summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrancisco Redondo Marchena <francisco.marchena@codethink.co.uk>2015-02-17 15:00:30 +0000
committerFrancisco Redondo Marchena <francisco.marchena@codethink.co.uk>2015-02-26 17:55:09 +0000
commit682fa057d8156b6e61f480bb74eda914f5c0432c (patch)
tree28105a70565481d71ee0c570639d2ad6d3673bab
parent6321c05ee7be4ee741df5a22d25245669a154ed4 (diff)
downloaddefinitions-682fa057d8156b6e61f480bb74eda914f5c0432c.tar.gz
Disable login requirement for sudo for cinder, nova and neutron users
Requiredtty is dissable by default but just in case we enable it in the future for the rest of the users, cinder, nova and neutron needs login disable to run commands being superuser.
-rw-r--r--strata/openstack-services/cinder.morph2
-rw-r--r--strata/openstack-services/neutron.morph2
-rw-r--r--strata/openstack-services/nova.morph2
3 files changed, 6 insertions, 0 deletions
diff --git a/strata/openstack-services/cinder.morph b/strata/openstack-services/cinder.morph
index eafc7cea..cd680b09 100644
--- a/strata/openstack-services/cinder.morph
+++ b/strata/openstack-services/cinder.morph
@@ -12,5 +12,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/cinder-rootwrap
+ Defaults:cinder !requiretty
+
cinder ALL=(root) NOPASSWD: /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf *
EOF
diff --git a/strata/openstack-services/neutron.morph b/strata/openstack-services/neutron.morph
index d6d08997..b79a089b 100644
--- a/strata/openstack-services/neutron.morph
+++ b/strata/openstack-services/neutron.morph
@@ -11,5 +11,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/neutron-rootwrap
+ Defaults:neutron !requiretty
+
neutron ALL=(root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
EOF
diff --git a/strata/openstack-services/nova.morph b/strata/openstack-services/nova.morph
index 98ac9854..bb6dd756 100644
--- a/strata/openstack-services/nova.morph
+++ b/strata/openstack-services/nova.morph
@@ -12,5 +12,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/nova-rootwrap
+ Defaults:nova !requiretty
+
nova ALL=(root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *
EOF