mirror of
https://github.com/OpenNebula/one.git
synced 2025-01-08 21:17:43 +03:00
M #-: Use non-interactive sudo, fix arping path on Debians (#4555)
* M #-: Force all sudo usage as non-interactive * M #-: Fix sudoers arping path on Debian-like systems
This commit is contained in:
parent
fe7933586c
commit
424ab046b7
@ -11,7 +11,7 @@ def clean_host_nic(veth)
|
||||
|
||||
return unless s == 0
|
||||
|
||||
cmd = "sudo ip link delete #{veth}"
|
||||
cmd = "sudo -n ip link delete #{veth}"
|
||||
OpenNebula.log "Found lingering nic #{veth}\n Running #{cmd}"
|
||||
|
||||
o, e, s = Open3.capture3(cmd)
|
||||
|
@ -25,12 +25,12 @@ fi
|
||||
|
||||
case $ACTION in
|
||||
leader)
|
||||
sudo ip address add $IFADDR dev $INTERFACE
|
||||
sudo -n ip address add $IFADDR dev $INTERFACE
|
||||
|
||||
for i in $(seq 5); do
|
||||
sudo arping -c 1 -U -I $INTERFACE ${IP}
|
||||
sudo -n arping -c 1 -U -I $INTERFACE ${IP}
|
||||
sleep 1
|
||||
sudo arping -c 1 -A -I $INTERFACE ${IP}
|
||||
sudo -n arping -c 1 -A -I $INTERFACE ${IP}
|
||||
sleep 1
|
||||
done
|
||||
|
||||
@ -62,8 +62,8 @@ leader)
|
||||
;;
|
||||
|
||||
follower)
|
||||
if sudo ip address show dev $INTERFACE | grep -qi " ${IP}/"; then
|
||||
sudo ip address del $IFADDR dev $INTERFACE
|
||||
if sudo -n ip address show dev $INTERFACE | grep -qi " ${IP}/"; then
|
||||
sudo -n ip address del $IFADDR dev $INTERFACE
|
||||
fi
|
||||
|
||||
if [ "${IS_SYSTEMD}" = 'yes' ]; then
|
||||
|
@ -3,7 +3,7 @@ Defaults:oneadmin secure_path = /sbin:/bin:/usr/sbin:/usr/bin
|
||||
|
||||
Cmnd_Alias ONE_CEPH = /usr/bin/rbd
|
||||
Cmnd_Alias ONE_FIRECRACKER = /usr/bin/jailer, /bin/mount, /usr/sbin/one-clean-firecracker-domain
|
||||
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /bin/systemctl start opennebula-hem, /bin/systemctl stop opennebula-hem, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/service opennebula-hem start, /usr/sbin/service opennebula-hem stop, /usr/sbin/arping, /sbin/ip
|
||||
Cmnd_Alias ONE_HA = /bin/systemctl start opennebula-flow, /bin/systemctl stop opennebula-flow, /bin/systemctl start opennebula-gate, /bin/systemctl stop opennebula-gate, /bin/systemctl start opennebula-hem, /bin/systemctl stop opennebula-hem, /usr/sbin/service opennebula-flow start, /usr/sbin/service opennebula-flow stop, /usr/sbin/service opennebula-gate start, /usr/sbin/service opennebula-gate stop, /usr/sbin/service opennebula-hem start, /usr/sbin/service opennebula-hem stop, /usr/bin/arping, /sbin/ip
|
||||
Cmnd_Alias ONE_LVM = /sbin/lvcreate, /sbin/lvremove, /sbin/lvs, /sbin/vgdisplay, /sbin/lvchange, /sbin/lvscan, /sbin/lvextend
|
||||
