Browse Source

Merge "First pass at script cleanup" into stable/ussuri

changes/39/743739/1
Zuul 5 days ago
committed by Gerrit Code Review
parent
commit
1bcedda414
7 changed files with 7 additions and 7 deletions
  1. +1
    -0
      container-images/kolla/barbican-base/sudoers
  2. +1
    -1
      container-images/kolla/base/httpd_setup.sh
  3. +1
    -1
      container-images/kolla/base/sudoers
  4. +1
    -1
      container-images/kolla/horizon/extend_start.sh
  5. +0
    -2
      container-images/kolla/neutron-base/neutron_sudoers
  6. +0
    -1
      container-images/tcib/base/mariadb/mariadb.yaml
  7. +3
    -1
      container-images/tcib/base/os/barbican-base/barbican-base.yaml

+ 1
- 0
container-images/kolla/barbican-base/sudoers View File

@@ -0,0 +1 @@
%kolla ALL=(root) NOPASSWD: /usr/bin/chown -R barbican /var/lib/barbican/, /bin/chown -R barbican /var/lib/barbican/

+ 1
- 1
container-images/kolla/base/httpd_setup.sh View File

@@ -14,7 +14,7 @@ if [[ "$(whoami)" == 'root' ]]; then
# on startup:
# SSLCertificateFile: file '/etc/pki/tls/certs/localhost.crt' does not exist or is empty
# Work around this by generating certificates manually.
if [[ ${KOLLA_BASE_DISTRO} = centos ]] && [[ ! -e /etc/pki/tls/certs/localhost.crt ]]; then
if [[ ! -e /etc/pki/tls/certs/localhost.crt ]]; then
/usr/libexec/httpd-ssl-gencerts
fi
fi

+ 1
- 1
container-images/kolla/base/sudoers View File

@@ -13,6 +13,6 @@ root ALL=(ALL) ALL

# anyone in the kolla group may run /usr/local/bin/kolla_set_configs as the
# root user via sudo without password confirmation
%kolla ALL=(root) NOPASSWD: /usr/local/bin/kolla_set_configs
%kolla ALL=(root) NOPASSWD: /usr/local/bin/kolla*

#includedir /etc/sudoers.d

+ 1
- 1
container-images/kolla/horizon/extend_start.sh View File

@@ -4,7 +4,7 @@ set -o errexit

FORCE_GENERATE="${FORCE_GENERATE}"
HASH_PATH=/var/lib/kolla/.settings.md5sum.txt
MANAGE_PY="/usr/bin/python${KOLLA_DISTRO_PYTHON_VERSION} /usr/bin/manage.py"
MANAGE_PY="/usr/bin/python3 /usr/bin/manage.py"

if [[ -f /etc/openstack-dashboard/custom_local_settings ]]; then
CUSTOM_SETTINGS_FILE="${SITE_PACKAGES}/openstack_dashboard/local/custom_local_settings.py"


+ 0
- 2
container-images/kolla/neutron-base/neutron_sudoers View File

@@ -1,5 +1,3 @@
neutron ALL = (root) NOPASSWD: /var/lib/kolla/venv/bin/neutron-rootwrap /etc/neutron/rootwrap.conf *
neutron ALL = (root) NOPASSWD: /var/lib/kolla/venv/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --set iptables /usr/sbin/iptables-legacy
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
neutron ALL = (root) NOPASSWD: /usr/bin/update-alternatives --auto iptables


+ 0
- 1
container-images/tcib/base/mariadb/mariadb.yaml View File

@@ -1,5 +1,4 @@
tcib_actions:
- run: 'echo "%kolla ALL=(root) NOPASSWD: /usr/local/bin/kolla_security_reset" > /etc/sudoers.d/security_reset && chmod 640 /etc/sudoers.d/security_reset'
- run: if [ '{{ tcib_distro }}' == 'rhel' ]; then {% for item in tcib_packages.modules %}{% set key, value = (item.items() | list).0 %}dnf module -y {{ key }} {{ value }}; {% endfor %}fi
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
- copy: /usr/share/tripleo-common/container-images/kolla/mariadb/extend_start.sh /usr/local/bin/kolla_extend_start


+ 3
- 1
container-images/tcib/base/os/barbican-base/barbican-base.yaml View File

@@ -1,7 +1,9 @@
tcib_actions:
- run: dnf -y install {{ tcib_packages['common'] | join(' ') }} && dnf clean all && rm -rf /var/cache/dnf
- run: 'echo "%kolla ALL=(root) NOPASSWD: /usr/bin/chown -R barbican /var/lib/barbican/, /bin/chown -R barbican /var/lib/barbican/" > /etc/sudoers.d/barbican_sudoers && chmod 640 /etc/sudoers.d/barbican_sudoers'
- copy: /usr/share/tripleo-common/container-images/kolla/barbican-base/sudoers /etc/sudoers.d/barbican_sudoers
- run: chmod 640 /etc/sudoers.d/barbican_sudoers
- run: usermod -a -G kolla barbican
tcib_gather_files: '{{ lookup(''fileglob'', ''/usr/share/tripleo-common/container-images/kolla/barbican-base/*'', wantlist=True) }}'
tcib_packages:
common:
- openstack-barbican-common

Loading…
Cancel
Save