That does work for me, except it means I'll still need to port it to privsep to hit my goal of no rootwrap in Queens. I can live with that.
Michael On Wed, Nov 8, 2017 at 4:54 PM, Matt Riedemann <mriede...@gmail.com> wrote: > On 11/8/2017 12:24 PM, Michael Still wrote: > >> Hi, >> >> a really really long time ago (think 2011), we added support in Nova for >> configuring the mkfs commands that are run for new ephemeral disks using >> the virt_mkfs command. The current implementation is in >> nova/virt/disk/api.py for your reading pleasure. >> >> I'm battling a little with how to move this code to privsep, because I >> have resisted providing any method which just takes a command line and runs >> it with escalated permissions, as I feel this defeats the purpose of >> privsep. >> >> I could just pickup all the command line parsing code and move it into >> privsep, but I am left wondering if anyone actually uses this >> functionality, or if we should just deprecate it all? >> >> I'd appreciate your thoughts. >> >> Michael >> >> >> ____________________________________________________________ >> ______________ >> OpenStack Development Mailing List (not for usage questions) >> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscrib >> e >> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >> >> > Let's deprecate it, put a warning in the logs if it's used in Queens, > deprecation release note and then remove it in Rocky. > > Does that work for you? > > -- > > Thanks, > > Matt > > __________________________________________________________________________ > OpenStack Development Mailing List (not for usage questions) > Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev >
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
