diff options
author | Francisco Redondo Marchena <francisco.marchena@codethink.co.uk> | 2014-11-17 11:59:47 +0000 |
---|---|---|
committer | Francisco Redondo Marchena <francisco.marchena@codethink.co.uk> | 2015-01-22 12:46:23 +0000 |
commit | b8317806e01538ea099831f1222ca2e6a89520a1 (patch) | |
tree | 22f0169289c1216f2ac1d0eb039936bcd80c90cb | |
parent | 83aadfc62eed373d40f72b20c8b8421f4cba589c (diff) | |
download | definitions-b8317806e01538ea099831f1222ca2e6a89520a1.tar.gz |
Add nova user to sudoers group, using rootwrap to control it
Nova user needs to run commands as a root, in order to filter
this commands openstack uses rootwrap. Nova needs root permissions
to run this commands, so this patch adds it to sudoers for the rootwrap
application and configuration.
-rw-r--r-- | openstack-nova.configure | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/openstack-nova.configure b/openstack-nova.configure index c04dd82c..ee937007 100644 --- a/openstack-nova.configure +++ b/openstack-nova.configure @@ -61,3 +61,9 @@ ln -sf ../libvirt-guests.service "$wants_dir/libvirt-guests.service" sed -i "s/192\.168\.122\./192\.168\.1\./g" \ "$ROOT"/etc/libvirt/qemu/networks/default.xml + +########################################################################## +# Add nova to sudoers controlling which commands is running as a root +# using the openstack rootwrap. +########################################################################## +echo 'nova ALL=(ALL) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *' >> "$ROOT/etc/sudoers" |