrap daemon does not need any parameters
rootwrap_sudo_cmd="${rootwrap_bin}-daemon /etc/${project}/rootwrap.conf"
echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_sudo_cmd" >>$tempfile
fi
chmod 0440 $tempfile chmod 0440 $tempfile
sudo chown root:root $tempfile sudo chown root:root $tempfile
sudo mv $tempfile /etc/sudoers.d/${project}-rootwrap sudo mv $tempfile /etc/sudoers.d/${project}-rootwrap