Fix /etc/openstack-dashboard/ permissions for access to *policy.json
The Kolla Dockerfile sets the permissions for /etc/openstack-dashboard/ to horizon:horizon. We need this to be readable by the apache user as the horizon user is not the user in which httpd runs with. We may want to consider fixing this in the upstream Dockerfile instead, e.g. checking if we're using centos/rhel and changing the permissions that way. I'm not sure why it's set to horizon:horizon upstream, and I'm keen not to break any existing functionality that relies on the horizon based permissions. Closes-Bug: #1723125 Change-Id: If5feebae38f7fdfffa60bfaedc4521f676006484
This commit is contained in:
parent
7d2a5d6340
commit
fd657aa4e6
@ -95,6 +95,12 @@ outputs:
|
||||
- path: /var/log/horizon/
|
||||
owner: apache:apache
|
||||
recurse: true
|
||||
# NOTE The upstream Kolla Dockerfile sets /etc/openstack-dashboard/ ownership to
|
||||
# horizon:horizon - the policy.json files need read permissions for the apache user
|
||||
# FIXME We should consider whether this should be fixed in the Kolla Dockerfile instead
|
||||
- path: /etc/openstack-dashboard/
|
||||
owner: apache:apache
|
||||
recurse: true
|
||||
# FIXME Apache tries to write a .lock file there
|
||||
- path: /usr/share/openstack-dashboard/openstack_dashboard/local/
|
||||
owner: apache:apache
|
||||
|
Loading…
x
Reference in New Issue
Block a user