Fix "sudo: sorry, you must have a tty to run sudo"
On many systems the requiretty sudoers option is turned on by default.
With "requiretty" option the sudo ensures the user have real tty access.
Just several "su" variant has an option for skipping the new session creation step.
Only one session can posses a tty, so after a "su -c" the sudo will not
work.
We will use sudo instead of su, when we create the stack account.
This change adds new variable the STACK_USER for
service username.
Change-Id: I1b3fbd903686884e74a5a22d82c0c0890e1be03c
diff --git a/lib/baremetal b/lib/baremetal
index 112fd6d..3cc2429 100644
--- a/lib/baremetal
+++ b/lib/baremetal
@@ -200,14 +200,14 @@
sudo mkdir -p /tftpboot
sudo mkdir -p /tftpboot/pxelinux.cfg
sudo cp /usr/lib/syslinux/pxelinux.0 /tftpboot/
- sudo chown -R `whoami`:libvirtd /tftpboot
+ sudo chown -R $STACK_USER:libvirtd /tftpboot
# ensure $NOVA_STATE_PATH/baremetal is prepared
sudo mkdir -p $NOVA_STATE_PATH/baremetal
sudo mkdir -p $NOVA_STATE_PATH/baremetal/console
sudo mkdir -p $NOVA_STATE_PATH/baremetal/dnsmasq
sudo touch $NOVA_STATE_PATH/baremetal/dnsmasq/dnsmasq-dhcp.host
- sudo chown -R `whoami` $NOVA_STATE_PATH/baremetal
+ sudo chown -R $STACK_USER $NOVA_STATE_PATH/baremetal
# ensure dnsmasq is installed but not running
# because baremetal driver will reconfigure and restart this as needed
diff --git a/lib/ceilometer b/lib/ceilometer
index 749e785..0fae397 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -9,6 +9,7 @@
# - OS_AUTH_URL for auth in api
# - DEST set to the destination directory
# - SERVICE_PASSWORD, SERVICE_TENANT_NAME for auth in api
+# - STACK_USER service user
# stack.sh
# ---------
@@ -94,7 +95,7 @@
function init_ceilometer() {
# Create cache dir
sudo mkdir -p $CEILOMETER_AUTH_CACHE_DIR
- sudo chown `whoami` $CEILOMETER_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $CEILOMETER_AUTH_CACHE_DIR
rm -f $CEILOMETER_AUTH_CACHE_DIR/*
}
diff --git a/lib/cinder b/lib/cinder
index 4aaea5d..cbeb1d7 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -3,7 +3,7 @@
# Dependencies:
# - functions
-# - DEST, DATA_DIR must be defined
+# - DEST, DATA_DIR, STACK_USER must be defined
# SERVICE_{TENANT_NAME|PASSWORD} must be defined
# ``KEYSTONE_TOKEN_FORMAT`` must be defined
@@ -110,7 +110,7 @@
if [[ ! -d $CINDER_CONF_DIR ]]; then
sudo mkdir -p $CINDER_CONF_DIR
fi
- sudo chown `whoami` $CINDER_CONF_DIR
+ sudo chown $STACK_USER $CINDER_CONF_DIR
cp -p $CINDER_DIR/etc/cinder/policy.json $CINDER_CONF_DIR
@@ -295,7 +295,7 @@
# Create cache dir
sudo mkdir -p $CINDER_AUTH_CACHE_DIR
- sudo chown `whoami` $CINDER_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $CINDER_AUTH_CACHE_DIR
rm -f $CINDER_AUTH_CACHE_DIR/*
}
diff --git a/lib/glance b/lib/glance
index dff247a..1c56a67 100644
--- a/lib/glance
+++ b/lib/glance
@@ -3,7 +3,7 @@
# Dependencies:
# ``functions`` file
-# ``DEST``, ``DATA_DIR`` must be defined
+# ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
# ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined
# ``SERVICE_HOST``
# ``KEYSTONE_TOKEN_FORMAT`` must be defined
@@ -75,7 +75,7 @@
if [[ ! -d $GLANCE_CONF_DIR ]]; then
sudo mkdir -p $GLANCE_CONF_DIR
fi
- sudo chown `whoami` $GLANCE_CONF_DIR
+ sudo chown $STACK_USER $GLANCE_CONF_DIR
# Copy over our glance configurations and update them
cp $GLANCE_DIR/etc/glance-registry.conf $GLANCE_REGISTRY_CONF
@@ -158,10 +158,10 @@
# Create cache dir
sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/api
- sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/api
+ sudo chown $STACK_USER $GLANCE_AUTH_CACHE_DIR/api
rm -f $GLANCE_AUTH_CACHE_DIR/api/*
sudo mkdir -p $GLANCE_AUTH_CACHE_DIR/registry
- sudo chown `whoami` $GLANCE_AUTH_CACHE_DIR/registry
+ sudo chown $STACK_USER $GLANCE_AUTH_CACHE_DIR/registry
rm -f $GLANCE_AUTH_CACHE_DIR/registry/*
}
diff --git a/lib/heat b/lib/heat
index a6f7286..89bd44f 100644
--- a/lib/heat
+++ b/lib/heat
@@ -49,7 +49,7 @@
if [[ ! -d $HEAT_CONF_DIR ]]; then
sudo mkdir -p $HEAT_CONF_DIR
fi
- sudo chown `whoami` $HEAT_CONF_DIR
+ sudo chown $STACK_USER $HEAT_CONF_DIR
