Adding ability to set nas_secure_file_permissions and nas_secure_file_operations options Change-Id: Iedfaa3057bc1e890016138ebdacc96afa7216f91

commit: ef4c7d0b92f1fc5a74e3b942bca264b5412e35f7 [log] [tgz]
author: Dmitry Stremkovskiy <dstremkouski@mirantis.com> Sun Jul 30 16:51:52 2017 +0300
committer: Dmitry Stremkovskiy <dstremkouski@mirantis.com> Sun Jul 30 16:52:05 2017 +0300
tree: bf636698cd64dc2bb98f5a8995e656be1e74fe08
parent: e9e63977d66e5cbf50efd7bd98532ba43a8b86c4 [diff]
diff --git a/README.rst b/README.rst
index 7a19ad0..72f353d 100644
--- a/README.rst
+++ b/README.rst

@@ -20,6 +20,8 @@
         version: juno
         cinder_uid: 304
         cinder_gid: 304
+        nas_secure_file_permissions: false
+        nas_secure_file_operations: false
         default_volume_type: 7k2SaS
         availability_zone_fallback: True
         database:
@@ -65,6 +67,8 @@
         version: juno
         cinder_uid: 304
         cinder_gid: 304
+        nas_secure_file_permissions: false
+        nas_secure_file_operations: false
         default_volume_type: 7k2SaS
         database:
           engine: mysql

diff --git a/cinder/files/juno/cinder.conf.controller.Debian b/cinder/files/juno/cinder.conf.controller.Debian
index 65bceb1..fa9a7b2 100644
--- a/cinder/files/juno/cinder.conf.controller.Debian
+++ b/cinder/files/juno/cinder.conf.controller.Debian

@@ -92,6 +92,12 @@
 use_syslog=false
 verbose=True
 lock_path=/var/lock/cinder
+{%- if controller.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ controller.nas_secure_file_permissions }}
+{%- endif %}
+{%- if controller.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ controller.nas_secure_file_operations }}
+{%- endif %}
 
 [keystone_authtoken]
 signing_dir=/tmp/keystone-signing-cinder

diff --git a/cinder/files/juno/cinder.conf.volume.Debian b/cinder/files/juno/cinder.conf.volume.Debian
index 9888ad8..72bb396 100644
--- a/cinder/files/juno/cinder.conf.volume.Debian
+++ b/cinder/files/juno/cinder.conf.volume.Debian

@@ -101,6 +101,12 @@
 use_syslog=false
 verbose=True
 lock_path=/var/lock/cinder
+{%- if volume.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ volume.nas_secure_file_permissions }}
+{%- endif %}
+{%- if volume.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ volume.nas_secure_file_operations }}
+{%- endif %}
 
 [keystone_authtoken]
 signing_dir=/tmp/keystone-signing-cinder

diff --git a/cinder/files/kilo/cinder.conf.controller.Debian b/cinder/files/kilo/cinder.conf.controller.Debian
index bb8320f..fa481e0 100644
--- a/cinder/files/kilo/cinder.conf.controller.Debian
+++ b/cinder/files/kilo/cinder.conf.controller.Debian

@@ -86,6 +86,12 @@
 use_syslog=false
 verbose=True
 lock_path=/var/lock/cinder
+{%- if controller.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ controller.nas_secure_file_permissions }}
+{%- endif %}
+{%- if controller.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ controller.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_concurrency]
 

diff --git a/cinder/files/kilo/cinder.conf.volume.Debian b/cinder/files/kilo/cinder.conf.volume.Debian
index f820362..bd28a57 100644
--- a/cinder/files/kilo/cinder.conf.volume.Debian
+++ b/cinder/files/kilo/cinder.conf.volume.Debian

@@ -95,6 +95,12 @@
 
 use_syslog=false
 verbose=True
+{%- if volume.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ volume.nas_secure_file_permissions }}
+{%- endif %}
+{%- if volume.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ volume.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_concurrency]
 

diff --git a/cinder/files/liberty/cinder.conf.controller.Debian b/cinder/files/liberty/cinder.conf.controller.Debian
index 460f0b0..70db3f4 100644
--- a/cinder/files/liberty/cinder.conf.controller.Debian
+++ b/cinder/files/liberty/cinder.conf.controller.Debian

@@ -105,6 +105,12 @@
 use_syslog=false
 verbose=True
 lock_path=/var/lock/cinder
+{%- if controller.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ controller.nas_secure_file_permissions }}
+{%- endif %}
+{%- if controller.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ controller.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_concurrency]
 

diff --git a/cinder/files/liberty/cinder.conf.volume.Debian b/cinder/files/liberty/cinder.conf.volume.Debian
index 12582c1..f3174a8 100644
--- a/cinder/files/liberty/cinder.conf.volume.Debian
+++ b/cinder/files/liberty/cinder.conf.volume.Debian

@@ -89,6 +89,12 @@
 
 use_syslog=false
 verbose=True
+{%- if volume.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ volume.nas_secure_file_permissions }}
+{%- endif %}
+{%- if volume.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ volume.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_concurrency]
 

diff --git a/cinder/files/mitaka/cinder.conf.controller.Debian b/cinder/files/mitaka/cinder.conf.controller.Debian
index 24aed63..b551edb 100644
--- a/cinder/files/mitaka/cinder.conf.controller.Debian
+++ b/cinder/files/mitaka/cinder.conf.controller.Debian

