Addtional CommandFilters to fix rootwrap on SLES

Fixes bug 1013147 (for SLES)

Change-Id: Ib362c913b809f7601a9a4faedede89b22794dfb7

3 files changed, 13 insertions, 0 deletions

diff --git a/Authors b/Authors
index b1893f5e6..331107fc2 100644
--- a/Authors
+++ b/Authors
@@ -173,6 +173,7 @@ Paul McMillan <paul.mcmillan@nebula.com>
 Paul Voccio <paul@openstack.org>
 Peng Yong <ppyy@pubyun.com>
 Philip Knouff <philip.knouff@mailtrust.com>
+Ralf Haferkamp <rhafer@suse.de>
 Renier Morales <renierm@us.ibm.com>
 Renuka Apte <renuka.apte@citrix.com>
 Ricardo Carrillo Cruz <emaildericky@gmail.com>
diff --git a/nova/rootwrap/compute.py b/nova/rootwrap/compute.py
index a8aca97c5..382e49926 100644
--- a/nova/rootwrap/compute.py
+++ b/nova/rootwrap/compute.py
@@ -100,6 +100,7 @@ filterlist = [
     # nova/virt/libvirt/vif.py: 'tunctl', '-b', '-t', dev
     # nova/network/linux_net.py: 'tunctl', '-b', '-t', dev
     filters.CommandFilter("/usr/sbin/tunctl", "root"),
+    filters.CommandFilter("/bin/tunctl", "root"),
 
     # nova/virt/libvirt/vif.py: 'ovs-vsctl', ...
     # nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ...
@@ -118,6 +119,7 @@ filterlist = [
     # nova/virt/xenapi/vm_utils.py: "parted", "--script", ...
     # nova/virt/xenapi/vm_utils.py: 'parted', '--script', dev_path, ..*.
     filters.CommandFilter("/sbin/parted", "root"),
+    filters.CommandFilter("/usr/sbin/parted", "root"),
 
     # nova/virt/xenapi/vm_utils.py: fdisk %(dev_path)s
     filters.CommandFilter("/sbin/fdisk", "root"),
@@ -130,15 +132,20 @@ filterlist = [
 
     # nova/network/linux_net.py: 'ip[6]tables-save' % (cmd,), '-t', ...
     filters.CommandFilter("/sbin/iptables-save", "root"),
+    filters.CommandFilter("/usr/sbin/iptables-save", "root"),
     filters.CommandFilter("/sbin/ip6tables-save", "root"),
+    filters.CommandFilter("/usr/sbin/ip6tables-save", "root"),
 
     # nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,)
     filters.CommandFilter("/sbin/iptables-restore", "root"),
+    filters.CommandFilter("/usr/sbin/iptables-restore", "root"),
     filters.CommandFilter("/sbin/ip6tables-restore", "root"),
+    filters.CommandFilter("/usr/sbin/ip6tables-restore", "root"),
 
     # nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ...
     # nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],..
     filters.CommandFilter("/usr/bin/arping", "root"),
+    filters.CommandFilter("/sbin/arping", "root"),
 
     # nova/network/linux_net.py: 'route', '-n'
     # nova/network/linux_net.py: 'route', 'del', 'default', 'gw'
diff --git a/nova/rootwrap/network.py b/nova/rootwrap/network.py
index 1d50caaf2..2d7ae1a23 100644
--- a/nova/rootwrap/network.py
+++ b/nova/rootwrap/network.py
@@ -40,15 +40,20 @@ filterlist = [
 
     # nova/network/linux_net.py: 'ip[6]tables-save' % (cmd,), '-t', ...
     filters.CommandFilter("/sbin/iptables-save", "root"),
+    filters.CommandFilter("/usr/sbin/iptables-save", "root"),
     filters.CommandFilter("/sbin/ip6tables-save", "root"),
+    filters.CommandFilter("/usr/sbin/ip6tables-save", "root"),
 
     # nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,)
     filters.CommandFilter("/sbin/iptables-restore", "root"),
+    filters.CommandFilter("/usr/sbin/iptables-restore", "root"),
     filters.CommandFilter("/sbin/ip6tables-restore", "root"),
+    filters.CommandFilter("/usr/sbin/ip6tables-restore", "root"),
 
     # nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ...
     # nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],..
     filters.CommandFilter("/usr/bin/arping", "root"),
+    filters.CommandFilter("/sbin/arping", "root"),
 
     # nova/network/linux_net.py: 'route', '-n'
     # nova/network/linux_net.py: 'route', 'del', 'default', 'gw'