diff options
| author | Pádraig Brady <pbrady@redhat.com> | 2012-11-22 16:53:19 +0000 |
|---|---|---|
| committer | Pádraig Brady <pbrady@redhat.com> | 2012-11-22 16:57:18 +0000 |
| commit | ee7eb552086b77d1ff06bd5c8563e68e2cbb7c04 (patch) | |
| tree | 07ca0762225e7421d05336e4de685d6e142faa32 /etc | |
| parent | 2d6abe49c35ab5c6200164455631a259eefe7457 (diff) | |
| download | nova-ee7eb552086b77d1ff06bd5c8563e68e2cbb7c04.tar.gz nova-ee7eb552086b77d1ff06bd5c8563e68e2cbb7c04.tar.xz nova-ee7eb552086b77d1ff06bd5c8563e68e2cbb7c04.zip | |
adjust rootwrap filters for recent file injection changes
Removed filters for guestmount, fusermount and cp.
Adjusted comment paths as per the recent refactoring.
Change-Id: I643554b89862225d16456e47daf6c11828f602d2
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/nova/rootwrap.d/compute.filters | 45 |
1 files changed, 15 insertions, 30 deletions
diff --git a/etc/nova/rootwrap.d/compute.filters b/etc/nova/rootwrap.d/compute.filters index db9ee2636..e9758d652 100644 --- a/etc/nova/rootwrap.d/compute.filters +++ b/etc/nova/rootwrap.d/compute.filters @@ -2,65 +2,50 @@ # This file should be owned by (and only-writeable by) the root user [Filters] -# nova/virt/disk/mount.py: 'kpartx', '-a', device -# nova/virt/disk/mount.py: 'kpartx', '-d', device +# nova/virt/disk/mount/api.py: 'kpartx', '-a', device +# nova/virt/disk/mount/api.py: 'kpartx', '-d', device kpartx: CommandFilter, /sbin/kpartx, root -# nova/virt/disk/mount.py: 'tune2fs', '-c', 0, '-i', 0, mapped_device # nova/virt/xenapi/vm_utils.py: tune2fs, -O ^has_journal, part_path # nova/virt/xenapi/vm_utils.py: tune2fs, -j, partition_path tune2fs: CommandFilter, /sbin/tune2fs, root -# nova/virt/disk/mount.py: 'mount', mapped_device, mount_dir +# nova/virt/disk/mount/api.py: 'mount', mapped_device +# nova/virt/disk/api.py: 'mount', '-o', 'bind', src, target # nova/virt/xenapi/vm_utils.py: 'mount', '-t', 'ext2,ext3,ext4,reiserfs'.. # nova/virt/configdrive.py: 'mount', device, mountdir mount: CommandFilter, /bin/mount, root -# nova/virt/disk/mount.py: 'umount', mapped_device +# nova/virt/disk/mount/api.py: 'umount', mapped_device +# nova/virt/disk/api.py: 'umount' target # nova/virt/xenapi/vm_utils.py: 'umount', dev_path # nova/virt/configdrive.py: 'umount', mountdir umount: CommandFilter, /bin/umount, root -# nova/virt/disk/nbd.py: 'qemu-nbd', '-c', device, image -# nova/virt/disk/nbd.py: 'qemu-nbd', '-d', device +# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-c', device, image +# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-d', device qemu-nbd: CommandFilter, /usr/bin/qemu-nbd, root -# nova/virt/disk/loop.py: 'losetup', '--find', '--show', image -# nova/virt/disk/loop.py: 'losetup', '--detach', device +# nova/virt/disk/mount/loop.py: 'losetup', '--find', '--show', image +# nova/virt/disk/mount/loop.py: 'losetup', '--detach', device losetup: CommandFilter, /sbin/losetup, root -# nova/virt/disk/guestfs.py: 'guestmount', '--rw', '-a', image, '-i' -# nova/virt/disk/guestfs.py: 'guestmount', '--rw', '-a', image, '-m' dev -guestmount: CommandFilter, /usr/bin/guestmount, root - -# nova/virt/disk/guestfs.py: 'fusermount', 'u', mount_dir -fusermount: CommandFilter, /bin/fusermount, root -fusermount_usr: CommandFilter, /usr/bin/fusermount, root - -# nova/virt/disk/api.py: 'tee', metadata_path -# nova/virt/disk/api.py: 'tee', '-a', keyfile -# nova/virt/disk/api.py: 'tee', netfile +# nova/virt/disk/vfs/localfs.py: 'tee', canonpath tee: CommandFilter, /usr/bin/tee, root -# nova/virt/disk/api.py: 'mkdir', '-p', sshdir -# nova/virt/disk/api.py: 'mkdir', '-p', netdir +# nova/virt/disk/vfs/localfs.py: 'mkdir', canonpath mkdir: CommandFilter, /bin/mkdir, root -# nova/virt/disk/api.py: 'chown', 'root', sshdir -# nova/virt/disk/api.py: 'chown', 'root:root', netdir +# nova/virt/disk/vfs/localfs.py: 'chown' # nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log # nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log # nova/virt/libvirt/connection.py: 'chown', 'root', basepath('disk') # nova/utils.py: 'chown', owner_uid, path chown: CommandFilter, /bin/chown, root -# nova/virt/disk/api.py: 'chmod', '700', sshdir -# nova/virt/disk/api.py: 'chmod', 755, netdir +# nova/virt/disk/vfs/localfs.py: 'chmod' chmod: CommandFilter, /bin/chmod, root -# nova/virt/disk/api.py: 'cp', os.path.join(fs... -cp: CommandFilter, /bin/cp, root - # nova/virt/libvirt/vif.py: 'ip', 'tuntap', 'add', dev, 'mode', 'tap' # nova/virt/libvirt/vif.py: 'ip', 'link', 'set', dev, 'up' # nova/virt/libvirt/vif.py: 'ip', 'link', 'delete', dev @@ -169,7 +154,7 @@ mkfs: CommandFilter, /sbin/mkfs, root # nova/virt/libvirt/utils.py: 'qemu-img' qemu-img: CommandFilter, /usr/bin/qemu-img, root -# nova/virt/disk/api.py: 'readlink', '-e' +# nova/virt/disk/vfs/localfs.py: 'readlink', '-e' readlink: CommandFilter, /bin/readlink, root readlink_usr: CommandFilter, /usr/bin/readlink, root |