Make use of STACK_USER instead of relying on USER
Quite easily one ends up calling ./stack.sh in an environment that,
albeit being user "stack" (for example), doesn't quite meet the
expectations of devstack. The errors that follow can be rather hard to
track down, as the dependency on `USER` is not mentioned.
To remedy this situation, this commit
- uses STACK_USER instead of USER and
- mentions that dependency in the script headers of lib/*
Change-Id: If4cdc39b922ea64b4c0893a0e695ec06349fccc5
diff --git a/lib/apache b/lib/apache
index 41d6fcc..8ae78b2 100644
--- a/lib/apache
+++ b/lib/apache
@@ -4,6 +4,10 @@
# Dependencies:
#
# - ``functions`` file
+# -``STACK_USER`` must be defined
+
+# lib/apache exports the following functions:
+#
# - is_apache_enabled_service
# - install_apache_wsgi
# - config_apache_wsgi
@@ -19,7 +23,7 @@
# Allow overriding the default Apache user and group, default to
# current user and his default group.
-APACHE_USER=${APACHE_USER:-$USER}
+APACHE_USER=${APACHE_USER:-$STACK_USER}
APACHE_GROUP=${APACHE_GROUP:-$(id -gn $APACHE_USER)}
diff --git a/lib/ceilometer b/lib/ceilometer
index dcadb07..87bb656 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -67,10 +67,10 @@
setup_develop $CEILOMETER_DIR
[ ! -d $CEILOMETER_CONF_DIR ] && sudo mkdir -m 755 -p $CEILOMETER_CONF_DIR
- sudo chown $USER $CEILOMETER_CONF_DIR
+ sudo chown $STACK_USER $CEILOMETER_CONF_DIR
[ ! -d $CEILOMETER_API_LOG_DIR ] && sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR
- sudo chown $USER $CEILOMETER_API_LOG_DIR
+ sudo chown $STACK_USER $CEILOMETER_API_LOG_DIR
iniset_rpc_backend ceilometer $CEILOMETER_CONF DEFAULT
diff --git a/lib/cinder b/lib/cinder
index 20d6e61..96d2505 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -199,7 +199,7 @@
fi
TEMPFILE=`mktemp`
- echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_CINDER_SUDOER_CMD" >$TEMPFILE
+ echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_CINDER_SUDOER_CMD" >$TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/cinder-rootwrap
diff --git a/lib/neutron b/lib/neutron
index 098a589..c4d9abc 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -4,6 +4,7 @@
# Dependencies:
# ``functions`` file
# ``DEST`` must be defined
+# ``STACK_USER`` must be defined
# ``stack.sh`` calls the entry points in this order:
#
@@ -730,7 +731,7 @@
# Set up the rootwrap sudoers for neutron
TEMPFILE=`mktemp`
- echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
+ echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/neutron-rootwrap
diff --git a/lib/nova b/lib/nova
index 5b6f50e..6ab2000 100644
--- a/lib/nova
+++ b/lib/nova
@@ -195,7 +195,7 @@
# Set up the rootwrap sudoers for nova
TEMPFILE=`mktemp`
- echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
+ echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/nova-rootwrap
diff --git a/lib/nova_plugins/hypervisor-libvirt b/lib/nova_plugins/hypervisor-libvirt
