From b1de1e06dc0c421ad4ebb1eb5b716d94b811fa79 Mon Sep 17 00:00:00 2001
From: Andy McCrae <andy.mccrae@gmail.com>
Date: Thu, 2 Feb 2017 15:15:46 +0000
Subject: [PATCH] Update paste, policy and rootwrap configurations 2017-02-02

Change-Id: I7c461529573c0d820ffa4e82d5190b4ead4aecee
---
 files/rootwrap.d/volume.filters | 4 ++++
 templates/policy.json.j2        | 1 +
 2 files changed, 5 insertions(+)

diff --git a/files/rootwrap.d/volume.filters b/files/rootwrap.d/volume.filters
index 69cf66e3..49ee72d6 100644
--- a/files/rootwrap.d/volume.filters
+++ b/files/rootwrap.d/volume.filters
@@ -222,3 +222,7 @@ ploop: CommandFilter, ploop, root
 
 # initiator/connector.py:
 drv_cfg: CommandFilter, /opt/emc/scaleio/sdc/bin/drv_cfg, root, /opt/emc/scaleio/sdc/bin/drv_cfg, --query_guid
+
+# cinder/volume/drivers/quobyte.py
+getfattr: CommandFilter, getfattr, root
+mount.quobyte: CommandFilter, getfattr, root
diff --git a/templates/policy.json.j2 b/templates/policy.json.j2
index 225257ff..c38bfaba 100644
--- a/templates/policy.json.j2
+++ b/templates/policy.json.j2
@@ -5,6 +5,7 @@
     "admin_api": "is_admin:True or (role:admin and is_admin_project:True)",
 
     "volume:create": "",
+    "volume:create_from_image": "",
     "volume:delete": "rule:admin_or_owner",
     "volume:force_delete": "rule:admin_api",
     "volume:get": "rule:admin_or_owner",