From 4a8f2b0d44ee10dfac2d3d828cd9dc574d5ddbb2 Mon Sep 17 00:00:00 2001 From: Angus Lees Date: Wed, 15 Jun 2016 15:46:38 +1000 Subject: [PATCH] Initialise oslo.privsep early in main Any process using oslo.privsep should now initialise the library before first use with things like the rootwrap command to use. This should be done near the top of main() in any command that expects to make privileged calls via oslo.privsep (eg: nova-compute, and not nova-api). See I3ea73e16b07a870629e7d69e897f2524d7068ae8 for the corresponding change in oslo.privsep. Change-Id: I3a52f762deb176fe9201b2a0f0da363057f8aaec Depends-On: I52259e2023e277e8fd62be5df4fd7f799e9b36d7 Closes-Bug: #1592043 --- nova/cmd/compute.py | 3 +++ requirements.txt | 1 + 2 files changed, 4 insertions(+) diff --git a/nova/cmd/compute.py b/nova/cmd/compute.py index 40e5b2bd5d..5e10b0eb5f 100644 --- a/nova/cmd/compute.py +++ b/nova/cmd/compute.py @@ -16,10 +16,12 @@ """Starter script for Nova Compute.""" +import shlex import sys import traceback from oslo_log import log as logging +from oslo_privsep import priv_context from oslo_reports import guru_meditation_report as gmr from nova.conductor import rpcapi as conductor_rpcapi @@ -55,6 +57,7 @@ def block_db_access(): def main(): config.parse_args(sys.argv) logging.setup(CONF, 'nova') + priv_context.init(root_helper=shlex.split(utils.get_root_helper())) utils.monkey_patch() objects.register_all() diff --git a/requirements.txt b/requirements.txt index 9ca6961a13..c4f27d2656 100644 --- a/requirements.txt +++ b/requirements.txt @@ -46,6 +46,7 @@ oslo.db>=4.1.0 # Apache-2.0 oslo.rootwrap>=2.0.0 # Apache-2.0 oslo.messaging>=5.2.0 # Apache-2.0 oslo.policy>=1.9.0 # Apache-2.0 +oslo.privsep>=1.9.0 # Apache-2.0 oslo.i18n>=2.1.0 # Apache-2.0 oslo.service>=1.10.0 # Apache-2.0 rfc3986>=0.2.0 # Apache-2.0