index 6fae0b1..6f90f4a 100644
--- a/lib/nova_plugins/hypervisor-libvirt
+++ b/lib/nova_plugins/hypervisor-libvirt
@@ -7,6 +7,7 @@
# Dependencies:
# ``functions`` file
# ``nova`` configuration
+# ``STACK_USER`` has to be defined
# install_nova_hypervisor - install any external requirements
# configure_nova_hypervisor - make configuration changes, including those to other services
@@ -68,7 +69,7 @@
# with 'unix-group:$group'.
sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla
[libvirt Management Access]
-Identity=unix-user:$USER
+Identity=unix-user:$STACK_USER
Action=org.libvirt.unix.manage
ResultAny=yes
ResultInactive=yes
diff --git a/lib/swift b/lib/swift
index 83c4ebb..c932ea7 100644
--- a/lib/swift
+++ b/lib/swift
@@ -225,7 +225,7 @@
swift-init --run-dir=${SWIFT_DATA_DIR}/run all stop || true
sudo mkdir -p ${SWIFT_CONF_DIR}/{object,container,account}-server
- sudo chown -R $USER: ${SWIFT_CONF_DIR}
+ sudo chown -R ${STACK_USER}: ${SWIFT_CONF_DIR}
if [[ "$SWIFT_CONF_DIR" != "/etc/swift" ]]; then
# Some swift tools are hard-coded to use ``/etc/swift`` and are apparently not going to be fixed.
@@ -238,7 +238,7 @@
# setup) we configure it with our version of rsync.
sed -e "
s/%GROUP%/${USER_GROUP}/;
- s/%USER%/$USER/;
+ s/%USER%/${STACK_USER}/;
s,%SWIFT_DATA_DIR%,$SWIFT_DATA_DIR,;
" $FILES/swift/rsyncd.conf | sudo tee /etc/rsyncd.conf
# rsyncd.conf just prepared for 4 nodes
@@ -252,7 +252,7 @@
cp ${SWIFT_DIR}/etc/proxy-server.conf-sample ${SWIFT_CONFIG_PROXY_SERVER}
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user
- iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user ${USER}
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user ${STACK_USER}
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT swift_dir
iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT swift_dir ${SWIFT_CONF_DIR}
@@ -339,7 +339,7 @@
node_path=${SWIFT_DATA_DIR}/${node_number}
iniuncomment ${swift_node_config} DEFAULT user
- iniset ${swift_node_config} DEFAULT user ${USER}
+ iniset ${swift_node_config} DEFAULT user ${STACK_USER}
iniuncomment ${swift_node_config} DEFAULT bind_port
iniset ${swift_node_config} DEFAULT bind_port ${bind_port}
@@ -410,7 +410,7 @@
swift_log_dir=${SWIFT_DATA_DIR}/logs
rm -rf ${swift_log_dir}
mkdir -p ${swift_log_dir}/hourly
- sudo chown -R $USER:adm ${swift_log_dir}
+ sudo chown -R ${STACK_USER}:adm ${swift_log_dir}
sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \
tee /etc/rsyslog.d/10-swift.conf
if is_apache_enabled_service swift; then
@@ -425,9 +425,9 @@
# First do a bit of setup by creating the directories and
# changing the permissions so we can run it as our user.
- USER_GROUP=$(id -g)
+ USER_GROUP=$(id -g ${STACK_USER})
sudo mkdir -p ${SWIFT_DATA_DIR}/{drives,cache,run,logs}
- sudo chown -R $USER:${USER_GROUP} ${SWIFT_DATA_DIR}
+ sudo chown -R ${STACK_USER}:${USER_GROUP} ${SWIFT_DATA_DIR}
# Create a loopback disk and format it to XFS.
if [[ -e ${SWIFT_DISK_IMAGE} ]]; then
@@ -439,7 +439,7 @@
mkdir -p ${SWIFT_DATA_DIR}/drives/images
sudo touch ${SWIFT_DISK_IMAGE}
- sudo chown $USER: ${SWIFT_DISK_IMAGE}
+ sudo chown ${STACK_USER}: ${SWIFT_DISK_IMAGE}
truncate -s ${SWIFT_LOOPBACK_DISK_SIZE} ${SWIFT_DISK_IMAGE}
@@ -462,9 +462,9 @@
node_device=${node}/sdb1
[[ -d $node ]] && continue
[[ -d $drive ]] && continue
- sudo install -o ${USER} -g $USER_GROUP -d $drive
- sudo install -o ${USER} -g $USER_GROUP -d $node_device
- sudo chown -R $USER: ${node}
+ sudo install -o ${STACK_USER} -g $USER_GROUP -d $drive
+ sudo install -o ${STACK_USER} -g $USER_GROUP -d $node_device
+ sudo chown -R ${STACK_USER}: ${node}
done
}
# create_swift_accounts() - Set up standard swift accounts and extra