summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrancisco Redondo Marchena <francisco.marchena@codethink.co.uk>2015-02-17 15:00:30 (GMT)
committerPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-03-14 12:07:11 (GMT)
commit29892cd76ed0380e0c1e328f40938079ee5e6388 (patch)
treed2e8593c56fb09f6d4b46f8234f31d23f45e3fad
parent0e6cba2aa8a0856dced8e86b073849e7a343c9dd (diff)
downloaddefinitions-29892cd76ed0380e0c1e328f40938079ee5e6388.tar.gz
Disable login requirement for sudo for cinder, nova and neutron users
Requiredtty is dissable by default but just in case we enable it in the future for the rest of the users, cinder, nova and neutron needs login disable to run commands being superuser.
-rw-r--r--strata/openstack-services/cinder.morph2
-rw-r--r--strata/openstack-services/neutron.morph2
-rw-r--r--strata/openstack-services/nova.morph2
3 files changed, 6 insertions, 0 deletions
diff --git a/strata/openstack-services/cinder.morph b/strata/openstack-services/cinder.morph
index eafc7ce..cd680b0 100644
--- a/strata/openstack-services/cinder.morph
+++ b/strata/openstack-services/cinder.morph
@@ -12,5 +12,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/cinder-rootwrap
+ Defaults:cinder !requiretty
+
cinder ALL=(root) NOPASSWD: /usr/bin/cinder-rootwrap /etc/cinder/rootwrap.conf *
EOF
diff --git a/strata/openstack-services/neutron.morph b/strata/openstack-services/neutron.morph
index d6d0899..b79a089 100644
--- a/strata/openstack-services/neutron.morph
+++ b/strata/openstack-services/neutron.morph
@@ -11,5 +11,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/neutron-rootwrap
+ Defaults:neutron !requiretty
+
neutron ALL=(root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
EOF
diff --git a/strata/openstack-services/nova.morph b/strata/openstack-services/nova.morph
index 98ac985..bb6dd75 100644
--- a/strata/openstack-services/nova.morph
+++ b/strata/openstack-services/nova.morph
@@ -12,5 +12,7 @@ post-install-commands:
- mkdir -p "$DESTDIR"/etc/sudoers.d
- |
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/nova-rootwrap
+ Defaults:nova !requiretty
+
nova ALL=(root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *
EOF