anvil

Run OpenStack deamons under different system users

Registered by Alexej Ababilov on 2013-05-31

Currently, all daemons run as root. It will be more secure if we use separate users as was done in Grid Dynamics' Altai (`nova`, `glance`, etc.)
We must install sudoers files as well.

Blueprint information

Status:: Complete

Approver:: Joshua Harlow

Priority:: High

Drafter:: None

Direction:: Approved

Assignee:: Alexej Ababilov

Definition:: Approved

Series goal:: None

Implementation:: Implemented

Milestone target:: None

Started by: Alexej Ababilov on 2013-06-24

Completed by: Alexej Ababilov on 2013-06-24

Related branches

Related bugs

Sprints

Whiteboard

This would just affect the starting phase right, and possibly the install phase (where the users would have to be created?). Would the user to run as be part of the component configuration, that would seem to make sense.

Gerrit topic: https://review.openstack.org/#q,topic:bp/purge-etc,n,z

Addressed by: https://review.openstack.org/31821
Build OpenStack packages from custom specs

Gerrit topic: https://review.openstack.org/#q,topic:bp/different-openstack-users,n,z

Gerrit topic: https://review.openstack.org/#q,topic:different-openstack-users,n,z

Addressed by: https://review.openstack.org/32423
Add Openvswitch component

Addressed by: https://review.openstack.org/33389
Build OpenStack packages from custom specs

Addressed by: https://review.openstack.org/33400
Add Openvswitch component

(?)

Work Items

This blueprint contains Public information

Everyone can see this information.

Subscribers

No subscribers.