Browse code
Switch from root_helper to rootwrap_config
root_helper is deprecated, and has been replaced by
rootwrap_config.
Change-Id: I088ab1c6054fe5bbe0ad3c430432b84c8702fba8
Joe Gordon authored on 2012/09/07 09:41:54Showing 1 changed files
| ... | ... |
@@ -1327,28 +1327,23 @@ sudo chown `whoami` $NOVA_CONF_DIR |
| 1327 | 1327 |
|
| 1328 | 1328 |
cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR |
| 1329 | 1329 |
|
| 1330 |
-# If Nova ships the new rootwrap filters files, deploy them |
|
| 1331 |
-# (owned by root) and add a parameter to ``$NOVA_ROOTWRAP`` |
|
| 1332 |
-ROOTWRAP_SUDOER_CMD="$NOVA_ROOTWRAP" |
|
| 1333 |
-if [[ -d $NOVA_DIR/etc/nova/rootwrap.d ]]; then |
|
| 1334 |
- # Wipe any existing rootwrap.d files first |
|
| 1335 |
- if [[ -d $NOVA_CONF_DIR/rootwrap.d ]]; then |
|
| 1336 |
- sudo rm -rf $NOVA_CONF_DIR/rootwrap.d |
|
| 1337 |
- fi |
|
| 1338 |
- # Deploy filters to /etc/nova/rootwrap.d |
|
| 1339 |
- sudo mkdir -m 755 $NOVA_CONF_DIR/rootwrap.d |
|
| 1340 |
- sudo cp $NOVA_DIR/etc/nova/rootwrap.d/*.filters $NOVA_CONF_DIR/rootwrap.d |
|
| 1341 |
- sudo chown -R root:root $NOVA_CONF_DIR/rootwrap.d |
|
| 1342 |
- sudo chmod 644 $NOVA_CONF_DIR/rootwrap.d/* |
|
| 1343 |
- # Set up rootwrap.conf, pointing to /etc/nova/rootwrap.d |
|
| 1344 |
- sudo cp $NOVA_DIR/etc/nova/rootwrap.conf $NOVA_CONF_DIR/ |
|
| 1345 |
- sudo sed -e "s:^filters_path=.*$:filters_path=$NOVA_CONF_DIR/rootwrap.d:" -i $NOVA_CONF_DIR/rootwrap.conf |
|
| 1346 |
- sudo chown root:root $NOVA_CONF_DIR/rootwrap.conf |
|
| 1347 |
- sudo chmod 0644 $NOVA_CONF_DIR/rootwrap.conf |
|
| 1348 |
- # Specify rootwrap.conf as first parameter to nova-rootwrap |
|
| 1349 |
- NOVA_ROOTWRAP="$NOVA_ROOTWRAP $NOVA_CONF_DIR/rootwrap.conf" |
|
| 1350 |
- ROOTWRAP_SUDOER_CMD="$NOVA_ROOTWRAP *" |
|
| 1351 |
-fi |
|
| 1330 |
+# Deploy new rootwrap filters files (owned by root). |
|
| 1331 |
+# Wipe any existing rootwrap.d files first |
|
| 1332 |
+if [[ -d $NOVA_CONF_DIR/rootwrap.d ]]; then |
|
| 1333 |
+ sudo rm -rf $NOVA_CONF_DIR/rootwrap.d |
|
| 1334 |
+fi |
|
| 1335 |
+# Deploy filters to /etc/nova/rootwrap.d |
|
| 1336 |
+sudo mkdir -m 755 $NOVA_CONF_DIR/rootwrap.d |
|
| 1337 |
+sudo cp $NOVA_DIR/etc/nova/rootwrap.d/*.filters $NOVA_CONF_DIR/rootwrap.d |
|
| 1338 |
+sudo chown -R root:root $NOVA_CONF_DIR/rootwrap.d |
|
| 1339 |
+sudo chmod 644 $NOVA_CONF_DIR/rootwrap.d/* |
|
| 1340 |
+# Set up rootwrap.conf, pointing to /etc/nova/rootwrap.d |
|
| 1341 |
+sudo cp $NOVA_DIR/etc/nova/rootwrap.conf $NOVA_CONF_DIR/ |
|
| 1342 |
+sudo sed -e "s:^filters_path=.*$:filters_path=$NOVA_CONF_DIR/rootwrap.d:" -i $NOVA_CONF_DIR/rootwrap.conf |
|
| 1343 |
+sudo chown root:root $NOVA_CONF_DIR/rootwrap.conf |
|
| 1344 |
+sudo chmod 0644 $NOVA_CONF_DIR/rootwrap.conf |
|
| 1345 |
+# Specify rootwrap.conf as first parameter to nova-rootwrap |
|
| 1346 |
+ROOTWRAP_SUDOER_CMD="$NOVA_ROOTWRAP $NOVA_CONF_DIR/rootwrap.conf *" |
|
| 1352 | 1347 |
|
| 1353 | 1348 |
# Set up the rootwrap sudoers for nova |
| 1354 | 1349 |
TEMPFILE=`mktemp` |
| ... | ... |
@@ -1856,7 +1851,7 @@ add_nova_opt "[DEFAULT]" |
| 1856 | 1856 |
add_nova_opt "verbose=True" |
| 1857 | 1857 |
add_nova_opt "auth_strategy=keystone" |
| 1858 | 1858 |
add_nova_opt "allow_resize_to_same_host=True" |
| 1859 |
-add_nova_opt "root_helper=sudo $NOVA_ROOTWRAP" |
|
| 1859 |
+add_nova_opt "rootwrap_config=$NOVA_CONF_DIR/rootwrap.conf" |
|
| 1860 | 1860 |
add_nova_opt "compute_scheduler_driver=$SCHEDULER" |
| 1861 | 1861 |
add_nova_opt "dhcpbridge_flagfile=$NOVA_CONF_DIR/$NOVA_CONF" |
| 1862 | 1862 |
add_nova_opt "fixed_range=$FIXED_RANGE" |