@@ -94,6 +94,12 @@
 {%- set backup_backend_fragment = "cinder/files/backup_backend/_" + controller.backup.engine + ".conf" %}
 {%- include backup_backend_fragment %}
 {%- endif %}
+{%- if controller.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ controller.nas_secure_file_permissions }}
+{%- endif %}
+{%- if controller.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ controller.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_messaging_notifications]
 {%- if controller.notification is mapping %}

diff --git a/cinder/files/mitaka/cinder.conf.volume.Debian b/cinder/files/mitaka/cinder.conf.volume.Debian
index f3633e6..9bbab71 100644
--- a/cinder/files/mitaka/cinder.conf.volume.Debian
+++ b/cinder/files/mitaka/cinder.conf.volume.Debian

@@ -79,6 +79,12 @@
 {%- set backup_backend_fragment = "cinder/files/backup_backend/_" + volume.backup.engine + ".conf" %}
 {%- include backup_backend_fragment %}
 {%- endif %}
+{%- if volume.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ volume.nas_secure_file_permissions }}
+{%- endif %}
+{%- if volume.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ volume.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_messaging_notifications]
 {%- if volume.notification is mapping %}

diff --git a/cinder/files/newton/cinder.conf.controller.Debian b/cinder/files/newton/cinder.conf.controller.Debian
index 528d8a6..eaebb8e 100644
--- a/cinder/files/newton/cinder.conf.controller.Debian
+++ b/cinder/files/newton/cinder.conf.controller.Debian

@@ -110,6 +110,12 @@
 {%- set backup_backend_fragment = "cinder/files/backup_backend/_" + controller.backup.engine + ".conf" %}
 {%- include backup_backend_fragment %}
 {%- endif %}
+{%- if controller.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ controller.nas_secure_file_permissions }}
+{%- endif %}
+{%- if controller.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ controller.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_messaging_notifications]
 {%- if controller.notification is mapping %}

diff --git a/cinder/files/newton/cinder.conf.volume.Debian b/cinder/files/newton/cinder.conf.volume.Debian
index 5a02b87..1260e83 100644
--- a/cinder/files/newton/cinder.conf.volume.Debian
+++ b/cinder/files/newton/cinder.conf.volume.Debian

@@ -99,6 +99,12 @@
 {%- set backup_backend_fragment = "cinder/files/backup_backend/_" + volume.backup.engine + ".conf" %}
 {%- include backup_backend_fragment %}
 {%- endif %}
+{%- if volume.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ volume.nas_secure_file_permissions }}
+{%- endif %}
+{%- if volume.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ volume.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_messaging_notifications]
 {%- if volume.notification is mapping %}

diff --git a/cinder/files/ocata/cinder.conf.controller.Debian b/cinder/files/ocata/cinder.conf.controller.Debian
index 528d8a6..eaebb8e 100644
--- a/cinder/files/ocata/cinder.conf.controller.Debian
+++ b/cinder/files/ocata/cinder.conf.controller.Debian

@@ -110,6 +110,12 @@
 {%- set backup_backend_fragment = "cinder/files/backup_backend/_" + controller.backup.engine + ".conf" %}
 {%- include backup_backend_fragment %}
 {%- endif %}
+{%- if controller.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ controller.nas_secure_file_permissions }}
+{%- endif %}
+{%- if controller.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ controller.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_messaging_notifications]
 {%- if controller.notification is mapping %}

diff --git a/cinder/files/ocata/cinder.conf.volume.Debian b/cinder/files/ocata/cinder.conf.volume.Debian
index 5a02b87..1260e83 100644
--- a/cinder/files/ocata/cinder.conf.volume.Debian
+++ b/cinder/files/ocata/cinder.conf.volume.Debian

@@ -99,6 +99,12 @@
 {%- set backup_backend_fragment = "cinder/files/backup_backend/_" + volume.backup.engine + ".conf" %}
 {%- include backup_backend_fragment %}
 {%- endif %}
+{%- if volume.nas_secure_file_permissions is defined %}
+nas_secure_file_permissions={{ volume.nas_secure_file_permissions }}
+{%- endif %}
+{%- if volume.nas_secure_file_operations is defined %}
+nas_secure_file_operations={{ volume.nas_secure_file_operations }}
+{%- endif %}
 
 [oslo_messaging_notifications]
 {%- if volume.notification is mapping %}
commit	ef4c7d0b92f1fc5a74e3b942bca264b5412e35f7	[log] [tgz]
author	Dmitry Stremkovskiy <dstremkouski@mirantis.com>	Sun Jul 30 16:51:52 2017 +0300
committer	Dmitry Stremkovskiy <dstremkouski@mirantis.com>	Sun Jul 30 16:52:05 2017 +0300
tree	bf636698cd64dc2bb98f5a8995e656be1e74fe08
parent	e9e63977d66e5cbf50efd7bd98532ba43a8b86c4 [diff]