Drop CAP_NET_ADMIN
It is not required for performing monitors' duties. Change-Id: Ib1297ce6e4fca0bfcb82d32b3669475d2011fbe1
This commit is contained in:
parent
be42d99854
commit
07bd41f0b4
@ -12,7 +12,6 @@
|
|||||||
# See the License for the specific language governing permissions and
|
# See the License for the specific language governing permissions and
|
||||||
# limitations under the License.
|
# limitations under the License.
|
||||||
|
|
||||||
from oslo_privsep import capabilities as c
|
|
||||||
from oslo_privsep import priv_context
|
from oslo_privsep import priv_context
|
||||||
|
|
||||||
|
|
||||||
@ -20,5 +19,5 @@ monitors_priv = priv_context.PrivContext(
|
|||||||
"masakarimonitors",
|
"masakarimonitors",
|
||||||
cfg_section="masakarimonitors_privileged",
|
cfg_section="masakarimonitors_privileged",
|
||||||
pypath=__name__ + ".monitors_priv",
|
pypath=__name__ + ".monitors_priv",
|
||||||
capabilities=[c.CAP_NET_ADMIN],
|
capabilities=[],
|
||||||
)
|
)
|
||||||
|
@ -0,0 +1,5 @@
|
|||||||
|
---
|
||||||
|
other:
|
||||||
|
- |
|
||||||
|
Masakari hostmonitor and processmonitor will no longer require
|
||||||
|
``CAP_NET_ADMIN`` capability.
|
Loading…
Reference in New Issue
Block a user