From 6f0e770fe82a56dddc8902361d7fdb36311c4d8a Mon Sep 17 00:00:00 2001
From: "Michal (inc0) Jastrzebski" <inc007@gmail.com>
Date: Fri, 14 Oct 2016 17:38:30 +0000
Subject: [PATCH] Fix nova  upgrade permission issue

Change-Id: I61738f2d8ef89d6a8c5fb1187f18c5bb154bbe04
Partial-Bug: #1631503
---
 ansible/roles/nova/templates/nova-api.json.j2        |  7 +++++++
 .../roles/nova/templates/nova-compute-ironic.json.j2 |  7 +++++++
 ansible/roles/nova/templates/nova-compute.json.j2    | 12 ++++++++++++
 ansible/roles/nova/templates/nova-conductor.json.j2  |  7 +++++++
 .../roles/nova/templates/nova-consoleauth.json.j2    |  7 +++++++
 ansible/roles/nova/templates/nova-novncproxy.json.j2 |  7 +++++++
 ansible/roles/nova/templates/nova-scheduler.json.j2  |  7 +++++++
 .../nova/templates/nova-spicehtml5proxy.json.j2      |  7 +++++++
 8 files changed, 61 insertions(+)

diff --git a/ansible/roles/nova/templates/nova-api.json.j2 b/ansible/roles/nova/templates/nova-api.json.j2
index f9cb27e9af..28642bd593 100644
--- a/ansible/roles/nova/templates/nova-api.json.j2
+++ b/ansible/roles/nova/templates/nova-api.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-compute-ironic.json.j2 b/ansible/roles/nova/templates/nova-compute-ironic.json.j2
index 35ae7cfe4a..94e2b5faef 100644
--- a/ansible/roles/nova/templates/nova-compute-ironic.json.j2
+++ b/ansible/roles/nova/templates/nova-compute-ironic.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-compute.json.j2 b/ansible/roles/nova/templates/nova-compute.json.j2
index a3fd495de0..018bf7a809 100644
--- a/ansible/roles/nova/templates/nova-compute.json.j2
+++ b/ansible/roles/nova/templates/nova-compute.json.j2
@@ -13,5 +13,17 @@
             "owner": "nova",
             "perm": "0700"
         }{% endif %}
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        },
+        {
+            "path": "/var/lib/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-conductor.json.j2 b/ansible/roles/nova/templates/nova-conductor.json.j2
index 1e214ad8b0..6a7328713d 100644
--- a/ansible/roles/nova/templates/nova-conductor.json.j2
+++ b/ansible/roles/nova/templates/nova-conductor.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-consoleauth.json.j2 b/ansible/roles/nova/templates/nova-consoleauth.json.j2
index 17837a86de..9cc3240d7d 100644
--- a/ansible/roles/nova/templates/nova-consoleauth.json.j2
+++ b/ansible/roles/nova/templates/nova-consoleauth.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-novncproxy.json.j2 b/ansible/roles/nova/templates/nova-novncproxy.json.j2
index e2f98ec05b..d34efb3d69 100644
--- a/ansible/roles/nova/templates/nova-novncproxy.json.j2
+++ b/ansible/roles/nova/templates/nova-novncproxy.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-scheduler.json.j2 b/ansible/roles/nova/templates/nova-scheduler.json.j2
index 1a533aaf21..36638987a0 100644
--- a/ansible/roles/nova/templates/nova-scheduler.json.j2
+++ b/ansible/roles/nova/templates/nova-scheduler.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }
diff --git a/ansible/roles/nova/templates/nova-spicehtml5proxy.json.j2 b/ansible/roles/nova/templates/nova-spicehtml5proxy.json.j2
index 223bb78b08..e12354bf43 100644
--- a/ansible/roles/nova/templates/nova-spicehtml5proxy.json.j2
+++ b/ansible/roles/nova/templates/nova-spicehtml5proxy.json.j2
@@ -7,5 +7,12 @@
             "owner": "nova",
             "perm": "0600"
         }
+    ],
+    "permissions": [
+        {
+            "path": "/var/log/kolla/nova",
+            "owner": "nova:nova",
+            "recurse": true
+        }
     ]
 }