Fix Swift deployment issue
Swift deployment is broken since CVE-2022-38060 fixed sudoers file in
the I66476a2b396e2cbe41e68ac51f57aae1806b2ed8. The kolla-toolbox
container have their own virtualenv path differs from all other
containers. This change adds the correct sudoers secure_path
configuration needed only for kolla-toolbox conainer.
Related-Bug: #1985784
Change-Id: I3651576ee354364d639c187ff750491667ecab56
Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com>
(cherry picked from commit b8a352647d
)
This commit is contained in:
parent
a6ee3a2917
commit
3c0c7e31a3
|
@ -1 +1,3 @@
|
|||
Defaults secure_path="/opt/ansible/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||
|
||||
ansible ALL=(root) NOPASSWD: /opt/ansible/bin/ansible localhost -m find_disks -a *, /usr/local/bin/ansible localhost -m find_disks -a *
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
Fixes an issue with Swift deployment via Kolla Ansible caused by
|
||||
the fix to CVE-2022-38060.
|
||||
The kolla-toolbox container now have its own sudoers secure_path
|
||||
configuration which allows the necessary binaries to execute.
|
Loading…
Reference in New Issue