From 1111e3dd2f8ae4f5c4bf921286d73dc833db868a Mon Sep 17 00:00:00 2001 From: Rodolfo Alonso Hernandez Date: Tue, 29 Oct 2019 10:57:34 +0000 Subject: [PATCH] Add agents.l3 "radvd_user" configuration option Based on new Neutron configuration option [1], it will allow to define the user to run the radvd daemon in the L3 agent. By default, the user will be "root", to solve the problem found in the related bug. [1] Ie9a6fbf04d453a3c1c0bddf9ecaa3d4d6467e8ff Change-Id: I8a1bff166ee78dca402457fd1498e5906380c9ed Closes-Bug: #1844688 (cherry picked from commit ab1049ae014d927f29b08079a89914446bb9acb3) --- manifests/agents/l3.pp | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/manifests/agents/l3.pp b/manifests/agents/l3.pp index 04915f292..3b9a85111 100644 --- a/manifests/agents/l3.pp +++ b/manifests/agents/l3.pp @@ -87,6 +87,13 @@ # (optional) L3 agent extensions to enable. # Defaults to $::os_service_default # +# [*radvd_user*] +# (optional) The username passed to radvd, used to drop root privileges and +# change user ID to username and group ID to the primary group of username. +# If no user specified, the user executing the L3 agent will be passed. If +# "root" specified, because radvd is spawned as root, no "username" parameter +# will be passed. +# class neutron::agents::l3 ( $package_ensure = 'present', $enabled = true, @@ -107,6 +114,7 @@ class neutron::agents::l3 ( $purge_config = false, $availability_zone = $::os_service_default, $extensions = $::os_service_default, + $radvd_user = $::os_service_default, ) { include ::neutron::deps @@ -134,6 +142,7 @@ class neutron::agents::l3 ( 'DEFAULT/periodic_fuzzy_delay': value => $periodic_fuzzy_delay; 'DEFAULT/enable_metadata_proxy': value => $enable_metadata_proxy; 'DEFAULT/agent_mode': value => $agent_mode; + 'DEFAULT/radvd_user': value => $radvd_user; 'agent/availability_zone': value => $availability_zone; 'agent/extensions': value => $extensions; }