Cmnd_Alias ONE_LXD = /snap/bin/lxc, /usr/bin/catfstab, /bin/mount, /bin/umount, /bin/mkdir, /bin/lsblk, /sbin/losetup, /sbin/kpartx, /usr/bin/qemu-nbd, /sbin/blkid, /sbin/e2fsck, /sbin/resize2fs, /usr/sbin/xfs_growfs, /usr/bin/rbd-nbd, /usr/sbin/xfs_admin, /sbin/tune2fs
|
||||
Cmnd_Alias ONE_MARKET = /usr/lib/one/sh/create_container_image.sh
|
||||
|
@ -90,7 +90,7 @@ function clean {
|
||||
|
||||
# Unmount mnt directory (if necessary)
|
||||
if grep -qs "$dockerdir/mnt" /proc/mounts; then
|
||||
sudo umount "$dockerdir/mnt"
|
||||
sudo -n umount "$dockerdir/mnt"
|
||||
fi
|
||||
|
||||
rm -rf $dockerdir
|
||||
@ -289,13 +289,13 @@ esac
|
||||
#-------------------------------------------------------------------------------
|
||||
# Mount container disk image and untar rootfs contents to it
|
||||
#-------------------------------------------------------------------------------
|
||||
sudo mount $img_raw $dockerdir/mnt > /dev/null 2>&1
|
||||
sudo chmod o+w $dockerdir/mnt
|
||||
sudo tar xpf $tarball -C $dockerdir/mnt > /dev/null 2>&1
|
||||
sudo -n mount $img_raw $dockerdir/mnt > /dev/null 2>&1
|
||||
sudo -n chmod o+w $dockerdir/mnt
|
||||
sudo -n tar xpf $tarball -C $dockerdir/mnt > /dev/null 2>&1
|
||||
|
||||
sync
|
||||
|
||||
sudo umount $dockerdir/mnt
|
||||
sudo -n umount $dockerdir/mnt
|
||||
|
||||
if [ "$format" == "qcow2" ]; then
|
||||
qemu-img convert -f raw -O qcow2 $img_raw $img_qcow > /dev/null 2>&1
|
||||
|
@ -307,7 +307,7 @@ esac
|
||||
#-------------------------------------------------------------------------------
|
||||
MK_CONTAINER=$LIB_LOCATION/sh/create_container_image.sh
|
||||
|
||||
cat << EOF | sudo $MK_CONTAINER $TMP_DIR $id $extension $terminal
|
||||
cat << EOF | sudo -n $MK_CONTAINER $TMP_DIR $id $extension $terminal
|
||||
$commands
|
||||
EOF
|
||||
|
||||
|
@ -5,7 +5,7 @@ cmd='lxc profile list 2>/dev/null'
|
||||
profiles=$($cmd | grep -v -- -+- | grep -v NAME | grep -v default | awk '{print $2}')
|
||||
|
||||
if [ "$?" -ne "0" ]; then
|
||||
profiles=$(sudo $cmd | grep -v -- -+- | grep -v NAME | grep -v default | awk '{print $2}')
|
||||
profiles=$(sudo -n $cmd | grep -v -- -+- | grep -v NAME | grep -v default | awk '{print $2}')
|
||||
fi
|
||||
|
||||
tmpfile=$(mktemp /tmp/lxd_probe.XXXXXX)
|
||||
|
@ -48,7 +48,7 @@ CP=${CP:-cp}
|
||||
SCP=${SCP:-scp}
|
||||
SED=${SED:-sed}
|
||||
SSH=${SSH:-ssh}
|
||||
SUDO=${SUDO:-sudo}
|
||||
SUDO=${SUDO:-sudo -n}
|
||||
SYNC=${SYNC:-sync}
|
||||
TAR=${TAR:-tar}
|
||||
TGTADM=${TGTADM:-tgtadm}
|
||||
@ -556,7 +556,7 @@ function tgtadm_next_tid {
|
||||
|
||||
function tgt_admin_dump_config {
|
||||
FILE_PATH="$1"
|
||||
echo "$TGTADMIN --dump |sudo tee $FILE_PATH > /dev/null 2>&1"
|
||||
echo "$TGTADMIN --dump |sudo -n tee $FILE_PATH > /dev/null 2>&1"
