Code Review / apex-puppet-tripleo.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 85f5cc2) | patch
Use normal socket file permissions instead of polkit
authorOliver Walsh <owalsh@redhat.com>
Tue, 25 Jul 2017 20:05:35 +0000 (21:05 +0100)
committerEmilien Macchi <emilien@redhat.com>
Wed, 2 Aug 2017 18:08:38 +0000 (18:08 +0000)
commit1b82fe40fe53572703854fcdbeda72cdf148e9c1
tree31f48df7fe85839725406de81b4e1d2bd11a846btree | snapshot
parent85f5cc23d41e0e0939425ffce3083d42d6d4187dcommit | diff
Use normal socket file permissions instead of polkit

The default (on RHEL/CentOS) is to use polkit but this is only useful
for GUI support or for fine grained API access control.  As we don't
require either we can achieve identical control using plain old unix
filesystem permissions.

I've merged Sven's changes from https://review.openstack.org/484979
and https://review.openstack.org/487150.

As we need to be careful with the libvirtd option quoting I think it's
best to do this in puppet-tripleo instead of t-h-t yaml.

The option to override the settings from t-h-t remains.

Co-Authored-By: Sven Anderson <sven@redhat.com>
Reverts I91be1f1eacf8eed9017bbfef393ee2d66771e8d6

Closes-bug: 1696504

Change-Id: I507bdd8e3a461091562177403a2a55fcaf6694d2
Depends-On: I17f6c9b5a6e2120a53bae296042ece492210597a
manifests/profile/base/docker.pp diff | blob | history
manifests/profile/base/nova/libvirt.pp diff | blob | history
spec/classes/tripleo_profile_base_docker_spec.rb diff | blob | history
spec/classes/tripleo_profile_base_nova_libvirt_spec.rb diff | blob | history