]> review.fuel-infra Code Review - openstack-build/neutron-build.git/commit
Code Review / openstack-build / neutron-build.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: f88a1f7) | patch
Add root_helper to quantum agents.
authorBob Kukura <rkukura@redhat.com>
Tue, 13 Mar 2012 21:23:06 +0000 (17:23 -0400)
committerBob Kukura <rkukura@redhat.com>
Wed, 14 Mar 2012 23:44:19 +0000 (19:44 -0400)
commita06b316cb47369ef4a2c522f5240fa3f7f529135
tree3a9fe8d4a1adfe0ff1d5f8d7187bc3db4020cdb4tree | snapshot
parentf88a1f7582cc00fbe386505ee8768ac98548a682commit | diff
Add root_helper to quantum agents.

When running commands that require root privileges, the linuxbridge,
openvswitch, and ryu agent now prepend the commands with the value of
the root_helper config variable. This is set to "sudo" in the plugins'
.ini files, allowing the agent to run as a non-root user with
appropriate sudo privilidges.

If root_helper is changed to "sudo quantum-rootwrap",
then the command being run will be filtered against lists of each
agent's valid commands in quantum/rootwrap. See
http://wiki.openstack.org/Packager/Rootwrap for details.

Fixes bug 948467.

Change-Id: I549515068a4ce8ae480905ec5eaab6257445d0c3
Signed-off-by: Bob Kukura <rkukura@redhat.com>
16 files changed:
bin/quantum-rootwrap [new file with mode: 0755] blob
etc/quantum/plugins/linuxbridge/linuxbridge_conf.ini diff | blob | history
etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini diff | blob | history
etc/quantum/plugins/ryu/ryu.ini diff | blob | history
quantum/plugins/linuxbridge/README diff | blob | history
quantum/plugins/linuxbridge/agent/linuxbridge_quantum_agent.py diff | blob | history
quantum/plugins/linuxbridge/tests/unit/_test_linuxbridgeAgent.py diff | blob | history
quantum/plugins/openvswitch/agent/ovs_quantum_agent.py diff | blob | history
quantum/plugins/openvswitch/tests/unit/test_tunnel.py diff | blob | history
quantum/plugins/ryu/agent/ryu_quantum_agent.py diff | blob | history
quantum/rootwrap/__init__.py [new file with mode: 0644] blob
quantum/rootwrap/filters.py [new file with mode: 0644] blob
quantum/rootwrap/linuxbridge-agent.py [new file with mode: 0644] blob
quantum/rootwrap/openvswitch-agent.py [new file with mode: 0644] blob
quantum/rootwrap/ryu-agent.py [new file with mode: 0644] blob
quantum/rootwrap/wrapper.py [new file with mode: 0644] blob