-
Steven Dake authored
A recent change related to sudo securepath broke how sudo -E works. Now the PATH is reset by sudo as set by tox. As a result we can no longer rely on sudo -E anywhere in our gating system relating to path inheritence from the parent shell. This patch uses a shell operation in the setup_nodes.yml code to chmod the docker socket to 666 so docker containers can build properly. Now docker operations don't return a permission denied and we no longer require the sudo -E operation in any of our tox scripts. This isn't a security vulnerability because our gate scripts are only meant to be run in OpenStack infrastructure. To make this more clear I recommend moving these shell scripts to tests/gate. Change-Id: I5b3d6e280e3c12a25defedb14b5589ba642043fa Closes-Bug: #1562383
Steven Dake authoredA recent change related to sudo securepath broke how sudo -E works. Now the PATH is reset by sudo as set by tox. As a result we can no longer rely on sudo -E anywhere in our gating system relating to path inheritence from the parent shell. This patch uses a shell operation in the setup_nodes.yml code to chmod the docker socket to 666 so docker containers can build properly. Now docker operations don't return a permission denied and we no longer require the sudo -E operation in any of our tox scripts. This isn't a security vulnerability because our gate scripts are only meant to be run in OpenStack infrastructure. To make this more clear I recommend moving these shell scripts to tests/gate. Change-Id: I5b3d6e280e3c12a25defedb14b5589ba642043fa Closes-Bug: #1562383
tox.ini 5.20 KiB