)]}'
{"nova/templates/bin/_ssh-start.sh.tpl":[{"author":{"_account_id":14525,"name":"Vasyl Saienko","email":"vsaienko@mirantis.com","username":"vsaienko"},"change_message_id":"e4fe7205cdb43dca463c4815f3a469b4350b6ae3","unresolved":false,"context_lines":[{"line_number":28,"context_line":"IFS\u003d\u0027\u0027"},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"# change shell and copy authorized keys for nova user"},{"line_number":31,"context_line":"usermod -s /bin/rbash nova"},{"line_number":32,"context_line":"install -Dm 440 -o nova -t /var/lib/nova/.ssh /root/.ssh/authorized_keys"},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"if [[ $(stat -c %U:%G ~nova/.ssh) !\u003d \"nova:nova\" ]]; then"}],"source_content_type":"text/x-smarty","patch_set":6,"id":"3fa7e38b_11a260ae","line":31,"range":{"start_line":31,"start_character":0,"end_line":31,"end_character":26},"updated":"2019-11-14 20:31:04.000000000","message":"this will fail","commit_id":"38536db4782903bac2611568efd3a071b2187323"},{"author":{"_account_id":16771,"name":"mpolenchuk","email":"mpolenchuk@mirantis.com","username":"mpolenchuk"},"change_message_id":"1b8615d82fcaf348e99192b5e1aa3e236dbb6aef","unresolved":false,"context_lines":[{"line_number":28,"context_line":"IFS\u003d\u0027\u0027"},{"line_number":29,"context_line":""},{"line_number":30,"context_line":"# change shell and copy authorized keys for nova user"},{"line_number":31,"context_line":"usermod -s /bin/rbash nova"},{"line_number":32,"context_line":"install -Dm 440 -o nova -t /var/lib/nova/.ssh /root/.ssh/authorized_keys"},{"line_number":33,"context_line":""},{"line_number":34,"context_line":"if [[ $(stat -c %U:%G ~nova/.ssh) !\u003d \"nova:nova\" ]]; then"}],"source_content_type":"text/x-smarty","patch_set":6,"id":"3fa7e38b_5bcbeba2","line":31,"range":{"start_line":31,"start_character":0,"end_line":31,"end_character":26},"in_reply_to":"3fa7e38b_11a260ae","updated":"2019-11-19 09:37:10.000000000","message":"indeed, that\u0027s why privileges for container are changed.","commit_id":"38536db4782903bac2611568efd3a071b2187323"}],"nova/templates/daemonset-compute.yaml":[{"author":{"_account_id":14525,"name":"Vasyl Saienko","email":"vsaienko@mirantis.com","username":"vsaienko"},"change_message_id":"0d19aa8e478645d3076cb4a8888a5071442b923c","unresolved":false,"context_lines":[{"line_number":328,"context_line":"              mountPath: /tmp"},{"line_number":329,"context_line":"            - name: varlibnova"},{"line_number":330,"context_line":"              mountPath: /var/lib/nova"},{"line_number":331,"context_line":"            - name: run"},{"line_number":332,"context_line":"              mountPath: /run"},{"line_number":333,"context_line":"            - name: nova-ssh"},{"line_number":334,"context_line":"              mountPath: /root/.ssh/authorized_keys"},{"line_number":335,"context_line":"              subPath: ssh-key-public"},{"line_number":336,"context_line":"            - name: nova-bin"}],"source_content_type":"text/x-yaml","patch_set":4,"id":"3fa7e38b_dba9777c","line":333,"range":{"start_line":331,"start_character":12,"end_line":333,"end_character":28},"updated":"2019-11-12 11:09:43.000000000","message":"this will conflict with pid file from ssh daemon  on host OS.","commit_id":"3b87a9ab4bbe33731eee350865bfc0f57789e79a"}],"nova/values.yaml":[{"author":{"_account_id":14525,"name":"Vasyl Saienko","email":"vsaienko@mirantis.com","username":"vsaienko"},"change_message_id":"0d19aa8e478645d3076cb4a8888a5071442b923c","unresolved":false,"context_lines":[{"line_number":2166,"context_line":"          readOnlyRootFilesystem: true"},{"line_number":2167,"context_line":"          privileged: true"},{"line_number":2168,"context_line":"        nova_compute_ssh:"},{"line_number":2169,"context_line":"          readOnlyRootFilesystem: true"},{"line_number":2170,"context_line":"          privileged: true"},{"line_number":2171,"context_line":"        nova_api_metadata_init:"},{"line_number":2172,"context_line":"          readOnlyRootFilesystem: