Containerized sshd does not work with older PAM
sshd containers don't let logins on some systems with older PAM library because /proc/self/loginuid is not always readable or writeable. Examples of possible failures on such systems are erroneous cold and live migrations. This change is derivied form Ic14255b042ceedcff536c062bdcba00502af7a87 and takes the same approch as was done for crond in Id384780e8394b40a91761e7fbbc0f8e44263d681 Resolves: rhbz#2248873 Change-Id: I592c1182f409ebc486fb33429c3608a67d8ac3e9
This commit is contained in:
Sean Mooney
parent
e5b18f2839
commit
ac81089329
|
|
@ -7,6 +7,7 @@ tcib_actions:
|
|||
- run: rm -f /etc/machine-id
|
||||
- run: ln -s /usr/share/openstack-tripleo-common/healthcheck/nova-compute /openstack/healthcheck && chmod a+rx /openstack/healthcheck
|
||||
- run: if [ -f /usr/share/qemu/firmware/50-edk2-ovmf-cc.json ] && [ -f /usr/share/qemu/firmware/50-edk2-ovmf-amdsev.json ]; then jq ".mapping[\"nvram-template\"] = $(jq ".mapping[\"nvram-template\"]" /usr/share/qemu/firmware/50-edk2-ovmf-cc.json)" /usr/share/qemu/firmware/50-edk2-ovmf-amdsev.json > /tmp/50-edk2-ovmf-amdsev_.json && mv -f /tmp/50-edk2-ovmf-amdsev_.json /usr/share/qemu/firmware/50-edk2-ovmf-amdsev.json; fi
|
||||
- run: sed -ri '/^session(\s)+required(\s+)pam_loginuid.so$/d' /etc/pam.d/sshd
|
||||
tcib_packages:
|
||||
common:
|
||||
- ceph-common
|
||||
|
|
|
|||
Loading…
Reference in New Issue