@@ -885,6 +885,12 @@ function _configure_neutron_common {
885885
886886 cp $NEUTRON_DIR /etc/neutron.conf $NEUTRON_CONF
887887
888+ Q_POLICY_FILE=$NEUTRON_CONF_DIR /policy.json
889+ cp $NEUTRON_DIR /etc/policy.json $Q_POLICY_FILE
890+
891+ # allow neutron user to administer neutron to match neutron account
892+ sed -i ' s/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE
893+
888894 # Set plugin-specific variables ``Q_DB_NAME``, ``Q_PLUGIN_CLASS``.
889895 # For main plugin config file, set ``Q_PLUGIN_CONF_PATH``, ``Q_PLUGIN_CONF_FILENAME``.
890896 # For addition plugin config files, set ``Q_PLUGIN_EXTRA_CONF_PATH``,
@@ -1111,13 +1117,7 @@ function _configure_neutron_plugin_agent {
11111117# It is called when q-svc is enabled.
11121118function _configure_neutron_service {
11131119 Q_API_PASTE_FILE=$NEUTRON_CONF_DIR /api-paste.ini
1114- Q_POLICY_FILE=$NEUTRON_CONF_DIR /policy.json
1115-
11161120 cp $NEUTRON_DIR /etc/api-paste.ini $Q_API_PASTE_FILE
1117- cp $NEUTRON_DIR /etc/policy.json $Q_POLICY_FILE
1118-
1119- # allow neutron user to administer neutron to match neutron account
1120- sed -i ' s/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE
11211121
11221122 # Update either configuration file with plugin
11231123 iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS
0 commit comments