blob: 8003dd17cb3a8697b915ef58d05aaf25f291a40c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
name: ironic
kind: chunk
build-system: python-distutils
post-install-commands:
- |
mkdir -p "$DESTDIR"/etc/ironic
install -m 644 etc/ironic/policy.json "$DESTDIR"/etc/ironic
install -m 644 etc/ironic/rootwrap.conf "$DESTDIR"/etc/ironic
mkdir -p "$DESTDIR"/etc/ironic/rootwrap.d
install -m 644 etc/ironic/rootwrap.d/* "$DESTDIR"/etc/ironic/rootwrap.d/
# Add ironic to sudoers controlling which commands will run as a root
# using the openstack rootwrap.
install -D -m 0440 /proc/self/fd/0 <<'EOF' "$DESTDIR"/etc/sudoers.d/ironic-rootwrap
Defaults:ironic !requiretty
ironic ALL=(root) NOPASSWD: /usr/bin/ironic-rootwrap /etc/ironic/rootwrap.conf *
EOF
|