25 lines
809 B
XML
25 lines
809 B
XML
# neutron-rootwrap command filters for nodes on which neutron is
|
|
# expected to control network
|
|
#
|
|
# This file should be owned by (and only-writeable by) the root user
|
|
|
|
# format seems to be
|
|
# cmd-name: filter-name, raw-command, user, args
|
|
|
|
[Filters]
|
|
|
|
# openvswitch-agent
|
|
# unclear whether both variants are necessary, but I'm transliterating
|
|
# from the old mechanism
|
|
ovs-vsctl: CommandFilter, ovs-vsctl, root
|
|
# NOTE(yamamoto): of_interface=native doesn't use ovs-ofctl
|
|
ovs-ofctl: CommandFilter, ovs-ofctl, root
|
|
kill_ovsdb_client: KillFilter, root, /usr/bin/ovsdb-client, -9
|
|
ovsdb-client: CommandFilter, ovsdb-client, root
|
|
xe: CommandFilter, xe, root
|
|
|
|
# ip_lib
|
|
ip: IpFilter, ip, root
|
|
find: RegExpFilter, find, root, find, /sys/class/net, -maxdepth, 1, -type, l, -printf, %.*
|
|
ip_exec: IpNetnsExecFilter, ip, root
|