Comment 35 for bug 1715374

stack@train:~$ grep privsep /etc/nova/rootwrap.d/compute.filters
# os_brick.privileged.default oslo.privsep context
privsep-rootwrap-os_brick: RegExpFilter, privsep-helper, root, privsep-helper, --config-file, /etc/(?!\.\.).*, --privsep_context, os_brick.privileged.default, --privsep_sock_path, /tmp/.*
privsep-rootwrap-sys_admin: RegExpFilter, privsep-helper, root, privsep-helper, --config-file, /etc/(?!\.\.).*, --privsep_context, nova.privsep.sys_admin_pctxt, --privsep_sock_path, /tmp/.*
stack@train:~$
stack@train:~$ sudo systemctl status <email address hidden>
● <email address hidden> - Devstack <email address hidden>
   Loaded: loaded (/<email address hidden>; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2019-04-03 17:05:17 UTC; 8min ago
 Main PID: 19990 (nova-compute)
    Tasks: 29 (limit: 4915)
   CGroup: /<email address hidden>
           ├─19990 /usr/bin/python /usr/local/bin/nova-compute --config-file /etc/nova/nova-cpu.conf
           ├─20063 /usr/bin/python /usr/local/bin/privsep-helper --config-file /etc/nova/nova-cpu.conf --privsep_context vif_plug_ovs.privsep.vif_plug --privsep_sock_path /t
           └─20123 /usr/bin/python /usr/local/bin/privsep-helper --config-file /etc/nova/nova-cpu.conf --privsep_context nova.privsep.sys_admin_pctxt --privsep_sock_path /tm