)]}'
{"/COMMIT_MSG":[{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"b55e76f1e23c684ede75b5bf73ff39cace184826","unresolved":true,"context_lines":[{"line_number":4,"context_line":"Commit:     Rafal Lewandowski \u003crafal@stackhpc.com\u003e"},{"line_number":5,"context_line":"CommitDate: 2024-10-21 15:04:58 +0200"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Fix missing tpm user in ubuntu nova containers"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"Closes-Bug: #2067050"},{"line_number":10,"context_line":"Change-Id: Ife426c073048ff27bdfd9f3af30aaaab8c2e4497"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":20,"id":"b3beee2c_0663230c","line":7,"range":{"start_line":7,"start_character":24,"end_line":7,"end_character":30},"updated":"2024-10-21 17:44:23.000000000","message":"Ubuntu/Debian only","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"445d42d5609fe0303de38deee63ef335db0ecaec","unresolved":false,"context_lines":[{"line_number":4,"context_line":"Commit:     Rafal Lewandowski \u003crafal@stackhpc.com\u003e"},{"line_number":5,"context_line":"CommitDate: 2024-10-21 15:04:58 +0200"},{"line_number":6,"context_line":""},{"line_number":7,"context_line":"Fix missing tpm user in ubuntu nova containers"},{"line_number":8,"context_line":""},{"line_number":9,"context_line":"Closes-Bug: #2067050"},{"line_number":10,"context_line":"Change-Id: Ife426c073048ff27bdfd9f3af30aaaab8c2e4497"}],"source_content_type":"text/x-gerrit-commit-message","patch_set":20,"id":"82fbf0c5_10d5da75","line":7,"range":{"start_line":7,"start_character":24,"end_line":7,"end_character":30},"in_reply_to":"b3beee2c_0663230c","updated":"2024-10-22 07:17:50.000000000","message":"Done","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"}],"/PATCHSET_LEVEL":[{"author":{"_account_id":15197,"name":"Pierre Riteau","email":"pierre@stackhpc.com","username":"priteau","status":"StackHPC"},"change_message_id":"b2d257735220b82813eb6dc589ad40b9b0cee306","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":3,"id":"1bf9d02e_b7b820ea","updated":"2024-10-10 10:36:54.000000000","message":"Thanks for updating the patch.","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":17669,"name":"Doug Szumski","email":"doug@stackhpc.com","username":"DougSzumski"},"change_message_id":"ac0d85b62c50f1ade1d8dbf45cae761898758bfc","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":12,"id":"52ffa24d_5d0a3f84","updated":"2024-10-11 16:32:15.000000000","message":"Syntax error breaks CI:\n\nhttps://zuul.opendev.org/t/openstack/build/241aec80d13f47149f1627c6ccfd219d/log/kolla/build/nova-base.log#334\n\nI think it\u0027s alright once that\u0027s fixed","commit_id":"c173e5dbc635323cd50acb02fc05c0138e37f7da"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"f67cf8f46adc12810f6113bd6d533abe2d616b1f","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":15,"id":"999d8175_0ae39e07","updated":"2024-10-12 10:52:25.000000000","message":"but anyway, I\u0027m against this behaviour","commit_id":"f0887a25f9a11967e6c666a86676b567c955436d"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"6d3c4aefda62a901f842997a37c41c4c2933acdf","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":18,"id":"84ec628d_f00c8371","updated":"2024-10-17 10:55:32.000000000","message":"recheck (kolla-ansible-ubuntu)","commit_id":"3bc2889d9d4f249b75b9e5ed905785fd34743dfd"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"ecc1c31bfdca2685b7732e76b3baeab80f2dc7bf","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":20,"id":"565021c1_040595b2","updated":"2024-10-21 18:06:34.000000000","message":"thanks for the patch, just a minor issue in addition to the reno comment","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"5aacb0b68836762df85188b94c3a27275d463e2e","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"6e465754_eccb647f","updated":"2024-10-22 11:53:34.000000000","message":"recheck(kolla-build-debian)","commit_id":"757cf4c14723a598ef827c3dc83aec6c3ca05324"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"40251f8576a24ce9a5983b4e2856a00e1068ac21","unresolved":false,"context_lines":[],"source_content_type":"","patch_set":21,"id":"396751ad_4c76e59c","updated":"2024-10-22 08:24:49.000000000","message":"thanks for the update","commit_id":"757cf4c14723a598ef827c3dc83aec6c3ca05324"}],"docker/nova/nova-base/Dockerfile.j2":[{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"022e0cb6fc45c6cadbd8070cf3a9ed1d2035ff2c","unresolved":true,"context_lines":[{"line_number":79,"context_line":"    \u0026\u0026 chmod 440 /etc/sudoers.d/kolla_nova_sudoers \\"},{"line_number":80,"context_line":"    \u0026\u0026 touch /usr/local/bin/kolla_nova_extend_start \\"},{"line_number":81,"context_line":"    \u0026\u0026 chmod 644 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_nova_extend_start"},{"line_number":82,"context_line":"    # \u0026\u0026 if $(grep -q \"^tss:\" /etc/passwd); then \\"},{"line_number":83,"context_line":"    #     useradd -c \"TPM software stack\" -d /var/lib/tpm -s /usr/sbin/nologin tss ; \\"},{"line_number":84,"context_line":"    #    fi"},{"line_number":85,"context_line":""},{"line_number":86,"context_line":"{% block nova_base_footer %}{% endblock %}"}],"source_content_type":"text/x-jinja2","patch_set":15,"id":"2681bead_b1e0b1ef","line":84,"range":{"start_line":82,"start_character":6,"end_line":84,"end_character":11},"updated":"2024-10-12 10:51:23.000000000","message":"id tss \u0026\u003e/dev/null || useradd -c \"TPM software stack\" -d /var/lib/tpm -s /usr/sbin/nologin tss\n\nmore trivial, without nested shell, and short enough","commit_id":"f0887a25f9a11967e6c666a86676b567c955436d"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"e70033d22acaec94a3430e272de1cc7bfa85b0e0","unresolved":false,"context_lines":[{"line_number":79,"context_line":"    \u0026\u0026 chmod 440 /etc/sudoers.d/kolla_nova_sudoers \\"},{"line_number":80,"context_line":"    \u0026\u0026 touch /usr/local/bin/kolla_nova_extend_start \\"},{"line_number":81,"context_line":"    \u0026\u0026 chmod 644 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_nova_extend_start"},{"line_number":82,"context_line":"    # \u0026\u0026 if $(grep -q \"^tss:\" /etc/passwd); then \\"},{"line_number":83,"context_line":"    #     useradd -c \"TPM software stack\" -d /var/lib/tpm -s /usr/sbin/nologin tss ; \\"},{"line_number":84,"context_line":"    #    fi"},{"line_number":85,"context_line":""},{"line_number":86,"context_line":"{% block nova_base_footer %}{% endblock %}"}],"source_content_type":"text/x-jinja2","patch_set":15,"id":"51671526_4cd91af3","line":84,"range":{"start_line":82,"start_character":6,"end_line":84,"end_character":11},"in_reply_to":"2681bead_b1e0b1ef","updated":"2024-10-14 11:46:36.000000000","message":"Acknowledged","commit_id":"f0887a25f9a11967e6c666a86676b567c955436d"},{"author":{"_account_id":23084,"name":"Bartosz Bezak","email":"bartosz@stackhpc.com","username":"b.bezak"},"change_message_id":"c7927bd2368bf9696484f6ed7d3e930db4c35667","unresolved":true,"context_lines":[{"line_number":79,"context_line":"    \u0026\u0026 chmod 440 /etc/sudoers.d/kolla_nova_sudoers \\"},{"line_number":80,"context_line":"    \u0026\u0026 touch /usr/local/bin/kolla_nova_extend_start \\"},{"line_number":81,"context_line":"    \u0026\u0026 chmod 644 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_nova_extend_start \\"},{"line_number":82,"context_line":"    \u0026\u0026 if ! $(grep -q \"^tss:\" /etc/passwd); then \\"},{"line_number":83,"context_line":"        useradd -c \"TPM software stack\" -d /var/lib/tpm -s /usr/sbin/nologin tss ; \\"},{"line_number":84,"context_line":"       fi"},{"line_number":85,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":18,"id":"5d8f7067_caff23f6","line":82,"updated":"2024-10-21 09:08:56.000000000","message":"I think sth like that would be cleaner and also would create user group and user as a system user\n\u0026\u0026 id -u tss \u003e/dev/null 2\u003e\u00261 || \\\n   useradd --system --user-group -c \"TPM software stack\" -d /var/lib/tpm -s /usr/sbin/nologin tss\n\n\nhowever wouldn\u0027t it be better to install tpm2-tss package? it also handles tss user creation and provides libraries to interact with tpm\nI\u0027ve checked tpm2-tss package set up user as follows:\ntss:x:59:59:Account used for TPM access:/dev/null:/sbin/nologin","commit_id":"3bc2889d9d4f249b75b9e5ed905785fd34743dfd"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"d7396acf394949456b8289d9e9e98f30d26c5058","unresolved":false,"context_lines":[{"line_number":79,"context_line":"    \u0026\u0026 chmod 440 /etc/sudoers.d/kolla_nova_sudoers \\"},{"line_number":80,"context_line":"    \u0026\u0026 touch /usr/local/bin/kolla_nova_extend_start \\"},{"line_number":81,"context_line":"    \u0026\u0026 chmod 644 /usr/local/bin/kolla_extend_start /usr/local/bin/kolla_nova_extend_start \\"},{"line_number":82,"context_line":"    \u0026\u0026 if ! $(grep -q \"^tss:\" /etc/passwd); then \\"},{"line_number":83,"context_line":"        useradd -c \"TPM software stack\" -d /var/lib/tpm -s /usr/sbin/nologin tss ; \\"},{"line_number":84,"context_line":"       fi"},{"line_number":85,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":18,"id":"261193a2_d7ae141e","line":82,"in_reply_to":"5d8f7067_caff23f6","updated":"2024-10-21 09:50:51.000000000","message":"Unfortunately this package is not available for Ubuntu, however I found out \ntpm2-tools add the user so I\u0027ll go with this one, cheers :).","commit_id":"3bc2889d9d4f249b75b9e5ed905785fd34743dfd"}],"docker/nova/nova-compute/Dockerfile.j2":[{"author":{"_account_id":15197,"name":"Pierre Riteau","email":"pierre@stackhpc.com","username":"priteau","status":"StackHPC"},"change_message_id":"d9ace1de3e64e11148879228a34d358a6d6c4b44","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":1,"id":"0d341739_4a7e9965","line":11,"updated":"2024-10-10 10:23:36.000000000","message":"I believe homedir needs to be an absolute path.","commit_id":"024ca6a4d5f54a114fffcba1fab982a00ad72ceb"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"90cd6f6bdbf1558e3ea52c1fce99d2713f7cae39","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":1,"id":"7b6f5ccf_a622ba38","line":11,"in_reply_to":"0d341739_4a7e9965","updated":"2024-10-10 10:34:44.000000000","message":"Done","commit_id":"024ca6a4d5f54a114fffcba1fab982a00ad72ceb"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"e4637b12dfee43d6c5996f2728b3d7ab79b89f01","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"65153056_916603de","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"updated":"2024-10-10 11:43:23.000000000","message":"/usr/sbin/nologin","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":17669,"name":"Doug Szumski","email":"doug@stackhpc.com","username":"DougSzumski"},"change_message_id":"ac0d85b62c50f1ade1d8dbf45cae761898758bfc","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"2a5b2b37_e59b199a","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"0c3cec07_6dcd06b6","updated":"2024-10-11 16:32:15.000000000","message":"I think Maksim was talking about adding the `tss` user in https://github.com/openstack/kolla/blob/master/kolla/common/users.py ?\n\nI suppose it\u0027s alright here. We\u0027re not copying any config in for that user.","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"a1e95406ddaab1d0e51eb0604e25af993299e4e6","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"d8c20c0d_e1060761","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"2a5b2b37_e59b199a","updated":"2024-10-11 16:34:43.000000000","message":"yep.","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"0398133fe6abdfdbebfc904f264b0e79221bece9","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"84f0dcc0_c997dcb0","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"65153056_916603de","updated":"2024-10-10 12:59:46.000000000","message":"configured TPM user has /bin/false","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"c648ffa4145a4db9427c612f651d16b5d374f456","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"d6c2ed26_7a0cc46e","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"84f0dcc0_c997dcb0","updated":"2024-10-10 13:47:00.000000000","message":"all non-interactive users in kolla configured with /usr/sbin/nologin\nBTW, shouldn\u0027t this be added in \u0027kolla/common/users.py\u0027","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"bed7f97718a7c003ad007298d696f4c2de902c41","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"0c3cec07_6dcd06b6","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"d6c2ed26_7a0cc46e","updated":"2024-10-10 14:12:35.000000000","message":"It\u0027s already in `kolla/common/users.py`.","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"afd23563ea276c5802f02227aca9c645b6be3fde","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027]) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":""},{"line_number":13,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"},{"line_number":14,"context_line":""}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"6cc3a63f_f37dd706","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"d8c20c0d_e1060761","updated":"2024-10-11 19:02:49.000000000","message":"It was there, the CI just failed because the user is created regardless if it exists and it does on Rocky 9. If it exists it throws `tss group already exists` error. So I went with useradd command approach after tss user check.","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":13252,"name":"Dr. Jens