From 70c57d3307400759123cc9ee1542258d0ab40c0a Mon Sep 17 00:00:00 2001
From: Xing Zhang <angeiv.zhang@gmail.com>
Date: Sun, 25 Jun 2023 11:32:24 +0800
Subject: [PATCH] Fix glance-api failed to start privsep daemon

When cinder_backend_ceph is set to true, privileged is needed
for glance-api.

Change-Id: I92c2744d2475924ef3a2c7ae6cea7e44461de424
Partial-Bug: #2024541
---
 ansible/roles/glance/defaults/main.yml               | 2 +-
 releasenotes/notes/bug-2024541-98c2864f16f8eb59.yaml | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/bug-2024541-98c2864f16f8eb59.yaml

diff --git a/ansible/roles/glance/defaults/main.yml b/ansible/roles/glance/defaults/main.yml
index 5c965b9275..5406b5bc50 100644
--- a/ansible/roles/glance/defaults/main.yml
+++ b/ansible/roles/glance/defaults/main.yml
@@ -7,7 +7,7 @@ glance_services:
     enabled: true
     image: "{{ glance_api_image_full }}"
     environment: "{{ glance_api_container_proxy }}"
-    privileged: "{{ enable_cinder | bool and enable_cinder_backend_iscsi | bool }}"
+    privileged: "{{ enable_cinder | bool and (enable_cinder_backend_iscsi | bool or cinder_backend_ceph | bool) }}"
     volumes: "{{ glance_api_default_volumes + glance_api_extra_volumes }}"
     dimensions: "{{ glance_api_dimensions }}"
     healthcheck: "{{ glance_api_healthcheck }}"
diff --git a/releasenotes/notes/bug-2024541-98c2864f16f8eb59.yaml b/releasenotes/notes/bug-2024541-98c2864f16f8eb59.yaml
new file mode 100644
index 0000000000..1fe3e25181
--- /dev/null
+++ b/releasenotes/notes/bug-2024541-98c2864f16f8eb59.yaml
@@ -0,0 +1,7 @@
+---
+fixes:
+  - |
+    Fixes glance-api failed to start privsep daemon when
+    cinder_backend_ceph is set to true.
+    See `LP#2024541 <https://launchpad.net/bugs/2024541>`__
+    for more details.