Fix docker group name
devstack-plugin-container wrongfully assumes that the stack user name is also the name of the group under which install the docker daemon. This can cause devstack to install docker in such a way that the stack user does not have permissions to access the docker socket, as seen in [3]. [1] https://opendev.org/openstack/devstack-plugin-container [2] https://github.com/openstack/devstack-plugin-container/blob/f09c5c9/devstack/lib/docker#L27 [3] https://github.com/gophercloud/gophercloud/pull/2380#issuecomment-1094295137 Closes-Bug: 1970129 Change-Id: Id5f1fa24ebb09db10f0d56e4d6b111be66869b5a
This commit is contained in:
parent
b323f5b71a
commit
b648421624
|
@ -24,7 +24,8 @@ set +o xtrace
|
|||
DOCKER_ENGINE_SOCKET_FILE=${DOCKER_ENGINE_SOCKET_FILE:-/var/run/docker.sock}
|
||||
DOCKER_ENGINE_PORT=${DOCKER_ENGINE_PORT:-2375}
|
||||
DOCKER_CLUSTER_STORE=${DOCKER_CLUSTER_STORE:-}
|
||||
DOCKER_GROUP=${DOCKER_GROUP:-$STACK_USER}
|
||||
STACK_GROUP="$( id --group --name "$STACK_USER" )"
|
||||
DOCKER_GROUP=${DOCKER_GROUP:-$STACK_GROUP}
|
||||
DOCKER_CGROUP_DRIVER=${DOCKER_CGROUP_DRIVER:-}
|
||||
# TODO(hongbin): deprecate and remove clear container
|
||||
ENABLE_CLEAR_CONTAINER=$(trueorfalse False ENABLE_CLEAR_CONTAINER)
|
||||
|
|
Loading…
Reference in New Issue