remove rootwrap in cyborg

On one hand, as discussed in this patch[0], rootwap was intented
to be replaced by privsep, especially for new project.
On the other hand, we need remove rootwrap to fix the following
cyborg-tempest job failure in patch [0]:
cannot stat '/opt/stack/cyborg/etc/cyborg/rootwrap.d/*.filters':
No such file or directory

[0]:https://review.opendev.org/#/c/673957/

Change-Id: I1aaf38da3a68c656616c7d701b8f815e17ed0152

devstack/lib/cyborg

@@ -41,7 +41,6 @@ CYBORG_AUTH_CACHE_DIR=${CYBORG_AUTH_CACHE_DIR:-/var/cache/cyborg}
 CYBORG_CONF_DIR=${CYBORG_CONF_DIR:-/etc/cyborg}
 CYBORG_CONF_FILE=$CYBORG_CONF_DIR/cyborg.conf
 CYBORG_API_PASTE_INI=$CYBORG_CONF_DIR/api-paste.ini
-CYBORG_ROOTWRAP_CONF=$CYBORG_CONF_DIR/rootwrap.conf
 CYBORG_POLICY_JSON=$CYBORG_CONF_DIR/policy.json
 CYBORG_SERVICE_HOST=${CYBORG_SERVICE_HOST:-$SERVICE_HOST}
 CYBORG_SERVICE_PORT=${CYBORG_SERVICE_PORT:-6666}
@@ -150,7 +149,6 @@ function configure_cyborg {
     iniset $CYBORG_CONF_FILE DEFAULT state_path $CYBORG_STATE_PATH
     iniset $CYBORG_CONF_FILE DEFAULT use_syslog $SYSLOG
     iniset $CYBORG_CONF_FILE DEFAULT host $LOCAL_HOSTNAME
-    configure_rootwrap cyborg
 
     # Configure Cyborg conductor, if it was enabled.
     if is_service_enabled cyborg-cond; then
@@ -241,19 +239,7 @@ function configure_cyborg_conductor {
     configure_cyborg_placement
     configure_cyborg_glance
 
-    sudo cp $CYBORG_DIR/etc/cyborg/rootwrap.conf $CYBORG_ROOTWRAP_CONF
-    sudo cp -r $CYBORG_DIR/etc/cyborg/rootwrap.d $CYBORG_CONF_DIR
     sudo cp -p $CYBORG_DIR/etc/cyborg/api-paste.ini $CYBORG_API_PASTE_INI
-    local cyborg_rootwrap
-    cyborg_rootwrap=$(get_rootwrap_location cyborg)
-    local rootwrap_isudoer_cmd="$cyborg_rootwrap $CYBORG_CONF_DIR/rootwrap.conf *"
-
-    # Set up the rootwrap sudoers for cyborg
-    local tempfile
-    tempfile=`mktemp`
-    echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_isudoer_cmd" >$tempfile
-    sudo chown root:root $tempfile
-    sudo mv $tempfile /etc/sudoers.d/cyborg-rootwrap
 
     # set up drivers / hardware types
     iniset $CYBORG_CONF_FILE agent enabled_drivers $CYBORG_ENABLED_DRIVERS

etc/cyborg/rootwrap.conf

@@ -1,23 +0,0 @@
-# Configuration for cyborg-rootwrap
-# This file should be owned by (and only writable by) the root user
-
-[DEFAULT]
-# List of directories to search executables in, in case filters do not
-# explicitly specify a full path (separated by ',')
-# If not specified, defaults to system PATH environment variable.
-# These directories MUST all be only writable by root !
-exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
-
-# Enable logging to syslog
-# Default value is False
-use_syslog=False
-
-# Which syslog facility to use.
-# Valid values include auth, authpriv, syslog, user0, user1...
-# Default value is 'syslog'
-syslog_log_facility=syslog
-
-# Which messages to log.
-# INFO means log all usage
-# ERROR means only log unsuccessful attempts
-syslog_log_level=ERROR

etc/cyborg/rootwrap.d/acceleration.filters

@@ -1,2 +0,0 @@
-# cyborg-rootwrap command filters for acceleration nodes
-# This file should be owned by (and only-writeable by) the root user

setup.cfg

@@ -24,10 +24,8 @@ packages =
     cyborg
 data_files =
     etc/cyborg =
-        etc/cyborg/rootwrap.conf
         etc/cyborg/policy.json
         etc/cyborg/api-paste.ini
-    etc/cyborg/rootwrap.d = etc/cyborg/rootwrap.d/*
 
 [entry_points]
 oslo.policy.policies =