HEAT_API_CFN_HOST=${HEAT_API_CFN_HOST:-$SERVICE_HOST}
HEAT_API_CFN_PORT=${HEAT_API_CFN_PORT:-8000}
diff --git a/lib/keystone b/lib/keystone
index 34f3372..7a70cc4 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -7,6 +7,7 @@
# ``SERVICE_HOST``, ``SERVICE_PROTOCOL``
# ``SERVICE_TOKEN``
# ``S3_SERVICE_PORT`` (template backend only)
+# ``STACK_USER``
# ``stack.sh`` calls the entry points in this order:
#
@@ -79,7 +80,7 @@
if [[ ! -d $KEYSTONE_CONF_DIR ]]; then
sudo mkdir -p $KEYSTONE_CONF_DIR
fi
- sudo chown `whoami` $KEYSTONE_CONF_DIR
+ sudo chown $STACK_USER $KEYSTONE_CONF_DIR
if [[ "$KEYSTONE_CONF_DIR" != "$KEYSTONE_DIR/etc" ]]; then
cp -p $KEYSTONE_DIR/etc/keystone.conf.sample $KEYSTONE_CONF
@@ -261,7 +262,7 @@
# Create cache dir
sudo mkdir -p $KEYSTONE_AUTH_CACHE_DIR
- sudo chown `whoami` $KEYSTONE_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $KEYSTONE_AUTH_CACHE_DIR
rm -f $KEYSTONE_AUTH_CACHE_DIR/*
fi
}
diff --git a/lib/nova b/lib/nova
index 781cc09..9803acb 100644
--- a/lib/nova
+++ b/lib/nova
@@ -3,7 +3,7 @@
# Dependencies:
# ``functions`` file
-# ``DEST``, ``DATA_DIR`` must be defined
+# ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
# ``SERVICE_{TENANT_NAME|PASSWORD}`` must be defined
# ``LIBVIRT_TYPE`` must be defined
# ``INSTANCE_NAME_PREFIX``, ``VOLUME_NAME_PREFIX`` must be defined
@@ -149,7 +149,7 @@
if [[ ! -d $NOVA_CONF_DIR ]]; then
sudo mkdir -p $NOVA_CONF_DIR
fi
- sudo chown `whoami` $NOVA_CONF_DIR
+ sudo chown $STACK_USER $NOVA_CONF_DIR
cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR
@@ -277,7 +277,7 @@
if ! getent group libvirtd >/dev/null; then
sudo groupadd libvirtd
fi
- add_user_to_group `whoami` libvirtd
+ add_user_to_group $STACK_USER libvirtd
# libvirt detects various settings on startup, as we potentially changed
# the system configuration (modules, filesystems), we need to restart
@@ -297,7 +297,7 @@
if [ -L /dev/disk/by-label/nova-instances ]; then
if ! mount -n | grep -q $NOVA_INSTANCES_PATH; then
sudo mount -L nova-instances $NOVA_INSTANCES_PATH
- sudo chown -R `whoami` $NOVA_INSTANCES_PATH
+ sudo chown -R $STACK_USER $NOVA_INSTANCES_PATH
fi
fi
@@ -474,13 +474,13 @@
# Create cache dir
sudo mkdir -p $NOVA_AUTH_CACHE_DIR
- sudo chown `whoami` $NOVA_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $NOVA_AUTH_CACHE_DIR
rm -f $NOVA_AUTH_CACHE_DIR/*
# Create the keys folder
sudo mkdir -p ${NOVA_STATE_PATH}/keys
# make sure we own NOVA_STATE_PATH and all subdirs
- sudo chown -R `whoami` ${NOVA_STATE_PATH}
+ sudo chown -R $STACK_USER ${NOVA_STATE_PATH}
}
# install_novaclient() - Collect source and prepare
diff --git a/lib/quantum b/lib/quantum
index f74eead..f081d9b 100644
--- a/lib/quantum
+++ b/lib/quantum
@@ -388,7 +388,7 @@
if [[ ! -d $QUANTUM_CONF_DIR ]]; then
sudo mkdir -p $QUANTUM_CONF_DIR
fi
- sudo chown `whoami` $QUANTUM_CONF_DIR
+ sudo chown $STACK_USER $QUANTUM_CONF_DIR
cp $QUANTUM_DIR/etc/quantum.conf $QUANTUM_CONF
@@ -730,7 +730,7 @@
iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR
# Create cache dir
sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR
- sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $QUANTUM_AUTH_CACHE_DIR
rm -f $QUANTUM_AUTH_CACHE_DIR/*
}
diff --git a/lib/ryu b/lib/ryu
index ac3462b..1292313 100644
--- a/lib/ryu
+++ b/lib/ryu
@@ -27,7 +27,7 @@
if [[ ! -d $RYU_CONF_DIR ]]; then
sudo mkdir -p $RYU_CONF_DIR
fi
- sudo chown `whoami` $RYU_CONF_DIR
+ sudo chown $STACK_USER $RYU_CONF_DIR
RYU_CONF=$RYU_CONF_DIR/ryu.conf
sudo rm -rf $RYU_CONF
diff --git a/lib/swift b/lib/swift
index b418eda..46c6eb2 100644
--- a/lib/swift
+++ b/lib/swift
@@ -4,6 +4,7 @@
# Dependencies:
# ``functions`` file
# ``DEST``, ``SCREEN_NAME``, `SWIFT_HASH` must be defined
+# ``STACK_USER`` must be defined
# ``SWIFT_DATA_DIR`` or ``DATA_DIR`` must be defined
# ``lib/keystone`` file
# ``stack.sh`` calls the entry points in this order:
@@ -333,7 +334,7 @@
# Create cache dir
sudo mkdir -p $SWIFT_AUTH_CACHE_DIR
- sudo chown `whoami` $SWIFT_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $SWIFT_AUTH_CACHE_DIR
rm -f $SWIFT_AUTH_CACHE_DIR/*
}