7f66d9e0b9
Use the common oslo-incubator rootwrap rather than maintain a specific fork within Neutron. - Migrated DnsmasqFilter use in dhcp.filters to the new EnvFilter - Changed environment passing in ip_lib's netns.execute so that it can be properly matched using IpNetNsExecFilter + EnvFilter. It now calls "ip netns exec ns env A=B C=D command" instead of "A=B C=D ip netns exec ns command". Adjusted tests accordingly. All the other changes are coming directly from the Oslo "rootwrap" module sync. Notes: - Neutron locates its rootwrap.conf in etc/ rather than in etc/neutron - Neutron maintains a specific bin/quantum-rootwrap-xen-dom0 which requires additional config in rootwrap.conf Both behaviors were preserved in this commit, but this may need to be addressed in the future to simplify future oslo-rootwrap updates. Implements bp: quantum-common-rootwrap Change-Id: I02879942a9d1169a71aa4d684c1b9ec109a6de32
35 lines
1.1 KiB
Plaintext
35 lines
1.1 KiB
Plaintext
# Configuration for neutron-rootwrap
|
|
# This file should be owned by (and only-writeable by) the root user
|
|
|
|
[DEFAULT]
|
|
# List of directories to load filter definitions from (separated by ',').
|
|
# These directories MUST all be only writeable by root !
|
|
filters_path=/etc/quantum/rootwrap.d,/usr/share/quantum/rootwrap
|
|
|
|
# List of directories to search executables in, in case filters do not
|
|
# explicitely specify a full path (separated by ',')
|
|
# If not specified, defaults to system PATH environment variable.
|
|
# These directories MUST all be only writeable by root !
|
|
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
|
|
|
|
# Enable logging to syslog
|
|
# Default value is False
|
|
use_syslog=False
|
|
|
|
# Which syslog facility to use.
|
|
# Valid values include auth, authpriv, syslog, user0, user1...
|
|
# Default value is 'syslog'
|
|
syslog_log_facility=syslog
|
|
|
|
# Which messages to log.
|
|
# INFO means log all usage
|
|
# ERROR means only log unsuccessful attempts
|
|
syslog_log_level=ERROR
|
|
|
|
[xenapi]
|
|
# XenAPI configuration is only required by the L2 agent if it is to
|
|
# target a XenServer/XCP compute host's dom0.
|
|
xenapi_connection_url=<None>
|
|
xenapi_connection_username=root
|
|
xenapi_connection_password=<None>
|