openstack
/
tripleo-image-elements
Code Issues Proposed changes

Update neutron's selinux policies 

Allow neutron permission to /mnt/state and /var/run.

Move directory creation from post-configure.d to configure.d.

Change-Id: Ia4ea5b84bbbe69b6d2e72a5b4d7a691d5213bdfa
This commit is contained in:
Richard Su 2014-03-25 12:05:34 -07:00
parent e3c78fd3b0
commit 63150d4e46
3 changed files with 19 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
elements/neutron-server/os-refresh-config/post-configure.d/80-neutron-server
View File

@ -1,10 +1,6 @@
#!/bin/bash
set -eux
[ -d /mnt/state/var/lib/neutron ] || {
install -d -D -m 0770 -o neutron -g neutron /mnt/state/var/lib/neutron
}
os-svc-enable -n neutron-server
os-svc-restart -n neutron-server

6
elements/neutron/os-refresh-config/configure.d/10-neutron-state Executable file
View File

@ -0,0 +1,6 @@
#!/bin/bash
set -eu
[ -d /mnt/state/var/lib/neutron ] || install -d -D -m 0770 -o neutron -g neutron /mnt/state/var/lib/neutron
[ -d /var/run/neutron ] || install -D -m 0775 -o neutron -g neutron -d /var/run/neutron
[ -d /mnt/state/var/log/neutron ] || install -D -m 0775 -o neutron -g neutron -d /mnt/state/var/log/neutron

13
elements/neutron/os-refresh-config/configure.d/20-neutron-selinux Executable file
View File

@ -0,0 +1,13 @@
#!/bin/bash
set -eu
[ -x /usr/sbin/semanage ] || exit 0
semanage fcontext -a -t neutron_var_lib_t "/mnt/state/var/lib/neutron(/.*)?"
restorecon -Rv /mnt/state/var/lib/neutron
semanage fcontext -a -t neutron_var_lib_t "/var/run/neutron(/.*)?"
restorecon -Rv /var/run/neutron
semanage fcontext -a -t neutron_log_t "/mnt/state/var/log/neutron(/.*)?"
restorecon -Rv /mnt/state/var/log/neutron