Browse Source
Replace rootwrap execution with privsep context execution. This series of patches will progressively replace any rootwrap call. This patch migrates some missing execution methods present in the code and removes unneeded rootwrap filters. Story: #2007686 Task: #41558 Change-Id: I1542dc4cf98658fc9a40018192498c7a5cd1c3fechanges/10/774110/8
15 changed files with 46 additions and 89 deletions
@ -1,15 +0,0 @@
|
||||
# neutron-rootwrap command filters for nodes on which neutron is |
||||
# expected to control network |
||||
# |
||||
# This file should be owned by (and only-writeable by) the root user |
||||
|
||||
# format seems to be |
||||
# cmd-name: filter-name, raw-command, user, args |
||||
|
||||
[Filters] |
||||
|
||||
# neutron/agent/linux/iptables_firewall.py |
||||
sysctl: CommandFilter, sysctl, root |
||||
|
||||
# neutron/agent/linux/ip_conntrack.py |
||||
conntrack: CommandFilter, conntrack, root |
Loading…
Reference in new issue