Interface updates including chmod and sys_module
* Add account-control plug: This is required to enable chmod calls. * Add kernel-module-control plug: This is required to enable the sys_module capability. * Drop system-trace plug: This was raised during the review for auto-connecting interfaces for the nova-hypervisor snap [1]. The system-trace plug gives privileged access to all processes on the system, so ideally we don't want to connect it. I haven't hit any issues when testing without it. [1] forum.snapcraft.io/t/auto-connecting-the-nova-hypervisor-interfaces/1145 Change-Id: I9de1b0fff4e98df48a60202af53057f8edf662ba
This commit is contained in:
Corey Bryant
parent
676aef1290
commit
f62ba3e8f8
@ -23,10 +23,12 @@ apps:
|
||||
command: snap-openstack nova-compute
|
||||
daemon: simple
|
||||
plugs:
|
||||
- account-control
|
||||
- kernel-module-control
|
||||
- network
|
||||
- network-bind
|
||||
- network-control
|
||||
- firewall-control
|
||||
- system-trace
|
||||
- hardware-observe
|
||||
- libvirt
|
||||
- openvswitch
|
||||
@ -34,6 +36,7 @@ apps:
|
||||
command: snap-openstack nova-api-metadata
|
||||
daemon: simple
|
||||
plugs:
|
||||
- account-control
|
||||
- network
|
||||
- network-bind
|
||||
- firewall-control
|
||||
@ -41,44 +44,46 @@ apps:
|
||||
command: snap-openstack neutron-openvswitch-agent
|
||||
daemon: simple
|
||||
plugs:
|
||||
- account-control
|
||||
- network
|
||||
- network-bind
|
||||
- network-control
|
||||
- network-observe
|
||||
- firewall-control
|
||||
- process-control
|
||||
- system-trace
|
||||
- system-observe
|
||||
- openvswitch
|
||||
neutron-l3-agent:
|
||||
command: snap-openstack neutron-l3-agent
|
||||
daemon: simple
|
||||
plugs:
|
||||
- account-control
|
||||
- network
|
||||
- network-bind
|
||||
- network-control
|
||||
- network-observe
|
||||
- firewall-control
|
||||
- process-control
|
||||
- system-trace
|
||||
- system-observe
|
||||
- openvswitch
|
||||
neutron-dhcp-agent:
|
||||
command: snap-openstack neutron-dhcp-agent
|
||||
daemon: simple
|
||||
plugs:
|
||||
- account-control
|
||||
- kernel-module-control
|
||||
- network
|
||||
- network-bind
|
||||
- network-control
|
||||
- network-observe
|
||||
- process-control
|
||||
- system-trace
|
||||
- system-observe
|
||||
- openvswitch
|
||||
neutron-metadata-agent:
|
||||
command: snap-openstack neutron-metadata-agent
|
||||
daemon: simple
|
||||
plugs:
|
||||
- account-control
|
||||
- network
|
||||
- network-bind
|
||||
- network-control
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user