From d2f8fa3b444d944a7fad29cabb4216e745c66772 Mon Sep 17 00:00:00 2001
From: Thierry Carrez <thierry@openstack.org>
Date: Mon, 11 Jun 2012 16:45:29 +0200
Subject: [PATCH] Always setup rootwrap sudoers entry

Setup /etc/sudoers.d/nova-rootwrap in all cases, and not just
when devstack is not run as root. Fixes bug 1011652.

Change-Id: Ib4cdeaa282f01cf2ce98119618f232c91b6e8db4
---
 AUTHORS  |  1 +
 stack.sh | 14 +++++++-------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/AUTHORS b/AUTHORS
index f9aa9eabe5..ff05f821a9 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -26,6 +26,7 @@ Ken Pepple <ken.pepple@rabbityard.com>
 Kiall Mac Innes <kiall@managedit.ie>
 Russell Bryant <rbryant@redhat.com>
 Scott Moser <smoser@ubuntu.com>
+Thierry Carrez <thierry@openstack.org>
 Todd Willey <xtoddx@gmail.com>
 Tres Henry <tres@treshenry.net>
 Vishvananda Ishaya <vishvananda@gmail.com>
diff --git a/stack.sh b/stack.sh
index 3d93de47b6..a675905ca9 100755
--- a/stack.sh
+++ b/stack.sh
@@ -187,13 +187,6 @@ else
     sudo chown root:root $TEMPFILE
     sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
 
-    # Set up the rootwrap sudoers
-    TEMPFILE=`mktemp`
-    echo "$USER ALL=(root) NOPASSWD: $NOVA_ROOTWRAP" >$TEMPFILE
-    chmod 0440 $TEMPFILE
-    sudo chown root:root $TEMPFILE
-    sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
-
     # Remove old file
     sudo rm -f /etc/sudoers.d/stack_sh_nova
 fi
@@ -1184,6 +1177,13 @@ sudo chown `whoami` $NOVA_CONF_DIR
 
 cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR
 
+# Set up the rootwrap sudoers
+TEMPFILE=`mktemp`
+echo "$USER ALL=(root) NOPASSWD: $NOVA_ROOTWRAP" >$TEMPFILE
+chmod 0440 $TEMPFILE
+sudo chown root:root $TEMPFILE
+sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
+
 if is_service_enabled n-api; then
     # Use the sample http middleware configuration supplied in the
     # Nova sources.  This paste config adds the configuration required