.\" Man page generated from reStructuredText.
.
.TH "NOVA-ROOTWRAP" "1" "August 05, 2016" "13.1.0" "nova"
.SH NAME
nova-rootwrap \- Cloud controller fabric
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.SH ROOT WRAPPER FOR NOVA
.INDENT 0.0
.TP
.B Author
\fI\%openstack@lists.openstack.org\fP
.TP
.B Date
2012\-09\-27
.TP
.B Copyright
OpenStack Foundation
.TP
.B Version
2012.1
.TP
.B Manual section
1
.TP
.B Manual group
cloud computing
.UNINDENT
.SS SYNOPSIS
.INDENT 0.0
.INDENT 3.5
nova\-rootwrap [options]
.UNINDENT
.UNINDENT
.SS DESCRIPTION
.sp
Filters which commands nova is allowed to run as another user.
.sp
To use this, you should set the following in nova.conf:
rootwrap_config=/etc/nova/rootwrap.conf
.sp
You also need to let the nova user run nova\-rootwrap as root in sudoers:
nova ALL = (root) NOPASSWD: /usr/bin/nova\-rootwrap /etc/nova/rootwrap.conf *
.sp
To make allowed commands node\-specific, your packaging should only
install {compute,network}.filters respectively on compute and network
nodes (i.e. nova\-api nodes should not have any of those files
installed).
.SS OPTIONS
.INDENT 0.0
.INDENT 3.5
\fBGeneral options\fP
.UNINDENT
.UNINDENT
.SS FILES
.INDENT 0.0
.IP \(bu 2
/etc/nova/nova.conf
.IP \(bu 2
/etc/nova/rootwrap.conf
.IP \(bu 2
/etc/nova/rootwrap.d/
.UNINDENT
.SS SEE ALSO
.INDENT 0.0
.IP \(bu 2
\fI\%OpenStack Nova\fP
.UNINDENT
.SS BUGS
.INDENT 0.0
.IP \(bu 2
Nova bugs are managed at Launchpad \fI\%Bugs : Nova\fP
.UNINDENT
.SH AUTHOR
OpenStack
.SH COPYRIGHT
2010-present, OpenStack Foundation
.\" Generated by docutils manpage writer.
.