commit 76ca9a9e235c9f57eaecb387dc22d02e241de402
author Ralf Haferkamp <rhafer@suse.de> Fri Apr 12 12:39:58 2013 +0200
committer Ralf Haferkamp <rhafer@suse.de> Thu Apr 25 17:17:57 2013 +0200
tree 44f2dd3eccbd67465ac880d91842622b4cd736ed
parent 63992bcb581b871fabd7181d208ec267e5f5d8d8

Fix nova compute failing to start on openSUSE 12.3

The syntax of polkit authorization rules is different now. Using the same code
as for Fedora 18 now.

Change-Id: I4f66d8fc65c90a309aab478a4df35c77c7669314

lib/nova

diff --git a/lib/nova b/lib/nova
index ea73bad..f28094e 100644
--- a/lib/nova
+++ b/lib/nova
@@ -296,10 +296,32 @@
 
 
 
-        if is_fedora; then
-            # Starting with fedora 18 enable stack-user to virsh -c qemu:///system
-            # by creating a policy-kit rule for stack-user
-            if [[ "$os_RELEASE" -ge "18" ]]; then
+        if is_fedora || is_suse; then
+            if is_fedora && [[ "$os_RELEASE" -le "17" ]]; then
+                sudo bash -c 'cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
+[libvirt Management Access]
+Identity=unix-group:libvirtd
+Action=org.libvirt.unix.manage
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes
+EOF'
+            elif is_suse && [[ $os_RELEASE = 12.2 || "$os_VENDOR" = "SUSE LINUX" ]]; then
+                # openSUSE < 12.3 or SLE
+                # Work around the fact that polkit-default-privs overrules pklas
+                # with 'unix-group:$group'.
+                sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
+[libvirt Management Access]
+Identity=unix-user:$USER
+Action=org.libvirt.unix.manage
+ResultAny=yes
+ResultInactive=yes
+ResultActive=yes
+EOF"
+            else
+                # Starting with fedora 18 and opensuse-12.3 enable stack-user to
+                # virsh -c qemu:///system by creating a policy-kit rule for
+                # stack-user using the new Javascript syntax
                 rules_dir=/etc/polkit-1/rules.d
                 sudo mkdir -p $rules_dir
                 sudo bash -c "cat <<EOF > $rules_dir/50-libvirt-$STACK_USER.rules
@@ -311,27 +333,7 @@
 });
 EOF"
                 unset rules_dir
-            else
-                sudo bash -c 'cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
-[libvirt Management Access]
-Identity=unix-group:libvirtd
-Action=org.libvirt.unix.manage
-ResultAny=yes
-ResultInactive=yes
-ResultActive=yes
-EOF'
             fi
-        elif is_suse; then
-            # Work around the fact that polkit-default-privs overrules pklas
-            # with 'unix-group:$group'.
-            sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
-[libvirt Management Access]
-Identity=unix-user:$USER
-Action=org.libvirt.unix.manage
-ResultAny=yes
-ResultInactive=yes
-ResultActive=yes
-EOF"
         fi
 
         # The user that nova runs as needs to be member of **libvirtd** group otherwise