Merge "config: Convert wrsroot -> sysadmin"

sysinv/sysinv/sysinv/sysinv/api/controllers/v1/user.py

@@ -37,7 +37,7 @@ from wsme import types as wtypes
 
 LOG = log.getLogger(__name__)
 
-IUSERS_ROOT_USERNAME = 'wrsroot'
+IUSERS_ROOT_USERNAME = 'sysadmin'
 
 
 class UserPatchType(types.JsonPatchType):
@@ -300,11 +300,11 @@ class UserController(rest.RestController):
             return User.convert_with_links(rpc_user)
 
         except exception.HTTPNotFound:
-            msg = _("User wrsroot update failed: system %s user %s : patch %s"
+            msg = _("User sysadmin update failed: system %s user %s : patch %s"
                     % (isystem['systemname'], user, patch))
             raise wsme.exc.ClientSideError(msg)
         except exception.KeyError:
-            msg = _("Cannot retrieve shadow entry for wrsroot: system %s : patch %s"
+            msg = _("Cannot retrieve shadow entry for sysadmin: system %s : patch %s"
                     % (isystem['systemname'], patch))
             raise wsme.exc.ClientSideError(msg)
 

sysinv/sysinv/sysinv/sysinv/common/constants.py

@@ -1185,10 +1185,10 @@ LLDP_FULL_AUDIT_COUNT = 6
 FM_SUPPRESSED = 'suppressed'
 FM_UNSUPPRESSED = 'unsuppressed'
 
-# wrsroot password aging.
+# sysadmin password aging.
 # Setting aging to max defined value qualifies
 # as "never" on certain Linux distros including WRL
-WRSROOT_PASSWORD_NO_AGING = 99999
+SYSADMIN_PASSWORD_NO_AGING = 99999
 
 # SDN Controller
 SDN_CONTROLLER_STATE_ENABLED = 'enabled'
@@ -1298,7 +1298,7 @@ NETWORK_CONFIG_LOCK_FILE = os.path.join(
 
 SYSINV_USERNAME = "sysinv"
 SYSINV_GRPNAME = "sysinv"
-SYSINV_WRS_GRPNAME = "wrs_protected"
+SYSINV_SYSADMIN_GRPNAME = "sys_protected"
 
 # This is the first report sysinv is sending to conductor since boot
 SYSINV_AGENT_FIRST_REPORT = 'first_report'

sysinv/sysinv/sysinv/sysinv/conductor/kube_app.py

@@ -272,9 +272,9 @@ class AppOperator(object):
             if not os.path.isdir(app.path):
                 create_app_path(app.path)
 
-            # Temporarily change /scratch group ownership to wrs_protected
+            # Temporarily change /scratch group ownership to sys_protected
             os.chown(constants.APP_INSTALL_ROOT_PATH, orig_uid,
-                     grp.getgrnam(constants.SYSINV_WRS_GRPNAME).gr_gid)
+                     grp.getgrnam(constants.SYSINV_SYSADMIN_GRPNAME).gr_gid)
 
             # Extract the tarfile as sysinv user
             if not cutils.extract_tarfile(app.path, app.tarfile, demote_user=True):
@@ -613,9 +613,9 @@ class AppOperator(object):
         orig_uid, orig_gid = get_app_install_root_path_ownership()
         helm_repo = self._get_helm_repo_from_metadata(app)
         try:
-            # Temporarily change /scratch group ownership to wrs_protected
+            # Temporarily change /scratch group ownership to sys_protected
             os.chown(constants.APP_INSTALL_ROOT_PATH, orig_uid,
-                     grp.getgrnam(constants.SYSINV_WRS_GRPNAME).gr_gid)
+                     grp.getgrnam(constants.SYSINV_SYSADMIN_GRPNAME).gr_gid)
             with open(os.devnull, "w") as fnull:
                 for chart in charts:
                     subprocess.check_call(['helm-upload', helm_repo, chart],
@@ -1914,14 +1914,14 @@ class DockerHelper(object):
                 if not os.path.exists(ARMADA_HOST_LOG_LOCATION):
                     os.mkdir(ARMADA_HOST_LOG_LOCATION)
                     os.chmod(ARMADA_HOST_LOG_LOCATION, 0o755)
-                    os.chown(ARMADA_HOST_LOG_LOCATION, 1000, grp.getgrnam("wrs").gr_gid)
+                    os.chown(ARMADA_HOST_LOG_LOCATION, 1000, grp.getgrnam("sys_protected").gr_gid)
 
                 # First make kubernetes config accessible to Armada. This
                 # is a work around the permission issue in Armada container.
                 kube_config = os.path.join(constants.APP_SYNCED_DATA_PATH,
                                            'admin.conf')
                 shutil.copy('/etc/kubernetes/admin.conf', kube_config)
-                os.chown(kube_config, 1000, grp.getgrnam("wrs").gr_gid)
+                os.chown(kube_config, 1000, grp.getgrnam("sys_protected").gr_gid)
 
                 overrides_dir = common.HELM_OVERRIDES_PATH
                 manifests_dir = constants.APP_SYNCED_DATA_PATH

sysinv/sysinv/sysinv/sysinv/helm/utils.py

@@ -1,4 +1,4 @@
-# vim: tabstop=4 shiftwidth=4 softtabstop=4
+# sim: tabstop=4 shiftwidth=4 softtabstop=4
 #
 # Copyright (c) 2019 Wind River Systems, Inc.
 #
@@ -32,12 +32,12 @@ def refresh_helm_repo_information():
     """
     with open(os.devnull, "w") as fnull:
         try:
-            subprocess.check_call(['sudo', '-u', 'wrsroot',
+            subprocess.check_call(['sudo', '-u', 'sysadmin',
                                    'helm', 'repo', 'update'],
                                   stdout=fnull, stderr=fnull)
         except subprocess.CalledProcessError:
             # Just log an error. Don't stop any callers from further execution.
-            LOG.error("Failed to update helm repo data for user wrsroot.")
+            LOG.error("Failed to update helm repo data for user sysadmin.")
 
 
 def retrieve_helm_releases():

sysinv/sysinv/sysinv/sysinv/puppet/platform.py

@@ -235,9 +235,9 @@ class PlatformPuppet(base.BasePuppet):
     def _get_user_config(self):
         user = self.dbapi.iuser_get_one()
         return {
-            'platform::users::params::wrsroot_password':
+            'platform::users::params::sysadmin_password':
                 user.passwd_hash,
-            'platform::users::params::wrsroot_password_max_age':
+            'platform::users::params::sysadmin_password_max_age':
                 user.passwd_expiry_days,
         }