diff options
Diffstat (limited to 'baserock/strata/openstack-services/nova.morph')
-rw-r--r-- | baserock/strata/openstack-services/nova.morph | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/baserock/strata/openstack-services/nova.morph b/baserock/strata/openstack-services/nova.morph new file mode 100644 index 00000000..e5a87daf --- /dev/null +++ b/baserock/strata/openstack-services/nova.morph @@ -0,0 +1,24 @@ +name: nova +kind: chunk +build-system: python-distutils +post-install-commands: +# Install some default configuration files +- mkdir -p "$DESTDIR"/etc/nova +- install -m 644 etc/nova/api-paste.ini "$DESTDIR"/etc/nova/ +- install -m 644 etc/nova/cells.json "$DESTDIR"/etc/nova/ +- install -m 644 etc/nova/logging_sample.conf "$DESTDIR"/etc/nova/logging.conf +- install -m 644 etc/nova/policy.json "$DESTDIR"/etc/nova/ +# Install rootwrap.conf +- install -m 640 etc/nova/rootwrap.conf "$DESTDIR"/etc/nova/rootwrap.conf +# Move rootwrap files to a proper location +- mkdir -p "$DESTDIR"/etc/nova/rootwrap.d +- install -m 644 etc/nova/rootwrap.d/* "$DESTDIR"/etc/nova/rootwrap.d/ +# Add nova to sudoers controlling which commands will run as a root +# using the openstack rootwrap. +- mkdir -p "$DESTDIR"/etc/sudoers.d +- | + install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/nova-rootwrap + Defaults:nova !requiretty + + nova ALL=(root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf * + EOF |