From 4596234e586d50c748a4eb2f8993288bcf12ee95 Mon Sep 17 00:00:00 2001
From: Jesse Pretorius <jesse.pretorius@rackspace.co.uk>
Date: Thu, 14 Jul 2016 18:51:03 +0100
Subject: [PATCH] Update paste, policy and rootwrap configurations 2016-07-14

Change-Id: If49ea9ce30e081af2d6d662361a7d35d3ab5a60b
---
 files/rootwrap.d/compute.filters | 2 +-
 templates/policy.json.j2         | 9 ---------
 2 files changed, 1 insertion(+), 10 deletions(-)

diff --git a/files/rootwrap.d/compute.filters b/files/rootwrap.d/compute.filters
index 944740ed..07f18eab 100644
--- a/files/rootwrap.d/compute.filters
+++ b/files/rootwrap.d/compute.filters
@@ -224,7 +224,7 @@ sg_scan: CommandFilter, sg_scan, root
 
 # nova/volume/encryptors/cryptsetup.py:
 # nova/volume/encryptors/luks.py:
-ln: RegExpFilter, ln, root, ln, --symbolic, --force, /dev/mapper/.*, .*
+ln: RegExpFilter, ln, root, ln, --symbolic, --force, /dev/mapper/crypt-.+, .+
 
 # nova/volume/encryptors.py:
 # nova/virt/libvirt/dmcrypt.py:
diff --git a/templates/policy.json.j2 b/templates/policy.json.j2
index 79481bf1..2c63c085 100644
--- a/templates/policy.json.j2
+++ b/templates/policy.json.j2
@@ -1,11 +1,2 @@
 {
-    "context_is_admin":  "role:admin",
-    "admin_or_owner":  "is_admin:True or project_id:%(project_id)s",
-    "default": "rule:admin_or_owner",
-
-    "cells_scheduler_filter:TargetCellFilter": "is_admin:True",
-
-    "admin_api": "is_admin:True",
-
-    "network:attach_external_network": "is_admin:True"
 }