diff --git a/bin/nova-rootwrap b/bin/nova-rootwrap
index 0fd44939..b9827944 100755
--- a/bin/nova-rootwrap
+++ b/bin/nova-rootwrap
@@ -21,7 +21,7 @@
    Filters which commands nova is allowed to run as another user.
 
    To use this, you should set the following in nova.conf:
-   root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
+   rootwrap_config=/etc/nova/rootwrap.conf
 
    You also need to let the nova user run nova-rootwrap as root in sudoers:
    nova ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf *
diff --git a/nova/flags.py b/nova/flags.py
index 9c98bbdf..588ecfe5 100644
--- a/nova/flags.py
+++ b/nova/flags.py
@@ -339,7 +339,11 @@ global_opts = [
                     'formatted with on creation.'),
     cfg.StrOpt('root_helper',
                default='sudo',
-               help='Command prefix to use for running commands as root'),
+               help='Deprecated: command to use for running commands as root'),
+    cfg.StrOpt('rootwrap_config',
+               default=None,
+               help='Path to the rootwrap configuration file to use for '
+                    'running commands as root'),
     cfg.StrOpt('network_driver',
                default='nova.network.linux_net',
                help='Driver to use for network creation'),