openstack/nova
Code Issues Proposed changes
83030804cc
nova/releasenotes/notes/privsep-queens-rootwrap-adds-907aa1bc8e3eb2ca.yaml
Michael Still 2b75745179 Move contrail vif plugging to privsep. 
The same pattern as the others, except with a generated command line.

Change-Id: Icfbe3566d8cb82e6878ab4097ed747b18fd5e28a
blueprint: hurrah-for-privsep
2017-11-02 12:09:27 +11:00

17 lines
689 B
YAML
Raw Blame History

---
upgrade:
- |
A sys-admin privsep daemon has been added and needs to be included in your
rootwrap configuration.
- |
Calls to mount in the virt disk api no longer ignore the value of stderr.
- |
The nova-idmapshift binary has been removed. This has been replaced by
internal functionality using privsep.
- |
The following commands are no longer required to be listed in your rootwrap
configuration: blkid; cat; chown; cryptsetup; dd; ebrctl; ifc_ctl; kpartx;
losetup; lvcreate; lvremove; lvs; mkdir; mm-ctl; mount; nova-idmapshift;
ploop; prl_disk_tool; qemu-nbd; readlink; shred; tee; touch; umount; vgs;
vrouter-port-control; and xend.
View Git Blame Copy Permalink