Add agents.l3 "radvd_user" configuration option

Based on new Neutron configuration option [1], it will allow to define the user to run the radvd daemon in the L3 agent. By default, the user will be "root", to solve the problem found in the related bug. [1] Ie9a6fbf04d453a3c1c0bddf9ecaa3d4d6467e8ff Change-Id: I8a1bff166ee78dca402457fd1498e5906380c9ed Closes-Bug: #1844688 (cherry picked from commit ab1049ae01)
2019-10-29 10:57:34 +00:00 · 2019-10-29 10:57:34 +00:00 · 1111e3dd2f
parent 3dc0585e05
commit 1111e3dd2f
1 changed files with 9 additions and 0 deletions
--- a/manifests/agents/l3.pp
+++ b/manifests/agents/l3.pp
@ -87,6 +87,13 @@
 #   (optional) L3 agent extensions to enable.
 #   Defaults to $::os_service_default
 #
+# [*radvd_user*]
+#   (optional) The username passed to radvd, used to drop root privileges and
+#   change user ID to username and group ID to the primary group of username.
+#   If no user specified, the user executing the L3 agent will be passed. If
+#   "root" specified, because radvd is spawned as root, no "username" parameter
+#   will be passed.
+#
 class neutron::agents::l3 (
  $package_ensure                   = 'present',
  $enabled                          = true,
@ -107,6 +114,7 @@ class neutron::agents::l3 (
  $purge_config                     = false,
  $availability_zone                = $::os_service_default,
  $extensions                       = $::os_service_default,
+  $radvd_user                       = $::os_service_default,
 ) {

  include ::neutron::deps
@ -134,6 +142,7 @@ class neutron::agents::l3 (
    'DEFAULT/periodic_fuzzy_delay':             value => $periodic_fuzzy_delay;
    'DEFAULT/enable_metadata_proxy':            value => $enable_metadata_proxy;
    'DEFAULT/agent_mode':                       value => $agent_mode;
+    'DEFAULT/radvd_user':                       value => $radvd_user;
    'agent/availability_zone':                  value => $availability_zone;
    'agent/extensions':                         value => $extensions;
  }