At the moment rootwrap can not find privsep-helper binary as it's located
in glance bin directory, which is inside the virtual environemnt.
In order to properly use privsep we must define venv bin directory in
allowed exec_dirs of rootwrap.
This also introduces new variable `glance_rootwrap_conf_overrides`
that allows to manage some extra overrides for rootwrap if needed.
Reviewed: https:/ /review. opendev. org/c/openstack /openstack- ansible- os_glance/ +/900930 /opendev. org/openstack/ openstack- ansible- os_glance/ commit/ c2428ab8da9cc38 68b5ae86140a63e 4a33e28eca
Committed: https:/
Submitter: "Zuul (22348)"
Branch: master
commit c2428ab8da9cc38 68b5ae86140a63e 4a33e28eca
Author: Dmitriy Rabotyagov <email address hidden>
Date: Tue Nov 14 18:49:27 2023 +0100
Add glance_bin to rootwrap defenition
At the moment rootwrap can not find privsep-helper binary as it's located
in glance bin directory, which is inside the virtual environemnt.
In order to properly use privsep we must define venv bin directory in
allowed exec_dirs of rootwrap.
This also introduces new variable `glance_ rootwrap_ conf_overrides`
that allows to manage some extra overrides for rootwrap if needed.
Closes-Bug: #2043503 0fc7b102bf62d61 34f83c5925f
Change-Id: I4ee3fc33fdbeb5