From 3816fa5983d22bb079157c8e053af4d43b67512b Mon Sep 17 00:00:00 2001 From: James Slagle Date: Tue, 21 Jan 2025 15:33:05 -0500 Subject: [PATCH] Install edpm-container-shutdown to /var The script can't be installed to /usr/libexec when using bootc. Use /var/local/libexec instead. Signed-off-by: James Slagle --- .../files/edpm-container-shutdown-service | 2 +- roles/edpm_container_manage/tasks/shutdown.yml | 11 +++++++++-- .../templates/systemd-service.j2 | 2 +- roles/edpm_frr/tasks/run.yml | 2 +- roles/edpm_iscsid/tasks/run.yml | 2 +- roles/edpm_multipathd/tasks/run.yml | 2 +- roles/edpm_neutron_dhcp/tasks/run.yml | 2 +- roles/edpm_neutron_metadata/tasks/run.yml | 2 +- roles/edpm_neutron_ovn/tasks/run.yml | 2 +- roles/edpm_neutron_sriov/tasks/run.yml | 2 +- roles/edpm_ovn/tasks/run.yml | 2 +- roles/edpm_ovn_bgp_agent/tasks/run.yml | 2 +- roles/edpm_ovn_bgp_agent/tasks/run_ovn.yml | 2 +- roles/edpm_swift/tasks/run.yml | 2 +- 14 files changed, 22 insertions(+), 15 deletions(-) diff --git a/roles/edpm_container_manage/files/edpm-container-shutdown-service b/roles/edpm_container_manage/files/edpm-container-shutdown-service index 7ab64b2db..150dd7c58 100644 --- a/roles/edpm_container_manage/files/edpm-container-shutdown-service +++ b/roles/edpm_container_manage/files/edpm-container-shutdown-service @@ -11,7 +11,7 @@ RefuseManualStop=yes Type=oneshot ExecStart=/bin/true RemainAfterExit=yes -ExecStop=/usr/libexec/edpm-container-shutdown +ExecStop=/var/local/libexec/edpm-container-shutdown # Wait at most 900 seconds for all containers to shutdown TimeoutStopSec=900 diff --git a/roles/edpm_container_manage/tasks/shutdown.yml b/roles/edpm_container_manage/tasks/shutdown.yml index 2c0153b4c..cec993714 100644 --- a/roles/edpm_container_manage/tasks/shutdown.yml +++ b/roles/edpm_container_manage/tasks/shutdown.yml @@ -17,17 +17,24 @@ - name: Create EDPM Container systemd service become: true block: + - name: "Create /var/local/libexec dir" + file: + state: directory + path: /var/local/libexec + recurse: true + setype: container_file_t + - name: "Deploy edpm-container-shutdown and edpm-start-podman-container" ansible.builtin.copy: src: "{{ role_path }}/files/{{ item }}" - dest: "/usr/libexec/{{ item }}" + dest: "/var/local/libexec/{{ item }}" mode: '0700' owner: root group: root + setype: container_file_t loop: - 'edpm-container-shutdown' - 'edpm-start-podman-container' - when: not edpm_use_bootc - name: "Create systemd preset dir" ansible.builtin.file: diff --git a/roles/edpm_container_manage/templates/systemd-service.j2 b/roles/edpm_container_manage/templates/systemd-service.j2 index e8b0aeecb..2ed10ecc8 100644 --- a/roles/edpm_container_manage/templates/systemd-service.j2 +++ b/roles/edpm_container_manage/templates/systemd-service.j2 @@ -8,7 +8,7 @@ Wants={{ lookup('dict', container_data_unit).value.depends_on | default([]) | jo [Service] Restart=always {% if lookup('dict', container_data_unit).value.depends_on is defined and (lookup('dict', container_data_unit).value.depends_on | length > 0) and podman_drop_in | default('false') %} -ExecStart=/usr/libexec/edpm-start-podman-container {{ lookup('dict', container_data_unit).key }} +ExecStart=/var/local/libexec/edpm-start-podman-container {{ lookup('dict', container_data_unit).key }} {% else %} ExecStart=/usr/bin/podman start {{ lookup('dict', container_data_unit).key }} {% endif %} diff --git a/roles/edpm_frr/tasks/run.yml b/roles/edpm_frr/tasks/run.yml index 9cf409fe9..a90786358 100644 --- a/roles/edpm_frr/tasks/run.yml +++ b/roles/edpm_frr/tasks/run.yml @@ -14,7 +14,7 @@ # License for the specific language governing permissions and limitations # under the