Merge "Remove setting ACLs during Upgrade" into stable/victoria
This commit is contained in:
commit
de91529358
|
@ -453,34 +453,3 @@ outputs:
|
|||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
upgrade_tasks: []
|
||||
post_upgrade_tasks:
|
||||
- name: Check for neutron user
|
||||
getent:
|
||||
database: passwd
|
||||
key: neutron
|
||||
fail_key: false
|
||||
- name: Set neutron_user_avail
|
||||
set_fact:
|
||||
neutron_user_avail: "{{ getent_passwd is defined }}"
|
||||
- when:
|
||||
- step|int == 2
|
||||
- neutron_user_avail|bool
|
||||
block:
|
||||
- name: Ensure read/write access for files created after upgrade
|
||||
become: true
|
||||
shell: |
|
||||
umask 0002
|
||||
setfacl -d -R -m u:neutron:rwx /var/lib/neutron
|
||||
setfacl -R -m u:neutron:rw /var/lib/neutron
|
||||
find /var/lib/neutron -type d -exec setfacl -m u:neutron:rwx '{}' \;
|
||||
- name: Provide access for domain sockets
|
||||
failed_when: false
|
||||
become: true
|
||||
shell: |
|
||||
umask 0002
|
||||
setfacl -m u:neutron:rwx "{{ item }}"
|
||||
with_items:
|
||||
- /var/lib/neutron/metadata_proxy
|
||||
- /var/lib/neutron
|
||||
# These files are not necessarily present
|
||||
failed_when: false
|
||||
|
|
|
@ -393,34 +393,3 @@ outputs:
|
|||
mode: 0755
|
||||
content: {get_file: ./kill-script}
|
||||
upgrade_tasks: []
|
||||
post_upgrade_tasks:
|
||||
- name: Check for neutron user
|
||||
getent:
|
||||
database: passwd
|
||||
key: neutron
|
||||
fail_key: false
|
||||
- name: Set neutron_user_avail
|
||||
set_fact:
|
||||
neutron_user_avail: "{{ getent_passwd is defined }}"
|
||||
- when:
|
||||
- step|int == 2
|
||||
- neutron_user_avail|bool
|
||||
block:
|
||||
- name: Ensure r/w access for existing files after upgrade
|
||||
become: true
|
||||
shell: |
|
||||
umask 0002
|
||||
setfacl -d -R -m u:neutron:rwx /var/lib/neutron
|
||||
setfacl -R -m u:neutron:rw /var/lib/neutron
|
||||
find /var/lib/neutron -type d -exec setfacl -m u:neutron:rwx '{}' \;
|
||||
- name: Provide access to domain sockets
|
||||
become: true
|
||||
shell: |
|
||||
umask 0002
|
||||
setfacl -m u:neutron:rwx "{{ item }}"
|
||||
with_items:
|
||||
- /var/lib/neutron/metadata_proxy
|
||||
- /var/lib/neutron/keepalived-state-change
|
||||
- /var/lib/neutron
|
||||
# These files are not necessarily present
|
||||
failed_when: false
|
||||
|
|
|
@ -210,34 +210,3 @@ outputs:
|
|||
persistent: yes
|
||||
state: yes
|
||||
upgrade_tasks: []
|
||||
post_upgrade_tasks:
|
||||
- name: Check for neutron user
|
||||
getent:
|
||||
database: passwd
|
||||
key: neutron
|
||||
fail_key: false
|
||||
- name: Set neutron_user_avail
|
||||
set_fact:
|
||||
neutron_user_avail: "{{ getent_passwd is defined }}"
|
||||
- when:
|
||||
- step|int == 2
|
||||
- neutron_user_avail|bool
|
||||
block:
|
||||
- name: Ensure r/w access for existing files after upgrade
|
||||
become: true
|
||||
shell: |
|
||||
umask 0002
|
||||
setfacl -d -R -m u:neutron:rwx /var/lib/neutron
|
||||
setfacl -R -m u:neutron:rw /var/lib/neutron
|
||||
find /var/lib/neutron -type d -exec setfacl -m u:neutron:rwx '{}' \;
|
||||
- name: Provide access to domain sockets
|
||||
become: true
|
||||
shell: |
|
||||
umask 0002
|
||||
setfacl -m u:neutron:rwx "{{ item }}"
|
||||
with_items:
|
||||
- /var/lib/neutron/metadata_proxy
|
||||
- /var/lib/neutron/keepalived-state-change
|
||||
- /var/lib/neutron
|
||||
# These files are not necessarily present
|
||||
failed_when: false
|
||||
|
|
Loading…
Reference in New Issue