Bug 984097
| Summary: | Neutron rootwrap does not follow packaging guidelines | |||
|---|---|---|---|---|
| Product: | [Community] RDO | Reporter: | dara <dara2002-openstack> | |
| Component: | openstack-neutron | Assignee: | Terry Wilson <twilson> | |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Ofer Blaut <oblaut> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | unspecified | CC: | chrisw, kchamart, lpeer, twilson | |
| Target Milestone: | --- | Keywords: | Triaged | |
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | openstack-neutron-2013.2-13.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1039528 1039774 (view as bug list) | Environment: | ||
| Last Closed: | 2014-04-07 17:19:32 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1039528, 1039774, 1129685 | |||
|
Description
dara
2013-07-12 18:54:10 UTC
Can any Neutron folks confirm if the below fix is appropriate: $ fedpkg clone -B -a openstack-neutron $ cd openstack-neutron/master Edit neutron-sudoers file to reflect neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf * $ git diff diff --git a/neutron-sudoers b/neutron-sudoers index 3786ada..b5448c8 100644 --- a/neutron-sudoers +++ b/neutron-sudoers @@ -1,3 +1,3 @@ Defaults:neutron !requiretty -neutron ALL = (root) NOPASSWD: SETENV: /usr/bin/neutron-rootwrap +neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf * The correct fix is as you suspected: -neutron ALL = (root) NOPASSWD: SETENV: /usr/bin/neutron-rootwrap +neutron ALL = (root) NOPASSWD: /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf * I've fixed this locally and tested it. Build coming soon. Terry, Thanks for the fix. Just to note, shouldn't we need to push the same to Rawhide (F21 ), F20, branches so they can be made available for Fedora RDO users? Currently: # On Rawhide/F21 $ koji latest-build f21 openstack-neutron Build Tag Built by ---------------------------------------- -------------------- ---------------- openstack-neutron-2013.2-6.fc21 f21 otherwiseguy # On Fedora-20 $ koji latest-build f20 openstack-neutron Build Tag Built by ---------------------------------------- -------------------- ---------------- openstack-neutron-2013.2-1.fc20 f20 pbrady $ http://fedoraproject.org/wiki/Updates_Policy Kashyap: Fedora doesn't use the old SysV init scripts. The way the script works on Fedora is it just goes in and specifically enables that which was already enabled, so things that are disabled shouldn't show up in the list to begin with. From the existing Fedora packaging:
systemctl list-unit-files|grep '^quantum.*enabled\s*$'| \
sed -re 's/(\S+).*/systemctl enable \1/
s/quantum/neutron/g' > %{_localstatedir}/lib/rpm-state/UPGRADE_FROM_QUANTUM
(In reply to Terry Wilson from comment #4) > Kashyap: Fedora doesn't use the old SysV init scripts. The way the script > works on Fedora is it just goes in and specifically enables that which was > already enabled, so things that are disabled shouldn't show up in the list > to begin with. From the existing Fedora packaging: > > systemctl list-unit-files|grep '^quantum.*enabled\s*$'| \ > sed -re 's/(\S+).*/systemctl enable \1/ > s/quantum/neutron/g' > > %{_localstatedir}/lib/rpm-state/UPGRADE_FROM_QUANTUM Right! I forgot about the Fedora's systemd stuff for a moment. Thanks for the comment. |