Merge "Stop using (and breaking) /var/tmp for horizon temporary things" into stable/victoria

This commit is contained in:
Zuul 2021-04-28 01:20:11 +00:00 committed by Gerrit Code Review
commit e2956b6ca1
1 changed files with 21 additions and 2 deletions

View File

@ -345,7 +345,7 @@ outputs:
- /var/lib/config-data/puppet-generated/horizon:/var/lib/kolla/config_files/src:ro
- /var/log/containers/horizon:/var/log/horizon:z
- /var/log/containers/httpd/horizon:/var/log/httpd:z
- /var/tmp/:/var/tmp/:z
- /var/tmp/horizon:/var/tmp/:z
- /var/www/:/var/www/:ro
- if:
- internal_tls_enabled
@ -391,7 +391,26 @@ outputs:
- { 'path': /var/log/containers/horizon, 'setype': container_file_t, 'mode': '0750' }
- { 'path': /var/log/containers/httpd/horizon, 'setype': container_file_t, 'mode': '0750' }
- { 'path': /var/www, 'setype': container_file_t }
upgrade_tasks: []
- { 'path': /var/tmp/horizon, 'setype': container_file_t, 'mode': '1777' }
- name: ensure /var/tmp/horizon exists on boot
copy:
dest: /etc/tmpfiles.d/var-tmp-horizon.conf
content: |
d /var/tmp/horizon 1777 root root - -
upgrade_tasks:
- name: Anchor for upgrade and update tasks
when: step|int == 0
block: &tmp_reset_label
- name: Reset selinux label on /var/tmp
file:
path: /var/tmp
state: directory
setype: tmp_t
mode: 1777
update_tasks:
- name: Anchor for upgrade and update tasks
when: step|int == 0
block: *tmp_reset_label
external_upgrade_tasks:
- when:
- step|int == 1