true"}],"source_content_type":"text/x-yaml","patch_set":4,"id":"3fa7e38b_1bce2f5b","side":"PARENT","line":2169,"updated":"2019-11-12 11:09:43.000000000","message":"not related change.","commit_id":"259f9b3998b178bdb03101a67122843672728e61"},{"author":{"_account_id":23928,"name":"Pete Birley","email":"petebirley@gmail.com","username":"portdirect"},"change_message_id":"2fb062684c69864220714ac3c56b2b604ea16ebf","unresolved":false,"context_lines":[{"line_number":2167,"context_line":"          privileged: true"},{"line_number":2168,"context_line":"        nova_compute_ssh:"},{"line_number":2169,"context_line":"          privileged: true"},{"line_number":2170,"context_line":"          runAsUser: 0"},{"line_number":2171,"context_line":"        nova_api_metadata_init:"},{"line_number":2172,"context_line":"          readOnlyRootFilesystem: true"},{"line_number":2173,"context_line":"          allowPrivilegeEscalation: false"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3fa7e38b_c162c1d9","line":2170,"updated":"2019-11-14 13:39:35.000000000","message":"Why can we not run this as nova?","commit_id":"38536db4782903bac2611568efd3a071b2187323"},{"author":{"_account_id":14525,"name":"Vasyl Saienko","email":"vsaienko@mirantis.com","username":"vsaienko"},"change_message_id":"e4fe7205cdb43dca463c4815f3a469b4350b6ae3","unresolved":false,"context_lines":[{"line_number":2167,"context_line":"          privileged: true"},{"line_number":2168,"context_line":"        nova_compute_ssh:"},{"line_number":2169,"context_line":"          privileged: true"},{"line_number":2170,"context_line":"          runAsUser: 0"},{"line_number":2171,"context_line":"        nova_api_metadata_init:"},{"line_number":2172,"context_line":"          readOnlyRootFilesystem: true"},{"line_number":2173,"context_line":"          allowPrivilegeEscalation: false"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3fa7e38b_31ee7ced","line":2170,"in_reply_to":"3fa7e38b_a101c53b","updated":"2019-11-14 20:31:04.000000000","message":"not sure if root is required when binding to port \u003e 1024 need to check","commit_id":"38536db4782903bac2611568efd3a071b2187323"},{"author":{"_account_id":16771,"name":"mpolenchuk","email":"mpolenchuk@mirantis.com","username":"mpolenchuk"},"change_message_id":"1b8615d82fcaf348e99192b5e1aa3e236dbb6aef","unresolved":false,"context_lines":[{"line_number":2167,"context_line":"          privileged: true"},{"line_number":2168,"context_line":"        nova_compute_ssh:"},{"line_number":2169,"context_line":"          privileged: true"},{"line_number":2170,"context_line":"          runAsUser: 0"},{"line_number":2171,"context_line":"        nova_api_metadata_init:"},{"line_number":2172,"context_line":"          readOnlyRootFilesystem: true"},{"line_number":2173,"context_line":"          allowPrivilegeEscalation: false"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3fa7e38b_bbe0df28","line":2170,"in_reply_to":"3fa7e38b_c162c1d9","updated":"2019-11-19 09:37:10.000000000","message":"also root is needed for usermod operation (to change the shell)","commit_id":"38536db4782903bac2611568efd3a071b2187323"},{"author":{"_account_id":16771,"name":"mpolenchuk","email":"mpolenchuk@mirantis.com","username":"mpolenchuk"},"change_message_id":"e9526a356cb25695e8e002c04ccd5a608ee90ae9","unresolved":false,"context_lines":[{"line_number":2167,"context_line":"          privileged: true"},{"line_number":2168,"context_line":"        nova_compute_ssh:"},{"line_number":2169,"context_line":"          privileged: true"},{"line_number":2170,"context_line":"          runAsUser: 0"},{"line_number":2171,"context_line":"        nova_api_metadata_init:"},{"line_number":2172,"context_line":"          readOnlyRootFilesystem: true"},{"line_number":2173,"context_line":"          allowPrivilegeEscalation: false"}],"source_content_type":"text/x-yaml","patch_set":6,"id":"3fa7e38b_a101c53b","line":2170,"in_reply_to":"3fa7e38b_c162c1d9","updated":"2019-11-14 14:12:56.000000000","message":"it requires root privileges to run sshd daemon.","commit_id":"38536db4782903bac2611568efd3a071b2187323"}]}