On Thu, Dec 01, 2016 at 09:03:30AM -0500, John Trowbridge wrote: > 1. Doing tasks as root on the virthost makes clean up trickier. With the > current model, deleting the non-root quickstart user cleans up almost > everything. By keeping all of the root privilege tasks in the provision > and environment roles, it is much easier to reason about the few things > that do not get cleaned up when deleting the quickstart user. If we > start allowing root privilege tasks in the libvirt role, this will be > harder. > > 2. Theoretically, (I have not actually heard anyone actually doing > this), someone could set up a virthost for use by quickstart, and > then...
The particular use case that inspired the current architecture was the situation in which people did not want a random script from the internet running with privileges on their system. The existing model means that you can manually configure a host for use by quickstart (installing libvirt, creating the necessary bridges devices and permissions, etc), and then use quickstart exclusively as a non-root user. This is really nice for a number of reasons. For example, I often have multiple quickstart-provisioned environments on my virt host, each associated with a particular user. Being able to run everything as a non-root user means that it's easy to keep these separate, and that I won't accidentally break one environment because of a typo or something (because my "master tripleo" user is not able to modify the environment of my "rdo release" user). -- Lars Kellogg-Stedman <l...@redhat.com> | larsks @ {freenode,twitter,github} Cloud Engineering / OpenStack | http://blog.oddbit.com/
signature.asc
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev