From 303741a4b3f8df40e99fd5daf427e104788b0069 Mon Sep 17 00:00:00 2001
From: Charles Short <chucks@redhat.com>
Date: Thu, 17 Jan 2019 13:52:02 -0500
Subject: [PATCH] Use oslo.privsep for 'lvcreate'

Use olso.privsep rather than oslo.rootwrap for the 'lvcreate'

Change-Id: I9e8f74ef74ef3f7cbbcf7967304246e9dfafb5c0
Signed-off-by: Charles Short <chucks@redhat.com>
---
 cinder/brick/local_dev/lvm.py        | 3 +--
 cinder/privsep/lvm.py                | 6 ++++++
 etc/cinder/rootwrap.d/volume.filters | 3 ---
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/cinder/brick/local_dev/lvm.py b/cinder/brick/local_dev/lvm.py
index 3455a6af6e3..4231bf7f5bb 100644
--- a/cinder/brick/local_dev/lvm.py
+++ b/cinder/brick/local_dev/lvm.py
@@ -147,8 +147,7 @@ class LVM(executor.Executor):
         return exists
 
     def _create_vg(self, pv_list):
-        cmd = ['vgcreate', self.vg_name, ','.join(pv_list)]
-        self._execute(*cmd, root_helper=self._root_helper, run_as_root=True)
+        cinder.privsep.lvm.create_volume(self.vg_name, pv_list)
 
     def _get_thin_pool_free_space(self, vg_name, thin_pool_name):
         """Returns available thin pool free space.
diff --git a/cinder/privsep/lvm.py b/cinder/privsep/lvm.py
index aeb47fd6a44..cfa48af57cd 100644
--- a/cinder/privsep/lvm.py
+++ b/cinder/privsep/lvm.py
@@ -30,3 +30,9 @@ def udevadm_settle():
 def lvrename(vg_name, lv_name, new_name):
     processutils.execute(
         'lvrename', vg_name, lv_name, new_name)
+
+
+@cinder.privsep.sys_admin_pctxt.entrypoint
+def create_vg(vg_name, pv_list):
+    cmd = ['vgcreate', vg_name, ','.join(pv_list)]
+    processutils.execute(*cmd)
diff --git a/etc/cinder/rootwrap.d/volume.filters b/etc/cinder/rootwrap.d/volume.filters
index 56204440f89..9633d05bda8 100644
--- a/etc/cinder/rootwrap.d/volume.filters
+++ b/etc/cinder/rootwrap.d/volume.filters
@@ -46,9 +46,6 @@ privsep-rootwrap-sys_admin: RegExpFilter, privsep-helper, root, privsep-helper,
 # is updated appropriately.
 drbdadm: CommandFilter, drbdadm, root
 
-# cinder/brick/local_dev/lvm.py: 'vgcreate', vg_name, pv_list
-vgcreate: CommandFilter, vgcreate, root
-
 # cinder/brick/local_dev/lvm.py: 'lvcreate', '-L', sizestr, '-n', volume_name,..
 # cinder/brick/local_dev/lvm.py: 'lvcreate', '-L', ...
 lvcreate: EnvFilter, env, root, LC_ALL=C, lvcreate