Browse code
if you are running as a regular user add sudo priveledges
Jesse Andrews authored on 2011/10/28 03:18:09Showing 2 changed files
| ... | ... |
@@ -1 +1,47 @@ |
| 1 |
-socat |
|
| 1 |
+Cmnd_Alias NOVACMDS = /bin/chmod /var/lib/nova/tmp/*/root/.ssh, \ |
|
| 2 |
+ /bin/chown /var/lib/nova/tmp/*/root/.ssh, \ |
|
| 3 |
+ /bin/chown, \ |
|
| 4 |
+ /bin/chmod, \ |
|
| 5 |
+ /bin/dd, \ |
|
| 6 |
+ /sbin/ifconfig, \ |
|
| 7 |
+ /sbin/ip, \ |
|
| 8 |
+ /sbin/route, \ |
|
| 9 |
+ /sbin/iptables, \ |
|
| 10 |
+ /sbin/iptables-save, \ |
|
| 11 |
+ /sbin/iptables-restore, \ |
|
| 12 |
+ /sbin/ip6tables-save, \ |
|
| 13 |
+ /sbin/ip6tables-restore, \ |
|
| 14 |
+ /sbin/kpartx, \ |
|
| 15 |
+ /sbin/losetup, \ |
|
| 16 |
+ /sbin/lvcreate, \ |
|
| 17 |
+ /sbin/lvdisplay, \ |
|
| 18 |
+ /sbin/lvremove, \ |
|
| 19 |
+ /bin/mkdir, \ |
|
| 20 |
+ /bin/mount, \ |
|
| 21 |
+ /sbin/pvcreate, \ |
|
| 22 |
+ /usr/bin/tee, \ |
|
| 23 |
+ /sbin/tune2fs, \ |
|
| 24 |
+ /bin/umount, \ |
|
| 25 |
+ /sbin/vgcreate, \ |
|
| 26 |
+ /usr/bin/virsh, \ |
|
| 27 |
+ /usr/bin/qemu-nbd, \ |
|
| 28 |
+ /usr/sbin/brctl, \ |
|
| 29 |
+ /sbin/brctl, \ |
|
| 30 |
+ /usr/sbin/radvd, \ |
|
| 31 |
+ /usr/sbin/vblade-persist, \ |
|
| 32 |
+ /sbin/pvcreate, \ |
|
| 33 |
+ /sbin/aoe-discover, \ |
|
| 34 |
+ /sbin/vgcreate, \ |
|
| 35 |
+ /bin/aoe-stat, \ |
|
| 36 |
+ /bin/kill, \ |
|
| 37 |
+ /sbin/vconfig, \ |
|
| 38 |
+ /usr/sbin/ietadm, \ |
|
| 39 |
+ /sbin/vgs, \ |
|
| 40 |
+ /sbin/iscsiadm, \ |
|
| 41 |
+ /usr/bin/socat, \ |
|
| 42 |
+ /sbin/parted, \ |
|
| 43 |
+ /usr/sbin/dnsmasq, \ |
|
| 44 |
+ /usr/bin/arping |
|
| 45 |
+ |
|
| 46 |
+%USER% ALL = (root) NOPASSWD: SETENV: NOVACMDS |
|
| 47 |
+ |
| ... | ... |
@@ -116,6 +116,14 @@ if [[ $EUID -eq 0 ]]; then |
| 116 | 116 |
exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack |
| 117 | 117 |
fi |
| 118 | 118 |
exit 1 |
| 119 |
+else |
|
| 120 |
+ # Our user needs passwordless priviledges for certain commands which nova |
|
| 121 |
+ # uses internally. |
|
| 122 |
+ # Natty uec images sudoers does not have a '#includedir'. add one. |
|
| 123 |
+ sudo grep -q "^#includedir.*/etc/nsudoers.d" /etc/sudoers || |
|
| 124 |
+ echo "#includedir /etc/nsudoers.d" | sudo tee -a /etc/sudoers |
|
| 125 |
+ sudo cp $FILES/sudo/nova /etc/sudoers.d/stack_sh_nova |
|
| 126 |
+ sudo sed -e "s,%USER%,$USER,g" -i /etc/sudoers.d/stack_sh_nova |
|
| 119 | 127 |
fi |
| 120 | 128 |
|
| 121 | 129 |
# Set the destination directories for openstack projects |
| ... | ... |
@@ -364,8 +372,6 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop |
| 364 | 364 |
# it since we are going to run the services in screen for simple |
| 365 | 365 |
cp $FILES/screenrc ~/.screenrc |
| 366 | 366 |
|
| 367 |
-## TODO: update current user to allow sudo for all commands in files/sudo/* |
|
| 368 |
- |
|
| 369 | 367 |
# Rabbit |
| 370 | 368 |
# --------- |
| 371 | 369 |
|