rpms / openstack-puppet-modules

Clone
Source Code
GIT

Files

  1.   41153e01898a9475d919f5ef1465270e5ab5f627
  2.   0001-Remove-ability-to-manage-the-nova-uid-gid.patch
Blob Blame History Raw 
From 0695d85160fa02cd5332e8a70efac221a6f0e104 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Martin=20M=C3=A1gr?= <mmagr@redhat.com>
Date: Thu, 4 Sep 2014 21:55:12 +0200
Subject: [PATCH 3/5] Remove ability to manage the nova uid/gid.

Any user modification before standard system package creates the
user is wrong. Usecase of patch adding the user is also broken as
there are several other options: provide user before whole class
nova, have user id enforced by package or as most humans do accept
that in multi host enviroments there are 3 layers - user, group and
netgroup. In all cases nova puppet module should never touch the
user as it's provided by package on all supported systems.

Closes-Bug: rhbz#1115946
Change-Id: If22b27f5fb78ba6821f4d6e8c275f8b80c70dd59
---
 manifests/compute/libvirt.pp   |  2 +-
 manifests/consoleauth.pp       |  2 +-
 manifests/init.pp              | 22 +---------------------
 manifests/objectstore.pp       |  2 +-
 spec/classes/nova_init_spec.rb | 40 +---------------------------------------
 5 files changed, 5 insertions(+), 63 deletions(-)

diff --git a/manifests/compute/libvirt.pp b/manifests/compute/libvirt.pp
index fe6ea33..a0a1712 100644
--- a/manifests/compute/libvirt.pp
+++ b/manifests/compute/libvirt.pp
@@ -105,7 +105,7 @@ class nova::compute::libvirt (
     package { "nova-compute-${libvirt_virt_type_real}":
       ensure  => present,
       before  => Package['nova-compute'],
-      require => User['nova'],
+      require => Package['nova-common'],
     }
   }
 
diff --git a/manifests/consoleauth.pp b/manifests/consoleauth.pp
index 953e712..4813b36 100644
--- a/manifests/consoleauth.pp
+++ b/manifests/consoleauth.pp
@@ -33,7 +33,7 @@ class nova::consoleauth(
     package_name   => $::nova::params::consoleauth_package_name,
     service_name   => $::nova::params::consoleauth_service_name,
     ensure_package => $ensure_package,
-    require        => User['nova'],
+    require        => Package['nova-common'],
   }
 
 }
diff --git a/manifests/init.pp b/manifests/init.pp
index 3202db0..648a047 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -297,8 +297,6 @@ class nova(
   $ca_file                  = false,
   $cert_file                = false,
   $key_file                 = false,
-  $nova_user_id             = undef,
-  $nova_group_id            = undef,
   $nova_public_key          = undef,
   $nova_private_key         = undef,
   $nova_shell               = '/bin/false',
@@ -339,24 +337,6 @@ class nova(
     }
   }
 
-  group { 'nova':
-    ensure  => present,
-    system  => true,
-    gid     => $nova_group_id,
-    before  => User['nova'],
-  }
-
-  user { 'nova':
-    ensure     => present,
-    system     => true,
-    groups     => 'nova',
-    home       => '/var/lib/nova',
-    managehome => false,
-    shell      => $nova_shell,
-    uid        => $nova_user_id,
-    gid        => $nova_group_id,
-  }
-
   if $nova_public_key or $nova_private_key {
     file { '/var/lib/nova/.ssh':
       ensure => directory,
@@ -445,7 +425,7 @@ class nova(
   package { 'nova-common':
     ensure  => $ensure_package,
     name    => $::nova::params::common_package_name,
-    require => [Package['python-nova'], Anchor['nova-start'], User['nova']]
+    require => [Package['python-nova'], Anchor['nova-start']]
   }
 
   file { '/etc/nova/nova.conf':
diff --git a/manifests/objectstore.pp b/manifests/objectstore.pp
index d8b6359..466be81 100644
--- a/manifests/objectstore.pp
+++ b/manifests/objectstore.pp
@@ -35,7 +35,7 @@ class nova::objectstore(
     package_name   => $::nova::params::objectstore_package_name,
     service_name   => $::nova::params::objectstore_service_name,
     ensure_package => $ensure_package,
-    require        => User['nova'],
+    require        => Package['nova-common'],
   }
 
   nova_config {
diff --git a/spec/classes/nova_init_spec.rb b/spec/classes/nova_init_spec.rb
index c66b04b..9ff3985 100644
--- a/spec/classes/nova_init_spec.rb
+++ b/spec/classes/nova_init_spec.rb
@@ -22,22 +22,6 @@ describe 'nova' do
         )
       end
 
-      it 'creates user and group' do
-        should contain_group('nova').with(
-          :ensure  => 'present',
-          :system  => true,
-          :before  => 'User[nova]'
-        )
-        should contain_user('nova').with(
-          :ensure     => 'present',
-          :system     => true,
-          :groups     => 'nova',
-          :home       => '/var/lib/nova',
-          :managehome => false,
-          :shell      => '/bin/false'
-        )
-      end
-
       it 'creates various files and folders' do
         should contain_file('/var/log/nova').with(
           :ensure  => 'directory',
@@ -130,29 +114,7 @@ describe 'nova' do
           :notification_driver      => 'ceilometer.compute.nova_notifier',
           :notification_topics      => 'openstack',
           :notify_api_faults        => true,
-          :nova_user_id             => '499',
-          :nova_group_id            => '499',
-          :report_interval          => '60',
-          :nova_shell               => '/bin/bash' }
-      end
-
-      it 'creates user and group' do
-        should contain_group('nova').with(
-          :ensure  => 'present',
-          :system  => true,
-          :gid     => '499',
-          :before  => 'User[nova]'
-        )
-        should contain_user('nova').with(
-          :ensure     => 'present',
-          :system     => true,
-          :groups     => 'nova',
-          :home       => '/var/lib/nova',
-          :managehome => false,
-          :shell      => '/bin/bash',
-          :uid        => '499',
-          :gid        => '499'
-        )
+          :report_interval          => '60' }
       end
 
       it 'installs packages' do
-- 
1.9.3
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.