commit e83cb05bf86ab797c83964e4287b5879297ecda0
Author: Alex Kavanagh <email address hidden>
Date: Wed Jan 15 15:15:06 2020 +0000
Implement Security Compiance option for password
This feature adds a "password-security-compliance" option to the
charm to enable setting of keys in the "[security_compliance]" section
of the keystone.conf file. This section was added in the Newton
release, and so this feature supports this from the Newton release.
It also protects the service accounts from two of the PCI-DSS options
but setting the user options 'ignore_password_expiry' and
'ignore_change_password_upon_first_use' to True to prevent the cloud
from being broken.
Reviewed: https:/ /review. opendev. org/702684 /git.openstack. org/cgit/ openstack/ charm-keystone/ commit/ ?id=e83cb05bf86 ab797c83964e428 7b5879297ecda0
Committed: https:/
Submitter: Zuul
Branch: master
commit e83cb05bf86ab79 7c83964e4287b58 79297ecda0
Author: Alex Kavanagh <email address hidden>
Date: Wed Jan 15 15:15:06 2020 +0000
Implement Security Compiance option for password
This feature adds a "password- security- compliance" option to the compliance] " section
charm to enable setting of keys in the "[security_
of the keystone.conf file. This section was added in the Newton
release, and so this feature supports this from the Newton release.
It also protects the service accounts from two of the PCI-DSS options password_ expiry' and change_ password_ upon_first_ use' to True to prevent the cloud
but setting the user options 'ignore_
'ignore_
from being broken.
Change-Id: If7c54fae731882 84bd9b03a53626c df52158b994
Closes-Bug: #1776688