Juju Charms Collection
nova-compute-power package

Merge lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions into lp:~james-page/charms/trusty/nova-compute-power/redux

  1. Trusty Tahr (14.04)
  2. selinux-permissions
  3. Merge into redux
Proposed by Diogo Matsubara
Status: Merged
Merged at revision: 117
Proposed branch: lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions
Merge into: lp:~james-page/charms/trusty/nova-compute-power/redux
Diff against target: 61 lines (+12/-2)
3 files modified
hooks/fabfile.py (+6/-1)
hooks/nova_compute_proxy.py (+5/-0)
templates/nova.conf (+1/-1)
To merge this branch: bzr merge lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions
Reviewer Review Type Date Requested Status
James Page Approve
Review via email: mp+246312@code.launchpad.net

Description of the change

Hi James,

this patch fixes the SELinux permissions for the nova-compute-power config files.

Thanks!

To post a comment you must log in.
lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions updated
118. By Diogo Matsubara

Update nova.conf template to point to correct lock path for Red Hat systems where the nova user has permissions to write a lock file. See https://bugzilla.redhat.com/show_bug.cgi?id=961557 for details

Revision history for this message
James Page (james-page) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'hooks/fabfile.py'
--- hooks/fabfile.py 2014-11-10 16:43:55 +0000
+++ hooks/fabfile.py 2015-01-14 13:58:40 +0000
@@ -56,10 +56,15 @@
56 sudo('chown {} {}'.format(user, path))56 sudo('chown {} {}'.format(user, path))
5757
5858
59def fix_selinux_permission(path):
60 sudo('chcon -vv --user=system_u --role=object_r --type=etc_t --range=s0 '
61 '{}'.format(path))
62
63
59def fix_ml2_plugin_config():64def fix_ml2_plugin_config():
60 sudo('sed -i "s!openvswitch/ovs_neutron_plugin.ini'65 sudo('sed -i "s!openvswitch/ovs_neutron_plugin.ini'
61 '!ml2/ml2_conf.ini!g" /etc/init.d/neutron-openvswitch-agent')66 '!ml2/ml2_conf.ini!g" /etc/init.d/neutron-openvswitch-agent')
6267
6368
64def fix_local_ip(f):69def fix_local_ip(f):
65 sudo('sed -i "s!LOCAL_IP!%s!g" %s' % (env.host, f))
66\ No newline at end of file70\ No newline at end of file
71 sudo('sed -i "s!LOCAL_IP!%s!g" %s' % (env.host, f))
6772
=== modified file 'hooks/nova_compute_proxy.py'
--- hooks/nova_compute_proxy.py 2014-11-10 16:43:55 +0000
+++ hooks/nova_compute_proxy.py 2015-01-14 13:58:40 +0000
@@ -22,6 +22,7 @@
22 enable_shell,22 enable_shell,
23 disable_shell,23 disable_shell,
24 fix_path_ownership,24 fix_path_ownership,
25 fix_selinux_permission,
25 fix_ml2_plugin_config,26 fix_ml2_plugin_config,
26 fix_local_ip27 fix_local_ip
27)28)
@@ -129,10 +130,14 @@
129 def fix_path_ownership(self, user, path):130 def fix_path_ownership(self, user, path):
130 execute(fix_path_ownership, user, path)131 execute(fix_path_ownership, user, path)
131132
133 def fix_selinux_permission(self, path):
134 execute(fix_selinux_permission, path)
135
132 def commit(self):136 def commit(self):
133 for f in CONFIG_FILES:137 for f in CONFIG_FILES:
134 if os.path.exists("%s%s" % (CHARM_SCRATCH_DIR, f)):138 if os.path.exists("%s%s" % (CHARM_SCRATCH_DIR, f)):
135 self.copy_file(f)139 self.copy_file(f)
140 self.fix_selinux_permission(f)
136 self._fixup_local_ips()141 self._fixup_local_ips()
137142
138 def _fixup_local_ips(self):143 def _fixup_local_ips(self):
139144
=== modified file 'templates/nova.conf'
--- templates/nova.conf 2014-11-12 14:58:43 +0000
+++ templates/nova.conf 2015-01-14 13:58:40 +0000
@@ -13,7 +13,7 @@
1313
14# General system paths14# General system paths
15state_path=/var/lib/nova15state_path=/var/lib/nova
16lock_path=/var/lock/nova16lock_path=/var/lib/nova/tmp
1717
18# Logging options18# Logging options
19logdir = /var/log/nova19logdir = /var/log/nova

Subscribers

People subscribed via source and target branches

to all changes: