From a519752eef157aaa03c9f6169eba1ff1b5a9f1bd Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Wed, 20 Jun 2012 11:28:22 +0200 Subject: [PATCH] Addtional CommandFilters to fix rootwrap on SLES Fixes bug 1013147 (for SLES) Change-Id: Ib362c913b809f7601a9a4faedede89b22794dfb7 --- Authors | 1 + nova/rootwrap/compute.py | 7 +++++++ nova/rootwrap/network.py | 5 +++++ 3 files changed, 13 insertions(+) diff --git a/Authors b/Authors index b1893f5e6c8..331107fc217 100644 --- a/Authors +++ b/Authors @@ -173,6 +173,7 @@ Paul McMillan Paul Voccio Peng Yong Philip Knouff +Ralf Haferkamp Renier Morales Renuka Apte Ricardo Carrillo Cruz diff --git a/nova/rootwrap/compute.py b/nova/rootwrap/compute.py index a8aca97c51b..382e4992640 100644 --- a/nova/rootwrap/compute.py +++ b/nova/rootwrap/compute.py @@ -100,6 +100,7 @@ # nova/virt/libvirt/vif.py: 'tunctl', '-b', '-t', dev # nova/network/linux_net.py: 'tunctl', '-b', '-t', dev filters.CommandFilter("/usr/sbin/tunctl", "root"), + filters.CommandFilter("/bin/tunctl", "root"), # nova/virt/libvirt/vif.py: 'ovs-vsctl', ... # nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ... @@ -118,6 +119,7 @@ # nova/virt/xenapi/vm_utils.py: "parted", "--script", ... # nova/virt/xenapi/vm_utils.py: 'parted', '--script', dev_path, ..*. filters.CommandFilter("/sbin/parted", "root"), + filters.CommandFilter("/usr/sbin/parted", "root"), # nova/virt/xenapi/vm_utils.py: fdisk %(dev_path)s filters.CommandFilter("/sbin/fdisk", "root"), @@ -130,15 +132,20 @@ # nova/network/linux_net.py: 'ip[6]tables-save' % (cmd,), '-t', ... filters.CommandFilter("/sbin/iptables-save", "root"), + filters.CommandFilter("/usr/sbin/iptables-save", "root"), filters.CommandFilter("/sbin/ip6tables-save", "root"), + filters.CommandFilter("/usr/sbin/ip6tables-save", "root"), # nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,) filters.CommandFilter("/sbin/iptables-restore", "root"), + filters.CommandFilter("/usr/sbin/iptables-restore", "root"), filters.CommandFilter("/sbin/ip6tables-restore", "root"), + filters.CommandFilter("/usr/sbin/ip6tables-restore", "root"), # nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ... # nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],.. filters.CommandFilter("/usr/bin/arping", "root"), + filters.CommandFilter("/sbin/arping", "root"), # nova/network/linux_net.py: 'route', '-n' # nova/network/linux_net.py: 'route', 'del', 'default', 'gw' diff --git a/nova/rootwrap/network.py b/nova/rootwrap/network.py index 1d50caaf21e..2d7ae1a2322 100644 --- a/nova/rootwrap/network.py +++ b/nova/rootwrap/network.py @@ -40,15 +40,20 @@ # nova/network/linux_net.py: 'ip[6]tables-save' % (cmd,), '-t', ... filters.CommandFilter("/sbin/iptables-save", "root"), + filters.CommandFilter("/usr/sbin/iptables-save", "root"), filters.CommandFilter("/sbin/ip6tables-save", "root"), + filters.CommandFilter("/usr/sbin/ip6tables-save", "root"), # nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,) filters.CommandFilter("/sbin/iptables-restore", "root"), + filters.CommandFilter("/usr/sbin/iptables-restore", "root"), filters.CommandFilter("/sbin/ip6tables-restore", "root"), + filters.CommandFilter("/usr/sbin/ip6tables-restore", "root"), # nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ... # nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],.. filters.CommandFilter("/usr/bin/arping", "root"), + filters.CommandFilter("/sbin/arping", "root"), # nova/network/linux_net.py: 'route', '-n' # nova/network/linux_net.py: 'route', 'del', 'default', 'gw'