From 6af10e84e1a3f1e4673bc2f58142269a2bfeefcf Mon Sep 17 00:00:00 2001 From: Daniel Gollub Date: Wed, 19 Feb 2014 07:37:20 +0100 Subject: [PATCH] Restrict rootwrap find filter for NetAppNFS driver Additional make the name of the filter unique, so it does not override any other rule. Like the find rule of the GPFS driver. Rootwrap is making use of plain python ConfigParser which handles INI files with key=value pair like fashion. Where the key is unique. Closes-Bug: 1250101 Change-Id: Id2f193485089e12f00008b38fad2b95a09674ff2 --- etc/cinder/rootwrap.d/volume.filters | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/etc/cinder/rootwrap.d/volume.filters b/etc/cinder/rootwrap.d/volume.filters index 1b5ed2320..fe7a28946 100644 --- a/etc/cinder/rootwrap.d/volume.filters +++ b/etc/cinder/rootwrap.d/volume.filters @@ -65,7 +65,9 @@ du: CommandFilter, du, root truncate: CommandFilter, truncate, root chmod: CommandFilter, chmod, root rm: CommandFilter, rm, root -find: CommandFilter, find, root + +# cinder/volume/drivers/netapp/nfs.py: +netapp_nfs_find: RegExpFilter, find, root, find, ^[/]*([^/\0]+(/+)?)*$, -maxdepth, \d+, -name, img-cache.*, -amin, \+\d+ # cinder/volume/drivers/glusterfs.py chgrp: CommandFilter, chgrp, root -- 2.45.2