[openstack-dev] [nova] To rootwrap or piggyback privsep helpers?
Maxim Nestratov
mnestratov at virtuozzo.com
Thu Jan 26 09:34:09 UTC 2017
26-Jan-17 12:08, Thierry Carrez пишет:
> Michael Still wrote:
>> I think #3 is the right call for now. The person we had working on
>> privsep has left the company, and I don't have anyone I could get to
>> work on this right now. Oh, and we're out of time.
> Yes, as much as I'm an advocate of privsep adoption, I don't think the
> last minutes before feature freeze are the best moment to introduce a
> single isolated privsep-backed command in Nova. So I'd recommend #3.
>
> In an ideal world, Nova would start migrating existing commands early in
> Pike so that in the near future, adding new privsep-backed commands
> doesn't feel so alien.
>
Yeah, #3 option works for us perfectly, thanks.
Thanks for suggesting it Matt.
More information about the OpenStack-dev
mailing list