Fix chown command in write_inputs_file function

The tripleo-common sudoers file allows an owner change on the
validations identity file. The command is only allowed with the `-h`
option, but this option isn't used in the `write_inputs_file` python
code. This breaks validation runs started through Mistral.

This patch adds this option to the `chown` command. It also removes an
useless line in the sudoers file.

Change-Id: Idd3098cfa3aab5dd618645e54b922f90cd9ae13f
Signed-off-by: Gael Chamoulaud <gchamoul@redhat.com>

sudoers

@@ -5,7 +5,6 @@ mistral ALL = (validations) NOPASSWD:SETENV: /usr/bin/run-validation
 mistral ALL = NOPASSWD: /usr/bin/chown -h validations\: /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
         !/usr/bin/chown /tmp/validations_identity_* *, !/usr/bin/chown /tmp/validations_identity_*..*
 mistral ALL = NOPASSWD: /usr/bin/chown -h validations\: /tmp/validations_inputs_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
-        /usr/bin/chown validations\: /tmp/validations_inputs_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
         !/usr/bin/chown /tmp/validations_inputs_* *, !/usr/bin/chown /tmp/validations_inputs_*..*
 mistral ALL = NOPASSWD: /usr/bin/rm -f /tmp/validations_identity_[A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_][A-Za-z0-9_], \
         !/usr/bin/rm /tmp/validations_identity_* *, !/usr/bin/rm /tmp/validations_identity_*..*

tripleo_common/utils/validations.py

@@ -187,7 +187,10 @@ def write_inputs_file(inputs):
     LOG.debug("Writing the validation inputs to %s", path)
     with os.fdopen(fd, 'w') as tmp:
         tmp.write(yaml.dump(inputs))
-    processutils.execute('/usr/bin/sudo', '/usr/bin/chown', 'validations:',
+    processutils.execute('/usr/bin/sudo',
+                         '/usr/bin/chown',
+                         '-h',
+                         'validations:',
                          path)
     return path