Merge "Switch from root_helper to rootwrap_config"

stack.sh

@@ -1461,10 +1461,7 @@ sudo chown `whoami` $NOVA_CONF_DIR
 
 cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR
 
-# If Nova ships the new rootwrap filters files, deploy them
+# Deploy new rootwrap filters files (owned by root).
-# (owned by root) and add a parameter to ``$NOVA_ROOTWRAP``
-ROOTWRAP_SUDOER_CMD="$NOVA_ROOTWRAP"
-if [[ -d $NOVA_DIR/etc/nova/rootwrap.d ]]; then
 # Wipe any existing rootwrap.d files first
 if [[ -d $NOVA_CONF_DIR/rootwrap.d ]]; then
     sudo rm -rf $NOVA_CONF_DIR/rootwrap.d
@@ -1480,9 +1477,7 @@ if [[ -d $NOVA_DIR/etc/nova/rootwrap.d ]]; then
 sudo chown root:root $NOVA_CONF_DIR/rootwrap.conf
 sudo chmod 0644 $NOVA_CONF_DIR/rootwrap.conf
 # Specify rootwrap.conf as first parameter to nova-rootwrap
-    NOVA_ROOTWRAP="$NOVA_ROOTWRAP $NOVA_CONF_DIR/rootwrap.conf"
+ROOTWRAP_SUDOER_CMD="$NOVA_ROOTWRAP $NOVA_CONF_DIR/rootwrap.conf *"
-    ROOTWRAP_SUDOER_CMD="$NOVA_ROOTWRAP *"
-fi
 
 # Set up the rootwrap sudoers for nova
 TEMPFILE=`mktemp`
@@ -1944,7 +1939,7 @@ add_nova_opt "[DEFAULT]"
 add_nova_opt "verbose=True"
 add_nova_opt "auth_strategy=keystone"
 add_nova_opt "allow_resize_to_same_host=True"
-add_nova_opt "root_helper=sudo $NOVA_ROOTWRAP"
+add_nova_opt "rootwrap_config=$NOVA_CONF_DIR/rootwrap.conf"
 add_nova_opt "compute_scheduler_driver=$SCHEDULER"
 add_nova_opt "dhcpbridge_flagfile=$NOVA_CONF_DIR/$NOVA_CONF"
 add_nova_opt "fixed_range=$FIXED_RANGE"