Fix Quantum Rootwrap

Gerrit topic: https://review.openstack.org/#q,topic:bp/quantum-remove-rootwrap,n,z

Addressed by: https://review.openstack.org/11026
    Remove non-functioning quantum-rootwrap

[8/15/12] I (jrd) have been testing a fix, and expect to upload it as a WIP patch in the next few hours. I'm hoping we can slide it in for the Folsom release, rather then ripping the facility out.

Patch uploaded.

 https://review.openstack.org/11524

Review solicited.

TIA!

Reviewed: https://review.openstack.org/11524
Committed: http://github.com/openstack/quantum/commit/193d6997276d3efcfaf99e5fcca1354c8c8c4670
Submitter: Jenkins
Branch: master

commit 193d6997276d3efcfaf99e5fcca1354c8c8c4670
Author: John Dunning <email address hidden>
Date: Tue Aug 14 14:31:47 2012 -0400

    Update rootwrap; track changes in nova/cinder

    Fix bug 1037815

    Summary: Copy/paste the essential parts of the rootwrap
      mechanism from nova/cinder into quantum. This includes
      the core changes to filter.py and wrapper.py which deal
      with loading filters from files pointed to by
      rootwrap.conf
    Detailed changes:
      Transliterate the old rootwrap/*-agent.py files to
      new format, and put the results in etc/quantum/rootwrap.d
      Delete the *-agent.py files.
      Add conf to point to etc/quantum/rootwrap.d
      Add a unit test cribbed from nova to exercise the filter
      mechanism
      Add a unit test to exercise the actual filtered execution
    Note that as written, this patch does not set the default
      execute mechanism (in the agent .ini files) to rootwrap,
      leaves it as sudo. That can be done in a followon
      change, or in distro specific packaging.
    Note also that there is still work to do around finishing
      and testing the filter specs themselves. We've decided
      that that is out of scope for this patch.

    Change-Id: I9aba6adc5ba40b6145be5fa38c5ece3b666ae5ca