devstack源码分析
2013-08-19 16:14
141 查看
# root Access # ----------- # OpenStack is designed to be run as a non-root user; Horizon will fail to run # as **root** since Apache will not serve content from **root** user). If # ``stack.sh`` is run as **root**, it automatically creates a **stack** user with # sudo privileges and runs as that user. if [[ $EUID -eq 0 ]]; then ROOTSLEEP=${ROOTSLEEP:-10} echo "You are running this script as root." echo "In $ROOTSLEEP seconds, we will create a user '$STACK_USER' and run as that user" sleep $ROOTSLEEP # Give the non-root user the ability to run as **root** via ``sudo`` is_package_installed sudo || install_package sudo if ! getent group $STACK_USER >/dev/null; then echo "Creating a group called $STACK_USER" groupadd $STACK_USER fi if ! getent passwd $STACK_USER >/dev/null; then echo "Creating a user called $STACK_USER" useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER fi echo "Giving stack user passwordless sudo privileges" # UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers || echo "#includedir /etc/sudoers.d" >> /etc/sudoers ( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \ > /etc/sudoers.d/50_stack_sh ) echo "Copying files to $STACK_USER user" STACK_DIR="$DEST/${TOP_DIR##*/}" cp -r -f -T "$TOP_DIR" "$STACK_DIR" chown -R $STACK_USER "$STACK_DIR" cd "$STACK_DIR" if [[ "$SHELL_AFTER_RUN" != "no" ]]; then exec sudo -u $STACK_USER bash -l -c "set -e; bash stack.sh; bash" else exec sudo -u $STACK_USER bash -l -c "set -e; source stack.sh" fi exit 1 else # We're not **root**, make sure ``sudo`` is available is_package_installed sudo || die "Sudo is required. Re-run stack.sh as root ONE TIME ONLY to set up sudo." # UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers || echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers # Set up devstack sudoers TEMPFILE=`mktemp` echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE # Some binaries might be under /sbin or /usr/sbin, so make sure sudo will # see them by forcing PATH echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE chmod 0440 $TEMPFILE sudo chown root:root $TEMPFILE sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh # Remove old file sudo rm -f /etc/sudoers.d/stack_sh_nova fi
相关文章推荐
- Neutron中关于Devstack的源码分析
- devstack源码分析
- String的部分源码分析(compareTo、valueOf、indexOf、lastIndexOf)(二)
- 源码分析:静态分析 C 程序函数调用关系图
- Android_launcher的源码详细分析
- pppoe协议和pppd源码分析
- Linux内核源码分析方法
- 【LSH源码分析】p稳定分布LSH算法
- 【机器学习经典算法源码分析系列】-- 逻辑回归
- Android源码分析-全面理解Context
- 深入理解Spark 2.1 Core (六):Standalone模式运行的原理与源码分析
- nginx源码分析(2)- 概览
- 分布式文件系统KFS源码阅读与分析(二):MetaServer元数据持久化
- 《转》 Ceilometer项目源码分析----ceilometer项目源码结构分析
- SIFT原理与源码分析:DoG尺度空间构造
- home键源码分析
- Android源码分析之理解Window和WindowManager
- memcache源码分析之assoc
- KAZE 算法原理与源码分析(四)KAZE特征的性能分析与比较
- onMeasure()源码分析及自定义View对于wrap_content的支持