2024-01-24 13:55:23 |
Franciszek Przewoźny |
description |
In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html
), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check uselessas it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks.
This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes:
- [ ] This doc is inaccurate in this way: ______
- [ ] This is a doc addition request.
- [X] I have a fix to the document that I can paste below including example: input and output.
If you have a troubleshooting or support issue, use the following resources:
- The mailing list: https://lists.openstack.org
- IRC: 'openstack' channel on OFTC
-----------------------------------
Release: on 2023-09-26 05:17:42
SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7
Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst
URL: https://docs.openstack.org/security-guide/identity/checklist.html |
In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html
), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check useless, as it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. Issue persists in Check-Identity-01 and Check-Identity-02 steps.
This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes:
- [ ] This doc is inaccurate in this way: ______
- [ ] This is a doc addition request.
- [X] I have a fix to the document that I can paste below including example: input and output.
If you have a troubleshooting or support issue, use the following resources:
- The mailing list: https://lists.openstack.org
- IRC: 'openstack' channel on OFTC
-----------------------------------
Release: on 2023-09-26 05:17:42
SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7
Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst
URL: https://docs.openstack.org/security-guide/identity/checklist.html |
|
2024-01-24 13:55:31 |
Franciszek Przewoźny |
description |
In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html
), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check useless, as it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. Issue persists in Check-Identity-01 and Check-Identity-02 steps.
This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes:
- [ ] This doc is inaccurate in this way: ______
- [ ] This is a doc addition request.
- [X] I have a fix to the document that I can paste below including example: input and output.
If you have a troubleshooting or support issue, use the following resources:
- The mailing list: https://lists.openstack.org
- IRC: 'openstack' channel on OFTC
-----------------------------------
Release: on 2023-09-26 05:17:42
SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7
Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst
URL: https://docs.openstack.org/security-guide/identity/checklist.html |
In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html
), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check useless, as it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. Issue exists in Check-Identity-01 and Check-Identity-02 steps.
This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes:
- [ ] This doc is inaccurate in this way: ______
- [ ] This is a doc addition request.
- [X] I have a fix to the document that I can paste below including example: input and output.
If you have a troubleshooting or support issue, use the following resources:
- The mailing list: https://lists.openstack.org
- IRC: 'openstack' channel on OFTC
-----------------------------------
Release: on 2023-09-26 05:17:42
SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7
Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst
URL: https://docs.openstack.org/security-guide/identity/checklist.html |
|