devstack源码分析
2013-08-19 16:14
141 查看
# root Access
# -----------
# OpenStack is designed to be run as a non-root user; Horizon will fail to run
# as **root** since Apache will not serve content from **root** user). If
# ``stack.sh`` is run as **root**, it automatically creates a **stack** user with
# sudo privileges and runs as that user.
if [[ $EUID -eq 0 ]]; then
ROOTSLEEP=${ROOTSLEEP:-10}
echo "You are running this script as root."
echo "In $ROOTSLEEP seconds, we will create a user '$STACK_USER' and run as that user"
sleep $ROOTSLEEP
# Give the non-root user the ability to run as **root** via ``sudo``
is_package_installed sudo || install_package sudo
if ! getent group $STACK_USER >/dev/null; then
echo "Creating a group called $STACK_USER"
groupadd $STACK_USER
fi
if ! getent passwd $STACK_USER >/dev/null; then
echo "Creating a user called $STACK_USER"
useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER
fi
echo "Giving stack user passwordless sudo privileges"
# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
echo "#includedir /etc/sudoers.d" >> /etc/sudoers
( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \
> /etc/sudoers.d/50_stack_sh )
echo "Copying files to $STACK_USER user"
STACK_DIR="$DEST/${TOP_DIR##*/}"
cp -r -f -T "$TOP_DIR" "$STACK_DIR"
chown -R $STACK_USER "$STACK_DIR"
cd "$STACK_DIR"
if [[ "$SHELL_AFTER_RUN" != "no" ]]; then
exec sudo -u $STACK_USER bash -l -c "set -e; bash stack.sh; bash"
else
exec sudo -u $STACK_USER bash -l -c "set -e; source stack.sh"
fi
exit 1
else
# We're not **root**, make sure ``sudo`` is available
is_package_installed sudo || die "Sudo is required. Re-run stack.sh as root ONE TIME ONLY to set up sudo."
# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
# Set up devstack sudoers
TEMPFILE=`mktemp`
echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE
# Some binaries might be under /sbin or /usr/sbin, so make sure sudo will
# see them by forcing PATH
echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
# Remove old file
sudo rm -f /etc/sudoers.d/stack_sh_nova
fi
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- Neutron中关于Devstack的源码分析
- devstack源码分析
- String的部分源码分析(compareTo、valueOf、indexOf、lastIndexOf)(二)
- 源码分析:静态分析 C 程序函数调用关系图
- Android_launcher的源码详细分析
- pppoe协议和pppd源码分析
- Linux内核源码分析方法
- 【LSH源码分析】p稳定分布LSH算法
- 【机器学习经典算法源码分析系列】-- 逻辑回归
- Android源码分析-全面理解Context
- 深入理解Spark 2.1 Core (六):Standalone模式运行的原理与源码分析
- nginx源码分析(2)- 概览
- 分布式文件系统KFS源码阅读与分析(二):MetaServer元数据持久化
- 《转》 Ceilometer项目源码分析----ceilometer项目源码结构分析
- SIFT原理与源码分析:DoG尺度空间构造
- home键源码分析
- Android源码分析之理解Window和WindowManager
- memcache源码分析之assoc
- KAZE 算法原理与源码分析(四)KAZE特征的性能分析与比较
- onMeasure()源码分析及自定义View对于wrap_content的支持