Always setup rootwrap sudoers entry
Setup /etc/sudoers.d/nova-rootwrap in all cases, and not just
when devstack is not run as root. Fixes bug 1011652.
Change-Id: Ib4cdeaa282f01cf2ce98119618f232c91b6e8db4
diff --git a/AUTHORS b/AUTHORS
index f9aa9ea..ff05f82 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -26,6 +26,7 @@
Kiall Mac Innes <kiall@managedit.ie>
Russell Bryant <rbryant@redhat.com>
Scott Moser <smoser@ubuntu.com>
+Thierry Carrez <thierry@openstack.org>
Todd Willey <xtoddx@gmail.com>
Tres Henry <tres@treshenry.net>
Vishvananda Ishaya <vishvananda@gmail.com>
diff --git a/stack.sh b/stack.sh
index 3d93de4..a675905 100755
--- a/stack.sh
+++ b/stack.sh
@@ -187,13 +187,6 @@
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
- # Set up the rootwrap sudoers
- TEMPFILE=`mktemp`
- echo "$USER ALL=(root) NOPASSWD: $NOVA_ROOTWRAP" >$TEMPFILE
- chmod 0440 $TEMPFILE
- sudo chown root:root $TEMPFILE
- sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
-
# Remove old file
sudo rm -f /etc/sudoers.d/stack_sh_nova
fi
@@ -1184,6 +1177,13 @@
cp -p $NOVA_DIR/etc/nova/policy.json $NOVA_CONF_DIR
+# Set up the rootwrap sudoers
+TEMPFILE=`mktemp`
+echo "$USER ALL=(root) NOPASSWD: $NOVA_ROOTWRAP" >$TEMPFILE
+chmod 0440 $TEMPFILE
+sudo chown root:root $TEMPFILE
+sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
+
if is_service_enabled n-api; then
# Use the sample http middleware configuration supplied in the
# Nova sources. This paste config adds the configuration required