openstack/tripleo-common
Code Issues Proposed changes

Merge "Fix chown command for tripleo validation."

Browse Source
This commit is contained in:
Zuul
2018-02-19 20:46:07 +00:00
committed by Gerrit Code Review
parent 1550e16d6e 26fdf89e67
commit afc399096c
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
sudoers
View File

@@ -3,7 +3,6 @@ Defaults:validations !requiretty
Defaults:mistral !requiretty Defaults:mistral !requiretty
mistral ALL = (validations) NOPASSWD:SETENV: /usr/bin/run-validation mistral ALL = (validations) NOPASSWD:SETENV: /usr/bin/run-validation
mistral ALL = NOPASSWD: /usr/bin/chown -h validations\: /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \ mistral ALL = NOPASSWD: /usr/bin/chown -h validations\: /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
/usr/bin/chown validations\: /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
!/usr/bin/chown /tmp/validations_identity_* *, !/usr/bin/chown /tmp/validations_identity_*..* !/usr/bin/chown /tmp/validations_identity_* *, !/usr/bin/chown /tmp/validations_identity_*..*
mistral ALL = NOPASSWD: /usr/bin/rm -f /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \ mistral ALL = NOPASSWD: /usr/bin/rm -f /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
!/usr/bin/rm /tmp/validations_identity_* *, !/usr/bin/rm /tmp/validations_identity_*..* !/usr/bin/rm /tmp/validations_identity_* *, !/usr/bin/rm /tmp/validations_identity_*..*

3
tripleo_common/tests/utils/test_validations.py
View File

@@ -101,7 +101,8 @@ class ValidationsKeyTest(base.TestCase):
mock_open_context.assert_called_once_with('fd', 'w') mock_open_context.assert_called_once_with('fd', 'w')
mock_open_context().write.assert_called_once_with('private_key') mock_open_context().write.assert_called_once_with('private_key')
mock_execute.assert_called_once_with( mock_execute.assert_called_once_with(
'/usr/bin/sudo', '/usr/bin/chown', 'validations:', 'tmp_path') '/usr/bin/sudo', '/usr/bin/chown', '-h', 'validations:',
'tmp_path')
@mock.patch("oslo_concurrency.processutils.execute") @mock.patch("oslo_concurrency.processutils.execute")
def test_cleanup_identity_file(self, mock_execute): def test_cleanup_identity_file(self, mock_execute):

4
tripleo_common/utils/validations.py
View File

@@ -97,8 +97,8 @@ def write_identity_file(key):
LOG.debug('Writing SSH key to disk at %s', path) LOG.debug('Writing SSH key to disk at %s', path)
with os.fdopen(fd, 'w') as tmp: with os.fdopen(fd, 'w') as tmp:
tmp.write(key) tmp.write(key)
processutils.execute('/usr/bin/sudo', '/usr/bin/chown', 'validations:', processutils.execute('/usr/bin/sudo', '/usr/bin/chown', '-h',
path) 'validations:', path)
return path return path