Running 'keystone-manage fernet_setup' creates keystone.log with with root:root permissions, causing service failure
Bug #1604884 reported by
Chris Hoge
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| puppet-keystone |
Fix Released
|
Undecided
|
Ivan Berezovskiy | ||
Bug Description
When setting up fernet keys, running 'keystone-manage fernet_setup' creates keystone.log with root:root permissions, causing service startup failure. The keystone log file needs to be set with correct permissions to allow the openstack keystone service to start.
| Changed in puppet-keystone: | |
| assignee: | nobody → Ivan Berezovskiy (iberezovskiy) |
| status: | New → In Progress |
Revision history for this message
| OpenStack Infra (hudson-openstack) wrote Fix merged to puppet-keystone (master) | #1 |
| Changed in puppet-keystone: | |
| status: | In Progress → Fix Released |
Revision history for this message
| Doug Hellmann (doug-hellmann) wrote Fix included in openstack/puppet-keystone 9.2.0 | #2 |
To post a comment you must log in.
Reviewed: https:/
Committed: https:/
Submitter: Jenkins
Branch: master
commit c0fcdb5a0e6d6a1
Author: iberezovskiy <email address hidden>
Date: Tue Jun 28 00:40:54 2016 +0300
Changes around keystone-manage commands
* perform all keystone-manage commands only as keystone user
* as it possible to override keystone user in init class
we should also have an ability to override it in db::sync class
* ensure that fernet key directory is created before fernet
setup command and it's owned by keystone user
Closes-bug: #1604884
Change-Id: Ib90d8e2259b9a6