Running 'keystone-manage fernet_setup' creates keystone.log with with root:root permissions, causing service failure
Bug #1604884 reported by
Chris Hoge
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
puppet-keystone |
Fix Released
|
Undecided
|
Ivan Berezovskiy |
Bug Description
When setting up fernet keys, running 'keystone-manage fernet_setup' creates keystone.log with root:root permissions, causing service startup failure. The keystone log file needs to be set with correct permissions to allow the openstack keystone service to start.
Changed in puppet-keystone: | |
assignee: | nobody → Ivan Berezovskiy (iberezovskiy) |
status: | New → In Progress |
To post a comment you must log in.
Reviewed: https:/ /review. openstack. org/334678 /git.openstack. org/cgit/ openstack/ puppet- keystone/ commit/ ?id=c0fcdb5a0e6 d6a1a69a0c7e5da 69d6d376d8d9a5
Committed: https:/
Submitter: Jenkins
Branch: master
commit c0fcdb5a0e6d6a1 a69a0c7e5da69d6 d376d8d9a5
Author: iberezovskiy <email address hidden>
Date: Tue Jun 28 00:40:54 2016 +0300
Changes around keystone-manage commands
* perform all keystone-manage commands only as keystone user
* as it possible to override keystone user in init class
we should also have an ability to override it in db::sync class
* ensure that fernet key directory is created before fernet
setup command and it's owned by keystone user
Closes-bug: #1604884
Change-Id: Ib90d8e2259b9a6 50a2edb5f0baf0e 68451b9abf6