Harbott","display_name":"Jens Harbott (frickler)","email":"frickler@offenerstapel.de","username":"jrosenboom"},"change_message_id":"ecc1c31bfdca2685b7732e76b3baeab80f2dc7bf","unresolved":true,"context_lines":[{"line_number":73,"context_line":"        \u0027sasl2-bin\u0027,"},{"line_number":74,"context_line":"        \u0027swtpm\u0027,"},{"line_number":75,"context_line":"        \u0027swtpm-tools\u0027,"},{"line_number":76,"context_line":"        \u0027tpm2-tools\u0027,"},{"line_number":77,"context_line":"        \u0027sysfsutils\u0027,"},{"line_number":78,"context_line":"        \u0027targetcli-fb\u0027,"},{"line_number":79,"context_line":"        \u0027xfsprogs\u0027"}],"source_content_type":"text/x-jinja2","patch_set":20,"id":"48384870_f96d4cf3","line":76,"updated":"2024-10-21 18:06:34.000000000","message":"please preserve alphabetic ordering of the list","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"445d42d5609fe0303de38deee63ef335db0ecaec","unresolved":false,"context_lines":[{"line_number":73,"context_line":"        \u0027sasl2-bin\u0027,"},{"line_number":74,"context_line":"        \u0027swtpm\u0027,"},{"line_number":75,"context_line":"        \u0027swtpm-tools\u0027,"},{"line_number":76,"context_line":"        \u0027tpm2-tools\u0027,"},{"line_number":77,"context_line":"        \u0027sysfsutils\u0027,"},{"line_number":78,"context_line":"        \u0027targetcli-fb\u0027,"},{"line_number":79,"context_line":"        \u0027xfsprogs\u0027"}],"source_content_type":"text/x-jinja2","patch_set":20,"id":"61e478aa_f48ef051","line":76,"in_reply_to":"48384870_f96d4cf3","updated":"2024-10-22 07:17:50.000000000","message":"Done","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"}],"docker/nova/nova-libvirt/Dockerfile.j2":[{"author":{"_account_id":15197,"name":"Pierre Riteau","email":"pierre@stackhpc.com","username":"priteau","status":"StackHPC"},"change_message_id":"d9ace1de3e64e11148879228a34d358a6d6c4b44","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.configure_user(name\u003d\u0027nova\u0027, groups\u003d\u0027qemu\u0027) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027tpm\u0027) }}"},{"line_number":12,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027, \u0027openvswitch\u0027]) }}"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"}],"source_content_type":"text/x-jinja2","patch_set":1,"id":"be50a443_dd78ba37","line":11,"updated":"2024-10-10 10:23:36.000000000","message":"I believe homedir needs to be an absolute path.","commit_id":"024ca6a4d5f54a114fffcba1fab982a00ad72ceb"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"90cd6f6bdbf1558e3ea52c1fce99d2713f7cae39","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.configure_user(name\u003d\u0027nova\u0027, groups\u003d\u0027qemu\u0027) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027tpm\u0027) }}"},{"line_number":12,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027, \u0027openvswitch\u0027]) }}"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"}],"source_content_type":"text/x-jinja2","patch_set":1,"id":"053aad48_35ed5c4f","line":11,"in_reply_to":"be50a443_dd78ba37","updated":"2024-10-10 10:34:44.000000000","message":"Done","commit_id":"024ca6a4d5f54a114fffcba1fab982a00ad72ceb"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"e4637b12dfee43d6c5996f2728b3d7ab79b89f01","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.configure_user(name\u003d\u0027nova\u0027, groups\u003d\u0027qemu\u0027) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027, \u0027openvswitch\u0027]) }}"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"08209fdb_36427f4c","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"updated":"2024-10-10 11:43:23.000000000","message":"/usr/sbin/nologin","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"0398133fe6abdfdbebfc904f264b0e79221bece9","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.configure_user(name\u003d\u0027nova\u0027, groups\u003d\u0027qemu\u0027) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027, \u0027openvswitch\u0027]) }}"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"b54027dc_618c00d2","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"08209fdb_36427f4c","updated":"2024-10-10 12:59:46.000000000","message":"configured TPM user has /bin/false","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"bed7f97718a7c003ad007298d696f4c2de902c41","unresolved":false,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.configure_user(name\u003d\u0027nova\u0027, groups\u003d\u0027qemu\u0027) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027, \u0027openvswitch\u0027]) }}"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"8840c025_f768ad27","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"5244a795_3b57f7e5","updated":"2024-10-10 14:12:35.000000000","message":"Done","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"c648ffa4145a4db9427c612f651d16b5d374f456","unresolved":true,"context_lines":[{"line_number":8,"context_line":"{% import \"macros.j2\" as macros with context %}"},{"line_number":9,"context_line":""},{"line_number":10,"context_line":"{{ macros.configure_user(name\u003d\u0027nova\u0027, groups\u003d\u0027qemu\u0027) }}"},{"line_number":11,"context_line":"{{ macros.configure_user(name\u003d\u0027tss\u0027,  shell\u003d\u0027/bin/false\u0027, homedir\u003d\u0027/var/lib/tpm\u0027) }}"},{"line_number":12,"context_line":"{{ macros.enable_extra_repos([\u0027ceph\u0027, \u0027epel\u0027, \u0027openvswitch\u0027]) }}"},{"line_number":13,"context_line":""},{"line_number":14,"context_line":"{% if base_package_type \u003d\u003d \u0027rpm\u0027 %}"}],"source_content_type":"text/x-jinja2","patch_set":3,"id":"5244a795_3b57f7e5","line":11,"range":{"start_line":11,"start_character":45,"end_line":11,"end_character":55},"in_reply_to":"b54027dc_618c00d2","updated":"2024-10-10 13:47:00.000000000","message":"ditto","commit_id":"9f0d7b8b820ae9033acab9fce6ca6978fe9e88d8"}],"releasenotes/notes/fix_nova_tpm_user-98f56190196a00d2.yaml":[{"author":{"_account_id":15197,"name":"Pierre Riteau","email":"pierre@stackhpc.com","username":"priteau","status":"StackHPC"},"change_message_id":"d9ace1de3e64e11148879228a34d358a6d6c4b44","unresolved":true,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"fixes:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Add missing tpm user for nova-compute and nova-libvirt containers."}],"source_content_type":"text/x-yaml","patch_set":1,"id":"eb52df1d_af482801","line":1,"updated":"2024-10-10 10:23:36.000000000","message":"Missing new line at end of file.","commit_id":"024ca6a4d5f54a114fffcba1fab982a00ad72ceb"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"90cd6f6bdbf1558e3ea52c1fce99d2713f7cae39","unresolved":false,"context_lines":[{"line_number":1,"context_line":"---"},{"line_number":2,"context_line":"fixes:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Add missing tpm user for nova-compute and nova-libvirt containers."}],"source_content_type":"text/x-yaml","patch_set":1,"id":"9a216a4f_d3ba385f","line":1,"in_reply_to":"eb52df1d_af482801","updated":"2024-10-10 10:34:44.000000000","message":"Done","commit_id":"024ca6a4d5f54a114fffcba1fab982a00ad72ceb"},{"author":{"_account_id":14200,"name":"Maksim Malchuk","email":"maksim.malchuk@gmail.com","username":"mmalchuk"},"change_message_id":"b55e76f1e23c684ede75b5bf73ff39cace184826","unresolved":true,"context_lines":[{"line_number":2,"context_line":"fixes:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Fixes missing tpm user for nova-compute and nova-libvirt containers"},{"line_number":5,"context_line":"    by adding tpm2-tools package to ubuntu nova containers."},{"line_number":6,"context_line":"    `LP#2067050 \u003chttps://bugs.launchpad.net/kolla/+bug/2067050\u003e`__"}],"source_content_type":"text/x-yaml","patch_set":20,"id":"1a1aaf41_05ce1b51","line":5,"range":{"start_line":5,"start_character":36,"end_line":5,"end_character":42},"updated":"2024-10-21 17:44:23.000000000","message":"Ubuntu/Debian only","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"},{"author":{"_account_id":34940,"name":"Rafal Lewandowski","display_name":"Rafal Lewandowski","email":"rafal@stackhpc.com","username":"rav"},"change_message_id":"445d42d5609fe0303de38deee63ef335db0ecaec","unresolved":false,"context_lines":[{"line_number":2,"context_line":"fixes:"},{"line_number":3,"context_line":"  - |"},{"line_number":4,"context_line":"    Fixes missing tpm user for nova-compute and nova-libvirt containers"},{"line_number":5,"context_line":"    by adding tpm2-tools package to ubuntu nova containers."},{"line_number":6,"context_line":"    `LP#2067050 \u003chttps://bugs.launchpad.net/kolla/+bug/2067050\u003e`__"}],"source_content_type":"text/x-yaml","patch_set":20,"id":"4d7a4710_af95df3b","line":5,"range":{"start_line":5,"start_character":36,"end_line":5,"end_character":42},"in_reply_to":"1a1aaf41_05ce1b51","updated":"2024-10-22 07:17:50.000000000","message":"Done","commit_id":"b4fccda1d0ea9d5daff8ebd8721d925670346cc3"}]}