Adopt oslo.privsep
Privsep is a new replacement for rootwrap, which will mean we no longer need to copy and paste rootwrap configuration files around as part of integrating libraries like os-brick and os-vif. The approved specification for the oslo library may be found at http://
This BP tracks adopting oslo.privsep where useful in nova, prioritising os-brick and os-vif libraries.
Blueprint information
- Status:
- Complete
- Approver:
- Michael Still
- Priority:
- High
- Drafter:
- Angus Lees
- Direction:
- Approved
- Assignee:
- Angus Lees
- Definition:
- Approved
- Series goal:
- Accepted for newton
- Implementation:
-
Implemented
- Milestone target:
-
newton-1
- Started by
- John Garbutt
- Completed by
- Matt Riedemann
Related branches
Related bugs
Sprints
Whiteboard
Approved, per discussion at nova meeting 19 November 2015 and IRC conversation. --mikalstill
Gerrit topic: https:/
Addressed by: https:/
Add os-brick rootwrap filter for privsep
Addressed by: https:/
Require privsep-based os-brick
Moved to newton, due to os-brick not releasing with this support --johnthetubaguy 2nd march 2016
I'm not sure if we should just consider this done with https:/
Marking this as implemented for Newton, the only thing that really got into Nova in Newton was this:
https:/
But that was to enable os-brick, which is having issues with grenade testing since we didn't get that rootwrap filter into Mitaka, but that's being sorted out separately. If people plan on changing nova to use privsep instead of rootwrap in Ocata we'll open a new blueprint for that then. -- mriedem 20160705
