Use normal socket file permissions instead of polkit
The default (on RHEL/CentOS) is to use polkit but this is only useful
for GUI support or for fine grained API access control. As we don't
require either we can achieve identical control using plain old unix
filesystem permissions.
Reviewed: https:/ /review. openstack. org/479816 /git.openstack. org/cgit/ openstack/ puppet- tripleo/ commit/ ?id=1b82fe40fe5 3572703854fcdbe da72cdf148e9c1
Committed: https:/
Submitter: Jenkins
Branch: master
commit 1b82fe40fe53572 703854fcdbeda72 cdf148e9c1
Author: Oliver Walsh <email address hidden>
Date: Tue Jul 25 21:05:35 2017 +0100
Use normal socket file permissions instead of polkit
The default (on RHEL/CentOS) is to use polkit but this is only useful
for GUI support or for fine grained API access control. As we don't
require either we can achieve identical control using plain old unix
filesystem permissions.
I've merged Sven's changes from https:/ /review. openstack. org/484979 /review. openstack. org/487150.
and https:/
As we need to be careful with the libvirtd option quoting I think it's
best to do this in puppet-tripleo instead of t-h-t yaml.
The option to override the settings from t-h-t remains.
Co-Authored-By: Sven Anderson <email address hidden>
Reverts I91be1f1eacf8ee d9017bbfef393ee 2d66771e8d6
Closes-bug: 1696504
Change-Id: I507bdd8e3a4610 91562177403a2a5 5fcaf6694d2 0a53bae296042ec e492210597a
Depends-On: I17f6c9b5a6e212