License. -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_iscsid/tasks/run.yml b/roles/edpm_iscsid/tasks/run.yml index 4ad60cbe1..417309538 100644 --- a/roles/edpm_iscsid/tasks/run.yml +++ b/roles/edpm_iscsid/tasks/run.yml @@ -14,7 +14,7 @@ # License for the specific language governing permissions and limitations # under the License. -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_multipathd/tasks/run.yml b/roles/edpm_multipathd/tasks/run.yml index 42988f15a..4d7e7214f 100644 --- a/roles/edpm_multipathd/tasks/run.yml +++ b/roles/edpm_multipathd/tasks/run.yml @@ -14,7 +14,7 @@ # License for the specific language governing permissions and limitations # under the License. -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_neutron_dhcp/tasks/run.yml b/roles/edpm_neutron_dhcp/tasks/run.yml index ae0760fb2..4b3d36e16 100644 --- a/roles/edpm_neutron_dhcp/tasks/run.yml +++ b/roles/edpm_neutron_dhcp/tasks/run.yml @@ -27,7 +27,7 @@ - "{{ edpm_neutron_dhcp_tls_cacert_bundle_src }}:{{ edpm_neutron_dhcp_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_neutron_metadata/tasks/run.yml b/roles/edpm_neutron_metadata/tasks/run.yml index bc46b251d..565d9271d 100644 --- a/roles/edpm_neutron_metadata/tasks/run.yml +++ b/roles/edpm_neutron_metadata/tasks/run.yml @@ -27,7 +27,7 @@ - "{{ edpm_neutron_metadata_tls_cacert_bundle_src }}:{{ edpm_neutron_metadata_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_neutron_ovn/tasks/run.yml b/roles/edpm_neutron_ovn/tasks/run.yml index 8e4305f51..49a82a045 100644 --- a/roles/edpm_neutron_ovn/tasks/run.yml +++ b/roles/edpm_neutron_ovn/tasks/run.yml @@ -27,7 +27,7 @@ - "{{ edpm_neutron_ovn_tls_cacert_bundle_src }}:{{ edpm_neutron_ovn_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_neutron_sriov/tasks/run.yml b/roles/edpm_neutron_sriov/tasks/run.yml index a2600212e..4b264fd16 100644 --- a/roles/edpm_neutron_sriov/tasks/run.yml +++ b/roles/edpm_neutron_sriov/tasks/run.yml @@ -27,7 +27,7 @@ - "{{ edpm_neutron_sriov_tls_cacert_bundle_src }}:{{ edpm_neutron_sriov_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_ovn/tasks/run.yml b/roles/edpm_ovn/tasks/run.yml index 2571db040..7fec6937f 100644 --- a/roles/edpm_ovn/tasks/run.yml +++ b/roles/edpm_ovn/tasks/run.yml @@ -27,7 +27,7 @@ - "{{ edpm_ovn_controller_tls_cacert_bundle_src }}:{{ edpm_ovn_controller_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_ovn_bgp_agent/tasks/run.yml b/roles/edpm_ovn_bgp_agent/tasks/run.yml index 1440b4b4a..be7378975 100644 --- a/roles/edpm_ovn_bgp_agent/tasks/run.yml +++ b/roles/edpm_ovn_bgp_agent/tasks/run.yml @@ -27,7 +27,7 @@ - "{{ edpm_ovn_bgp_agent_tls_cacert_bundle_src }}:{{ edpm_ovn_bgp_agent_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: osp.edpm.edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_ovn_bgp_agent/tasks/run_ovn.yml b/roles/edpm_ovn_bgp_agent/tasks/run_ovn.yml index eb0987fe3..deb18e4f3 100644 --- a/roles/edpm_ovn_bgp_agent/tasks/run_ovn.yml +++ b/roles/edpm_ovn_bgp_agent/tasks/run_ovn.yml @@ -27,7 +27,7 @@ - "{{ edpm_ovn_bgp_agent_tls_cacert_bundle_src }}:{{ edpm_ovn_bgp_agent_tls_cacert_bundle_dest }}:ro,z" when: cacert_bundle_exists.stat.exists -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml diff --git a/roles/edpm_swift/tasks/run.yml b/roles/edpm_swift/tasks/run.yml index 371fcdafe..39bb9422a 100644 --- a/roles/edpm_swift/tasks/run.yml +++ b/roles/edpm_swift/tasks/run.yml @@ -14,7 +14,7 @@ # License for the specific language governing permissions and limitations # under the License. -- name: Ensure /usr/libexec/edpm-start-podman-container exists +- name: Ensure /var/local/libexec/edpm-start-podman-container exists ansible.builtin.import_role: name: edpm_container_manage tasks_from: shutdown.yml