Remove rootwrap execution (5)
Replace rootwrap execution with privsep context execution. This series of patches will progressively replace any rootwrap call. This patch migrates some missing execution methods present in the code and removes unneeded rootwrap filters. Story: #2007686 Task: #41558 Change-Id: I1542dc4cf98658fc9a40018192498c7a5cd1c3fechanges/10/774110/8
parent
90309cf6e2
commit
5a419cbc84
@ -1,15 +0,0 @@
|
||||
# neutron-rootwrap command filters for nodes on which neutron is
|
||||
# expected to control network
|
||||
#
|
||||
# This file should be owned by (and only-writeable by) the root user
|
||||
|
||||
# format seems to be
|
||||
# cmd-name: filter-name, raw-command, user, args
|
||||
|
||||
[Filters]
|
||||
|
||||
# neutron/agent/linux/iptables_firewall.py
|
||||
sysctl: CommandFilter, sysctl, root
|
||||
|
||||
# neutron/agent/linux/ip_conntrack.py
|
||||
conntrack: CommandFilter, conntrack, root
|
Loading…
Reference in New Issue