summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrancisco Redondo Marchena <francisco.marchena@codethink.co.uk>2015-02-17 15:00:30 (GMT)
committerRichard Maw <richard.maw@codethink.co.uk>2015-03-23 22:58:54 (GMT)
commit7584dd03158e4053d3ed36757e7aca5051e3d2fb (patch)
treeb36d4aeec414ac9d82ece628ea3c31e7f178d737
parent3a73d42b784eaa5e46e0f5890b0a5bb2f75dfead (diff)
downloaddefinitions-7584dd03158e4053d3ed36757e7aca5051e3d2fb.tar.gz
Disable login requirement for sudo for cinder, nova and neutron users
Requiredtty is dissable by default but just in case we enable it in the future for the rest of the users, cinder, nova and neutron needs login disable to run commands being superuser.
-rw-r--r--strata/openstack-services/cinder.morph2
-rw-r--r--strata/openstack-services/neutron.morph2
-rw-r--r--strata/openstack-services/nova.morph2
3 files changed, 6 insertions, 0 deletions
diff --git a/strata/openstack-services/cinder.morph b/strata/openstack-services/cinder.morph
index eafc7ce..cd680b0 100644
--- a/strata/openstack-services/cinder.morph
+++ b/strata/openstack-services/cinder.morph
@@ -12,5 +12,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/cinder-rootwrap
+ Defaults:cinder !requiretty
+
cinder ALL=(root) NOPASSWD: /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf *
EOF
diff --git a/strata/openstack-services/neutron.morph b/strata/openstack-services/neutron.morph
index d6d0899..b79a089 100644
--- a/strata/openstack-services/neutron.morph
+++ b/strata/openstack-services/neutron.morph
@@ -11,5 +11,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/neutron-rootwrap
+ Defaults:neutron !requiretty
+
neutron ALL=(root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
EOF
diff --git a/strata/openstack-services/nova.morph b/strata/openstack-services/nova.morph
index 98ac985..bb6dd75 100644
--- a/strata/openstack-services/nova.morph
+++ b/strata/openstack-services/nova.morph
@@ -12,5 +12,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/nova-rootwrap
+ Defaults:nova !requiretty
+
nova ALL=(root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *
EOF