Horizon container can't read *policy.json in /etc/openstack-dashboard
Bug #1723125 reported by
Martin André
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
tripleo |
Fix Released
|
High
|
Martin André |
Bug Description
For some obscure reasons kolla sets the permission for the files in /etc/openstack-
Our recent change to the puppet-generated directory for copying in the configuration files in the container broke the workaround we had in place.
One way to fix the ownership could be at runtime with the kolla_config's perms structure.
[1] https:/
[2] https:/
Changed in tripleo: | |
assignee: | nobody → Martin André (mandre) |
status: | Triaged → In Progress |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/511442 /git.openstack. org/cgit/ openstack/ tripleo- heat-templates/ commit/ ?id=fd657aa4e68 de7ad239a88525b 5ae343acd3bf80
Committed: https:/
Submitter: Zuul
Branch: master
commit fd657aa4e68de7a d239a88525b5ae3 43acd3bf80
Author: Rhys Oxenham <email address hidden>
Date: Thu Oct 12 10:31:42 2017 +0100
Fix /etc/openstack- dashboard/ permissions for access to *policy.json
The Kolla Dockerfile sets the permissions for /etc/openstack- dashboard/
to horizon:horizon. We need this to be readable by the apache user
as the horizon user is not the user in which httpd runs with. We may
want to consider fixing this in the upstream Dockerfile instead, e.g.
checking if we're using centos/rhel and changing the permissions that
way. I'm not sure why it's set to horizon:horizon upstream, and I'm keen
not to break any existing functionality that relies on the horizon based
permissions.
Closes-Bug: #1723125 fffa60bfaedc452 1f676006484
Change-Id: If5feebae38f7fd