Juju Charms Collection
nova-compute-power package

Merge lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions into lp:~james-page/charms/trusty/nova-compute-power/redux

  1. Trusty Tahr (14.04)
  2. selinux-permissions
  3. Merge into redux
Proposed by Diogo Matsubara
Status: Merged
Merged at revision: 117
Proposed branch: lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions
Merge into: lp:~james-page/charms/trusty/nova-compute-power/redux
Diff against target: 61 lines (+12/-2)
3 files modified
hooks/fabfile.py (+6/-1)
hooks/nova_compute_proxy.py (+5/-0)
templates/nova.conf (+1/-1)
To merge this branch: bzr merge lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions
Reviewer Review Type Date Requested Status
James Page Approve
Review via email: mp+246312@code.launchpad.net

Description of the change

Hi James,

this patch fixes the SELinux permissions for the nova-compute-power config files.

Thanks!

To post a comment you must log in.
lp:~matsubara/charms/trusty/nova-compute-power/selinux-permissions updated
118. By Diogo Matsubara

Update nova.conf template to point to correct lock path for Red Hat systems where the nova user has permissions to write a lock file. See https://bugzilla.redhat.com/show_bug.cgi?id=961557 for details

Revision history for this message
James Page (james-page) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'hooks/fabfile.py'
2--- hooks/fabfile.py 2014-11-10 16:43:55 +0000
3+++ hooks/fabfile.py 2015-01-14 13:58:40 +0000
4@@ -56,10 +56,15 @@
5 sudo('chown {} {}'.format(user, path))
6
7
8+def fix_selinux_permission(path):
9+ sudo('chcon -vv --user=system_u --role=object_r --type=etc_t --range=s0 '
10+ '{}'.format(path))
11+
12+
13 def fix_ml2_plugin_config():
14 sudo('sed -i "s!openvswitch/ovs_neutron_plugin.ini'
15 '!ml2/ml2_conf.ini!g" /etc/init.d/neutron-openvswitch-agent')
16
17
18 def fix_local_ip(f):
19- sudo('sed -i "s!LOCAL_IP!%s!g" %s' % (env.host, f))
20\ No newline at end of file
21+ sudo('sed -i "s!LOCAL_IP!%s!g" %s' % (env.host, f))
22
23=== modified file 'hooks/nova_compute_proxy.py'
24--- hooks/nova_compute_proxy.py 2014-11-10 16:43:55 +0000
25+++ hooks/nova_compute_proxy.py 2015-01-14 13:58:40 +0000
26@@ -22,6 +22,7 @@
27 enable_shell,
28 disable_shell,
29 fix_path_ownership,
30+ fix_selinux_permission,
31 fix_ml2_plugin_config,
32 fix_local_ip
33 )
34@@ -129,10 +130,14 @@
35 def fix_path_ownership(self, user, path):
36 execute(fix_path_ownership, user, path)
37
38+ def fix_selinux_permission(self, path):
39+ execute(fix_selinux_permission, path)
40+
41 def commit(self):
42 for f in CONFIG_FILES:
43 if os.path.exists("%s%s" % (CHARM_SCRATCH_DIR, f)):
44 self.copy_file(f)
45+ self.fix_selinux_permission(f)
46 self._fixup_local_ips()
47
48 def _fixup_local_ips(self):
49
50=== modified file 'templates/nova.conf'
51--- templates/nova.conf 2014-11-12 14:58:43 +0000
52+++ templates/nova.conf 2015-01-14 13:58:40 +0000
53@@ -13,7 +13,7 @@
54
55 # General system paths
56 state_path=/var/lib/nova
57-lock_path=/var/lock/nova
58+lock_path=/var/lib/nova/tmp
59
60 # Logging options
61 logdir = /var/log/nova

Subscribers

People subscribed via source and target branches

to all changes: