panko

History

Chaozhe.Chen 58389f1822 Add /usr/local/{sbin,bin} to rootwrap exec_dirs I noticed that nova, neutron and cinder's rootwrap exec_dirs include /usr/local/{sbin,bin} which is a standardised location for admins to install non-distro executables, and these executables are no less "trustworthy" than /usr/bin and friends. See neutron and cinder's rootwrap.conf (and probably others), and typical distro default values for sudoers/secure_path for extremely similar precedents that all include /usr/local/*bin. See the same patch of nova for more information: https://review.openstack.org/#/c/280052/1 And see I710cf142b834381c00e651cfc062299ae755c33f for brief discussion of doing this via devstack before. Change-Id: If5ed1d7d81fdac10fc2b1608aafe20833e0f2980	2016-02-22 13:52:38 +08:00
..
apache2	Improve ceilometer-api install documentation	2015-04-30 14:59:57 +00:00
ceilometer	Add /usr/local/{sbin,bin} to rootwrap exec_dirs	2016-02-22 13:52:38 +08:00

Chaozhe.Chen 58389f1822 Add /usr/local/{sbin,bin} to rootwrap exec_dirs

I noticed that nova, neutron and cinder's rootwrap exec_dirs include
/usr/local/{sbin,bin} which is a standardised location for admins to
install non-distro executables, and these executables are no less
"trustworthy" than /usr/bin and friends.  See neutron and cinder's
rootwrap.conf (and probably others), and typical distro default values
for sudoers/secure_path for extremely similar precedents that all include
/usr/local/*bin.

See the same patch of nova for more information:
https://review.openstack.org/#/c/280052/1
And see I710cf142b834381c00e651cfc062299ae755c33f for brief discussion
of doing this via devstack before.

Change-Id: If5ed1d7d81fdac10fc2b1608aafe20833e0f2980

2016-02-22 13:52:38 +08:00

apache2

Improve ceilometer-api install documentation

2015-04-30 14:59:57 +00:00

ceilometer

Add /usr/local/{sbin,bin} to rootwrap exec_dirs

2016-02-22 13:52:38 +08:00