Hi, How much work would would be needed to get this added in quantum?
Thanks chuck On Wed, 08 Aug 2012 15:31:59 +0200 Thierry Carrez <thie...@openstack.org> wrote: > Hi everyone, > > Quantum currently contains bin/quantum-rootwrap, a copy of > nova-rootwrap supposed to control its privilege escalation to run > commands as root. > > However quantum-rootwrap is currently non-functional, missing a lot of > filter definitions that are necessary for it to work correctly. > Quantum is generally run with root_helper=sudo and a wildcard sudoers > file. That means Quantum is not ready to deprecate in Folsom (and > remove in Grizzly) its ability to run with root_helper=sudo, like > Nova and Cinder do. > > I discussed this with Dan, and it appears that the sanest approach > would be to remove quantum-rootwrap from Quantum and only support > root_helper=sudo (the only option that works). I suspect nobody is > actually using quantum-rootwrap right now anyway, given how broken it > seems to be. For the first official release of Quantum as an OpenStack > core project, I would prefer not to ship half-working options :) > > Quantum would then wait for rootwrap to move to openstack-common > (should be done in Grizzly) to reconsider using it. > > Let me know if any of you see issues with that approach. > (posted to the general list to get the widest feedback). > _______________________________________________ Mailing list: https://launchpad.net/~openstack Post to : openstack@lists.launchpad.net Unsubscribe : https://launchpad.net/~openstack More help : https://help.launchpad.net/ListHelp