@@ -183,9 +183,14 @@ function configure_neutron_new {

     # Neutron API server & Neutron plugin

     if is_service_enabled neutron-api; then

         local policy_file=$NEUTRON_CONF_DIR/policy.json

-        cp $NEUTRON_DIR/etc/policy.json $policy_file

         # Allow neutron user to administer neutron to match neutron account

-        sed -i 's/"context_is_admin":  "role:admin"/"context_is_admin":  "role:admin or user_name:neutron"/g' $policy_file

+        # NOTE(amotoki): This is required for nova works correctly with neutron.

+        if [ -f $NEUTRON_DIR/etc/policy.json ]; then

+            cp $NEUTRON_DIR/etc/policy.json $policy_file

+            sed -i 's/"context_is_admin":  "role:admin"/"context_is_admin":  "role:admin or user_name:neutron"/g' $policy_file

+        else

+            echo '{"context_is_admin":  "role:admin or user_name:neutron"}' > $policy_file

+        fi

         cp $NEUTRON_DIR/etc/api-paste.ini $NEUTRON_CONF_DIR/api-paste.ini

@@ -699,10 +699,15 @@ function _configure_neutron_common {

     cp $NEUTRON_DIR/etc/neutron.conf.sample $NEUTRON_CONF

     Q_POLICY_FILE=$NEUTRON_CONF_DIR/policy.json

-    cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE

     # allow neutron user to administer neutron to match neutron account

-    sed -i 's/"context_is_admin":  "role:admin"/"context_is_admin":  "role:admin or user_name:neutron"/g' $Q_POLICY_FILE

+    # NOTE(amotoki): This is required for nova works correctly with neutron.

+    if [ -f $NEUTRON_DIR/etc/policy.json ]; then

+        cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE

+        sed -i 's/"context_is_admin":  "role:admin"/"context_is_admin":  "role:admin or user_name:neutron"/g' $Q_POLICY_FILE

+    else

+        echo '{"context_is_admin":  "role:admin or user_name:neutron"}' > $Q_POLICY_FILE

+    fi

     # Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``.

     # For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``.