commit 97b3787aae6605921491f23e97b41276629d66b2
author Oleksandr Shyshko <oshyshko@mirantis.com> Tue Oct 02 12:37:40 2018 +0300
committer Oleksandr Shyshko <oshyshko@mirantis.com> Tue Oct 02 12:44:57 2018 +0300
tree 96e1f25c1859b2c987aa2431e02fface9223da3c
parent e78bf157faecb08365361b26f8222a28b04a9e28

Certificates permission fixed for libvirt vnc+tls

  * Nova and libvirt-qemu users must have read acces to cert files.
    User libvirt-qemu added to Nova group in compute state.

Change-Id: I7fdd2bafc555b80bf99ea8906c67d6a084ccca79

nova/compute.sls

diff --git a/nova/compute.sls b/nova/compute.sls
index c088ccf..b7a2131 100644
--- a/nova/compute.sls
+++ b/nova/compute.sls
@@ -255,7 +255,7 @@
     - contents_pillar: nova:compute:qemu:vnc:tls:cacert
     - mode: 644
     - user: root
-    - group: libvirt-qemu
+    - group: nova
     - makedirs: true
     - require:
       - user: user_libvirt-qemu
@@ -271,7 +271,7 @@
     - contents_pillar: nova:compute:qemu:vnc:tls:cert
     - mode: 640
     - user: root
-    - group: libvirt-qemu
+    - group: nova
     - makedirs: true
     - require:
       - user: user_libvirt-qemu
@@ -287,7 +287,7 @@
     - contents_pillar: nova:compute:qemu:vnc:tls:key
     - mode: 640
     - user: root
-    - group: libvirt-qemu
+    - group: nova
     - makedirs: true
     - require:
       - user: user_libvirt-qemu
@@ -303,7 +303,7 @@
       - {{ cert_file }}
       - {{ key_file }}
     - user: root
-    - group: libvirt-qemu
+    - group: nova
     - require:
       - user: user_libvirt-qemu