... | ... |
@@ -1 +1,47 @@ |
1 |
-socat |
|
1 |
+Cmnd_Alias NOVACMDS = /bin/chmod /var/lib/nova/tmp/*/root/.ssh, \ |
|
2 |
+ /bin/chown /var/lib/nova/tmp/*/root/.ssh, \ |
|
3 |
+ /bin/chown, \ |
|
4 |
+ /bin/chmod, \ |
|
5 |
+ /bin/dd, \ |
|
6 |
+ /sbin/ifconfig, \ |
|
7 |
+ /sbin/ip, \ |
|
8 |
+ /sbin/route, \ |
|
9 |
+ /sbin/iptables, \ |
|
10 |
+ /sbin/iptables-save, \ |
|
11 |
+ /sbin/iptables-restore, \ |
|
12 |
+ /sbin/ip6tables-save, \ |
|
13 |
+ /sbin/ip6tables-restore, \ |
|
14 |
+ /sbin/kpartx, \ |
|
15 |
+ /sbin/losetup, \ |
|
16 |
+ /sbin/lvcreate, \ |
|
17 |
+ /sbin/lvdisplay, \ |
|
18 |
+ /sbin/lvremove, \ |
|
19 |
+ /bin/mkdir, \ |
|
20 |
+ /bin/mount, \ |
|
21 |
+ /sbin/pvcreate, \ |
|
22 |
+ /usr/bin/tee, \ |
|
23 |
+ /sbin/tune2fs, \ |
|
24 |
+ /bin/umount, \ |
|
25 |
+ /sbin/vgcreate, \ |
|
26 |
+ /usr/bin/virsh, \ |
|
27 |
+ /usr/bin/qemu-nbd, \ |
|
28 |
+ /usr/sbin/brctl, \ |
|
29 |
+ /sbin/brctl, \ |
|
30 |
+ /usr/sbin/radvd, \ |
|
31 |
+ /usr/sbin/vblade-persist, \ |
|
32 |
+ /sbin/pvcreate, \ |
|
33 |
+ /sbin/aoe-discover, \ |
|
34 |
+ /sbin/vgcreate, \ |
|
35 |
+ /bin/aoe-stat, \ |
|
36 |
+ /bin/kill, \ |
|
37 |
+ /sbin/vconfig, \ |
|
38 |
+ /usr/sbin/ietadm, \ |
|
39 |
+ /sbin/vgs, \ |
|
40 |
+ /sbin/iscsiadm, \ |
|
41 |
+ /usr/bin/socat, \ |
|
42 |
+ /sbin/parted, \ |
|
43 |
+ /usr/sbin/dnsmasq, \ |
|
44 |
+ /usr/bin/arping |
|
45 |
+ |
|
46 |
+%USER% ALL = (root) NOPASSWD: SETENV: NOVACMDS |
|
47 |
+ |
... | ... |
@@ -116,6 +116,14 @@ if [[ $EUID -eq 0 ]]; then |
116 | 116 |
exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack |
117 | 117 |
fi |
118 | 118 |
exit 1 |
119 |
+else |
|
120 |
+ # Our user needs passwordless priviledges for certain commands which nova |
|
121 |
+ # uses internally. |
|
122 |
+ # Natty uec images sudoers does not have a '#includedir'. add one. |
|
123 |
+ sudo grep -q "^#includedir.*/etc/nsudoers.d" /etc/sudoers || |
|
124 |
+ echo "#includedir /etc/nsudoers.d" | sudo tee -a /etc/sudoers |
|
125 |
+ sudo cp $FILES/sudo/nova /etc/sudoers.d/stack_sh_nova |
|
126 |
+ sudo sed -e "s,%USER%,$USER,g" -i /etc/sudoers.d/stack_sh_nova |
|
119 | 127 |
fi |
120 | 128 |
|
121 | 129 |
# Set the destination directories for openstack projects |
... | ... |
@@ -364,8 +372,6 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop |
364 | 364 |
# it since we are going to run the services in screen for simple |
365 | 365 |
cp $FILES/screenrc ~/.screenrc |
366 | 366 |
|
367 |
-## TODO: update current user to allow sudo for all commands in files/sudo/* |
|
368 |
- |
|
369 | 367 |
# Rabbit |
370 | 368 |
# --------- |
371 | 369 |
|