diff options
| author | John Dunning <jrd@jrd.org> | 2012-08-14 14:31:47 -0400 |
|---|---|---|
| committer | John Dunning <jrd@jrd.org> | 2012-08-30 16:55:00 -0400 |
| commit | 193d6997276d3efcfaf99e5fcca1354c8c8c4670 (patch) | |
| tree | 331f542bf690d41c67122b8bddeedbd5007cc061 /setup.py | |
| parent | 9198ca803a3fddc91a1d45d3cd9a37b7aeca2215 (diff) | |
| download | neutron-193d6997276d3efcfaf99e5fcca1354c8c8c4670.tar.gz | |
Update rootwrap; track changes in nova/cinder
Fix bug 1037815
Summary: Copy/paste the essential parts of the rootwrap
mechanism from nova/cinder into quantum. This includes
the core changes to filter.py and wrapper.py which deal
with loading filters from files pointed to by
rootwrap.conf
Detailed changes:
Transliterate the old rootwrap/*-agent.py files to
new format, and put the results in etc/quantum/rootwrap.d
Delete the *-agent.py files.
Add conf to point to etc/quantum/rootwrap.d
Add a unit test cribbed from nova to exercise the filter
mechanism
Add a unit test to exercise the actual filtered execution
Note that as written, this patch does not set the default
execute mechanism (in the agent .ini files) to rootwrap,
leaves it as sudo. That can be done in a followon
change, or in distro specific packaging.
Note also that there is still work to do around finishing
and testing the filter specs themselves. We've decided
that that is out of scope for this patch.
Change-Id: I9aba6adc5ba40b6145be5fa38c5ece3b666ae5ca
Diffstat (limited to 'setup.py')
| -rw-r--r-- | setup.py | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -39,6 +39,7 @@ EagerResources = [ ] ProjectScripts = [ + 'bin/quantum-rootwrap', ] config_path = 'etc/quantum/' @@ -54,6 +55,7 @@ nec_plugin_config_path = 'etc/quantum/plugins/nec' DataFiles = [ (config_path, ['etc/quantum.conf', + 'etc/rootwrap.conf', 'etc/api-paste.ini', 'etc/policy.json', 'etc/dhcp_agent.ini']), |