From 197ec91daa8c4d923128cdca92f834ff1409c9ec Mon Sep 17 00:00:00 2001
From: fpantano <fpantano@redhat.com>
Date: Tue, 26 Feb 2019 19:51:05 +0100
Subject: [PATCH 1/2] Added to the ceph-radosgw service template the ca-trust
 volume avoiding to expose useless information. This bug is referred to the
 following bugzilla:

https://bugzilla.redhat.com/show_bug.cgi?id=1683290

Signed-off-by: fpantano <fpantano@redhat.com>
---
 roles/ceph-rgw/templates/ceph-radosgw.service.j2 | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/ceph-rgw/templates/ceph-radosgw.service.j2 b/roles/ceph-rgw/templates/ceph-radosgw.service.j2
index 1e05a8cec9..4b327aad2e 100644
--- a/roles/ceph-rgw/templates/ceph-radosgw.service.j2
+++ b/roles/ceph-rgw/templates/ceph-radosgw.service.j2
@@ -17,6 +17,12 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
   -v /etc/ceph:/etc/ceph:z \
   -v /var/run/ceph:/var/run/ceph:z \
   -v /etc/localtime:/etc/localtime:ro \
+  {% if ansible_distribution == 'RedHat' -%}
+  -v /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro \
+  -v /etc/pki/ca-trust/source/anchors:/etc/pki/ca-trust/source/anchors:ro \
+  {% elif ansible_distribution == 'Ubuntu' -%}
+  -v /etc/ssl/certs:/etc/ssl/certs:ro \
+  {% endif -%}
   -e CEPH_DAEMON=RGW \
   -e CLUSTER={{ cluster }} \
   -e RGW_NAME={{ ansible_hostname }}.${INST_NAME} \

From 686f5a452df30ba59e02dbb266257cd21aabc684 Mon Sep 17 00:00:00 2001
From: fpantano <fpantano@redhat.com>
Date: Thu, 28 Feb 2019 08:55:48 +0100
Subject: [PATCH 2/2] Removed not needed mountpoint and removed ubuntu section

Referring to BZ#1683290, as dsavineau suggests, being this
bug tripleO specific, removed the ubuntu section and removed
useless mountpoints.

Signed-off-by: fpantano <fpantano@redhat.com>
---
 roles/ceph-rgw/templates/ceph-radosgw.service.j2 | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/roles/ceph-rgw/templates/ceph-radosgw.service.j2 b/roles/ceph-rgw/templates/ceph-radosgw.service.j2
index 4b327aad2e..489f2cdd2a 100644
--- a/roles/ceph-rgw/templates/ceph-radosgw.service.j2
+++ b/roles/ceph-rgw/templates/ceph-radosgw.service.j2
@@ -18,10 +18,7 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
   -v /var/run/ceph:/var/run/ceph:z \
   -v /etc/localtime:/etc/localtime:ro \
   {% if ansible_distribution == 'RedHat' -%}
-  -v /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:ro \
-  -v /etc/pki/ca-trust/source/anchors:/etc/pki/ca-trust/source/anchors:ro \
-  {% elif ansible_distribution == 'Ubuntu' -%}
-  -v /etc/ssl/certs:/etc/ssl/certs:ro \
+  -v /etc/pki/ca-trust/extracted:/etc/pki/ca-trust/extracted:z \
   {% endif -%}
   -e CEPH_DAEMON=RGW \
   -e CLUSTER={{ cluster }} \