diff options
| author | Tiago Gomes <tiago.gomes@codethink.co.uk> | 2015-04-01 09:04:02 +0000 |
|---|---|---|
| committer | Tiago Gomes <tiago.gomes@codethink.co.uk> | 2015-04-09 15:12:08 +0000 |
| commit | 63b4e44cbaf28196b00c61940f8e6e627b42c626 (patch) | |
| tree | f4391aeb30554d88d7196d0cc6e205c606b5c592 /strata | |
| parent | 6e94fd07fe9ef3bc545fed5316ed17a1e9862178 (diff) | |
| download | definitions-63b4e44cbaf28196b00c61940f8e6e627b42c626.tar.gz | |
Configure Ironic
Diffstat (limited to 'strata')
| -rw-r--r-- | strata/openstack-services/ironic.morph | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/strata/openstack-services/ironic.morph b/strata/openstack-services/ironic.morph index 08964ce6..850399b4 100644 --- a/strata/openstack-services/ironic.morph +++ b/strata/openstack-services/ironic.morph @@ -1,3 +1,17 @@ name: ironic kind: chunk build-system: python-distutils +post-install-commands: +# Install rootwrap.conf +- install -D -m 640 etc/ironic/rootwrap.conf "$DESTDIR"/etc/ironic/rootwrap.conf +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/ironic/rootwrap.d +- install -m 644 etc/ironic/rootwrap.d/* "$DESTDIR"/etc/ironic/rootwrap.d/ +# Add ironic to sudoers controlling which commands will run as a root +# using the openstack rootwrap. +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/ironic-rootwrap + Defaults:ironic !requiretty + + ironic ALL=(root) NOPASSWD: /usr/bin/ironic-rootwrap /etc/ironic/rootwrap.conf * + EOF |