|
||||
}
|
||||
|
||||
###
|
||||
|
@ -67,7 +67,7 @@ fi
|
||||
# If vg-one-$DS_ID exists, we assume it's an fs_lvm image datastore, therefore'
|
||||
# we return the space of the lvm, no of the filesystem
|
||||
if PATH=\$PATH:/sbin:/bin:/usr/sbin:/usr/bin which vgdisplay &> /dev/null; then
|
||||
LVM_SIZE=\$(sudo vgdisplay \
|
||||
LVM_SIZE=\$(sudo -n vgdisplay \
|
||||
--separator : \
|
||||
--units m \
|
||||
-o vg_size,vg_free \
|
||||
|
@ -31,7 +31,7 @@ class MicroVM
|
||||
# List of commands executed by the driver.
|
||||
#---------------------------------------------------------------------------
|
||||
COMMANDS = {
|
||||
:clean => 'sudo /usr/sbin/one-clean-firecracker-domain',
|
||||
:clean => 'sudo -n /usr/sbin/one-clean-firecracker-domain',
|
||||
:map_context => '/var/tmp/one/vmm/firecracker/map_context'
|
||||
}
|
||||
|
||||
@ -46,7 +46,7 @@ class MicroVM
|
||||
@fc = fc
|
||||
@one = one
|
||||
|
||||
@jailer_command = 'sudo jailer'
|
||||
@jailer_command = 'sudo -n jailer'
|
||||
@vnc_command = 'screen -x'
|
||||
|
||||
# Location for maping the context
|
||||
@ -97,7 +97,7 @@ class MicroVM
|
||||
return false unless rc
|
||||
|
||||
# TODO, add option for hard links
|
||||
Command.execute_rc_log("sudo mount -o bind #{@one.sysds_path}/#{@one.vm_id} #{@rootfs_dir}")
|
||||
Command.execute_rc_log("sudo -n mount -o bind #{@one.sysds_path}/#{@one.vm_id} #{@rootfs_dir}")
|
||||
end
|
||||
|
||||
def get_pid
|
||||
|
@ -70,7 +70,7 @@ class Container
|
||||
@one = one
|
||||
|
||||
@lxc_command = 'lxc'
|
||||
@lxc_command.prepend 'sudo ' if client.snap
|
||||
@lxc_command.prepend 'sudo -n ' if client.snap
|
||||
|
||||
@rootfs_dir = "#{@client.lxd_path}/storage-pools/default/containers/"\
|
||||
"#{name}/rootfs"
|
||||
@ -501,7 +501,7 @@ class Container
|
||||
def del_bridge_port(nic)
|
||||
return true unless /ovswitch/ =~ nic['VN_MAD']
|
||||
|
||||
cmd = 'sudo ovs-vsctl --if-exists del-port '\
|
||||
cmd = 'sudo -n ovs-vsctl --if-exists del-port '\
|
||||
"#{nic['BRIDGE']} #{nic['TARGET']}"
|
||||
|
||||
rc, _o, e = Command.execute(cmd, false)
|
||||
|
@ -53,24 +53,24 @@ class Mapper
|
||||
# as root
|
||||
#---------------------------------------------------------------------------
|
||||
COMMANDS = {
|
||||
:lsblk => 'sudo lsblk',
|
||||
:losetup => 'sudo losetup',
|
||||
:mount => 'sudo mount',
|
||||
:umount => 'sudo umount',
|
||||
:kpartx => 'sudo kpartx',
|
||||
:nbd => 'sudo -u root -g oneadmin qemu-nbd',
|
||||
:su_mkdir => 'sudo mkdir -p',
|
||||
:lsblk => 'sudo -n lsblk',
|
||||
:losetup => 'sudo -n losetup',
|
||||
:mount => 'sudo -n mount',
|
||||
:umount => 'sudo -n umount',
|
||||
:kpartx => 'sudo -n kpartx',
|
||||
:nbd => 'sudo -n -u root -g oneadmin qemu-nbd',
|
||||
:su_mkdir => 'sudo -n mkdir -p',
|
||||
:mkdir => 'mkdir -p',
|
||||
:catfstab => 'sudo catfstab',
|
||||
:catfstab => 'sudo -n catfstab',
|
||||
:cat => 'cat',
|
||||
:file => 'file -L -s',
|
||||
:blkid => 'sudo blkid',
|
||||
:e2fsck => 'sudo e2fsck',
|
||||
:resize2fs => 'sudo resize2fs',
|
||||
:xfs_growfs => 'sudo xfs_growfs',
|
||||
:rbd => 'sudo rbd-nbd --id',
|
||||
:xfs_admin => 'sudo xfs_admin',
|
||||
:tune2fs => 'sudo tune2fs',
|
||||
:blkid => 'sudo -n blkid',
|
||||
:e2fsck => 'sudo -n e2fsck',
|
||||
:resize2fs => 'sudo -n resize2fs',
|
||||
:xfs_growfs => 'sudo -n xfs_growfs',
|
||||
:rbd => 'sudo -n rbd-nbd --id',
|
||||
:xfs_admin => 'sudo -n xfs_admin',
|
||||
:tune2fs => 'sudo -n tune2fs',
|
||||
:mkfs => '/sbin/mkfs'
|
||||
}
|
||||
|
||||
|
@ -22,15 +22,15 @@ module VNMNetwork
|
||||
# to local installations. Any modification requires to sync the hosts with
|
||||
# onehost sync command.
|
||||
COMMANDS = {
|
||||
:ebtables => "sudo ebtables",
|
||||
:iptables => "sudo iptables",
|
||||
:ip6tables=> "sudo ip6tables",
|
||||
:ip => "sudo ip",
|
||||
:ebtables => "sudo -n ebtables",
|
||||
:iptables => "sudo -n iptables",
|
||||
:ip6tables=> "sudo -n ip6tables",
|
||||
:ip => "sudo -n ip",
|
||||
:virsh => "virsh -c qemu:///system",
|
||||
:ovs_vsctl=> "sudo ovs-vsctl",
|
||||
:ovs_ofctl=> "sudo ovs-ofctl",
|
||||
:ovs_vsctl=> "sudo -n ovs-vsctl",
|
||||
:ovs_ofctl=> "sudo -n ovs-ofctl",
|
||||
:lsmod => "lsmod",
|
||||
:ipset => "sudo ipset"
|
||||
:ipset => "sudo -n ipset"
|
||||
}
|
||||
|
||||
# Represents an Array of commands to be executed by the networking drivers
|
||||
|
@ -107,7 +107,7 @@ module VNMMAD
|
||||
|
||||
_o, _e, snap = Open3.capture3('snap list lxd;') # avoid cmd not found with;
|
||||
@lxc_cmd = 'lxc'
|
||||
@lxc_cmd.prepend('sudo ') if snap.exitstatus.zero?
|
||||
@lxc_cmd.prepend('sudo -n ') if snap.exitstatus.zero?
|
||||
end
|
||||
|
||||
# Get the VM information with lxc config show
|
||||
|
Loading…
Reference in New Issue
Block a user