From 570a6120be48dde70a793be52574a0ae1e0fce6f Mon Sep 17 00:00:00 2001
From: Hongbin Lu <hongbin034@gmail.com>
Date: Sun, 30 Sep 2018 16:14:31 +0000
Subject: [PATCH] Add /var/lib/kolla/venv/bin to Zun exec_dirs

This is necessary for rootwrap/privsep to work properly

Change-Id: I128fb04a5ddeb77428697d33e2015158bc74738f
---
 docker/zun/zun-base/Dockerfile.j2 | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docker/zun/zun-base/Dockerfile.j2 b/docker/zun/zun-base/Dockerfile.j2
index 4e887bceef..3aeac2a1f9 100644
--- a/docker/zun/zun-base/Dockerfile.j2
+++ b/docker/zun/zun-base/Dockerfile.j2
@@ -52,7 +52,8 @@ RUN ln -s zun-base-source/* zun \
     && mkdir -p /etc/zun /var/www/cgi-bin/zun \
     && cp -r /zun/etc/zun/* /etc/zun/ \
     && cp /zun/zun/api/app.wsgi /var/www/cgi-bin/zun \
-    && chown -R zun: /etc/zun /var/www/cgi-bin/zun
+    && chown -R zun: /etc/zun /var/www/cgi-bin/zun \
+    && sed -i 's|^exec_dirs.*|exec_dirs=/var/lib/kolla/venv/bin,/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin|g' /etc/zun/rootwrap.conf
 
 {% endif %}