Run sysinv-api as sysinv user and normal groups
The sysinv-api is currently running as the sysinv user, but with the group set to root. This is not correct - the sysinv-api should run with the normal groups for the sysinv user, which include sys_protected. This change is necessary to allow the sysinv-api to communicate with the kubernetes API (the configuration file is using group sys_protected). Change-Id: I0ebd60b256cf337495079fdb723b3ef2836e56de Story: 2006590 Task: 36724 Depends-On: https://review.opendev.org/690418 Signed-off-by: Bart Wensley <barton.wensley@windriver.com>
This commit is contained in:
parent
58f05e8beb
commit
089cd3f420
|
@ -254,7 +254,7 @@ sysinv_api_start () {
|
|||
fi
|
||||
|
||||
# switch to non-root user before starting service
|
||||
su ${OCF_RESKEY_user} -g root -s /bin/sh -c "${OCF_RESKEY_binary} --config-file=${OCF_RESKEY_config} ${RUN_OPT_DEBUG}"' >> /dev/null 2>&1 & echo $!' > $OCF_RESKEY_pid
|
||||
su ${OCF_RESKEY_user} -s /bin/sh -c "${OCF_RESKEY_binary} --config-file=${OCF_RESKEY_config} ${RUN_OPT_DEBUG}"' >> /dev/null 2>&1 & echo $!' > $OCF_RESKEY_pid
|
||||
rc=$?
|
||||
if [ ${rc} -ne ${OCF_SUCCESS} ] ; then
|
||||
ocf_log err "${proc} failed ${mydaemon} daemon (rc=$rc)"
|
||||
|
|
Loading…
Reference in New Issue