Swift: Remove unused rootwrap

Swift does not use oslo.rootwrap. Thus the command and its config file
is just useless.

Change-Id: If4e346c2db841aad9b2ddac049dbbbc1ba5782ec
(cherry picked from commit d7e497ce52)
This commit is contained in:
Takashi Kajinami 2023-11-27 00:11:29 +09:00 committed by Maksim Malchuk
parent 8304b9456c
commit 3a484edcd6
4 changed files with 1 additions and 44 deletions

View File

@ -58,14 +58,9 @@ RUN ln -s swift-base-source/* swift \
&& chown -R swift: /etc/swift /var/cache/swift /var/lock/swift
{% endif %}
COPY swift-rootwrap /var/lib/kolla/venv/bin/swift-rootwrap
COPY rootwrap.conf /etc/swift/rootwrap.conf
COPY swift_sudoers /etc/sudoers.d/kolla_swift_sudoers
RUN chmod 755 /var/lib/kolla/venv/bin/swift-rootwrap \
&& chmod 644 /etc/swift/rootwrap.conf \
&& sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/swift/rootwrap.conf \
&& chmod 750 /etc/sudoers.d \
RUN chmod 750 /etc/sudoers.d \
&& chmod 440 /etc/sudoers.d/kolla_swift_sudoers \
&& mkdir -p /opt/swift

View File

@ -1,27 +0,0 @@
# Configuration for swift-rootwrap
# This file should be owned by (and only-writeable by) the root user
[DEFAULT]
# List of directories to load filter definitions from (separated by ',').
# These directories MUST all be only writeable by root !
filters_path=/etc/swift/rootwrap.d,/usr/share/swift/rootwrap
# List of directories to search executables in, in case filters do not
# explicitely specify a full path (separated by ',')
# If not specified, defaults to system PATH environment variable.
# These directories MUST all be only writeable by root !
exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
# Enable logging to syslog
# Default value is False
use_syslog=False
# Which syslog facility to use.
# Valid values include auth, authpriv, syslog, local0, local1...
# Default value is 'syslog'
syslog_log_facility=syslog
# Which messages to log.
# INFO means log all usage
# ERROR means only log unsuccessful attempts
syslog_log_level=ERROR

View File

@ -1,10 +0,0 @@
#!/usr/bin/python3
# PBR Generated from 'console_scripts'
import sys
from oslo_rootwrap.cmd import main
if __name__ == "__main__":
sys.exit(main())

View File

@ -1,3 +1,2 @@
swift ALL=(root) NOPASSWD: /bin/find /srv/node/ -maxdepth 1 -type d -execdir chown swift\:swift {} \\+
swift ALL=(root) NOPASSWD: /usr/bin/find /srv/node/ -maxdepth 1 -type d -execdir chown swift\:swift {} \\+
swift ALL=(root) NOPASSWD: /var/lib/kolla/venv/bin/swift-rootwrap /etc/swift/rootwrap.conf *