Activity log for bug #2051122

Date Who What changed Old value New value Message
2024-01-24 13:44:06 Franciszek Przewoźny bug added bug
2024-01-24 13:55:23 Franciszek Przewoźny description In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html ), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check uselessas it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes: - [ ] This doc is inaccurate in this way: ______ - [ ] This is a doc addition request. - [X] I have a fix to the document that I can paste below including example: input and output. If you have a troubleshooting or support issue, use the following resources: - The mailing list: https://lists.openstack.org - IRC: 'openstack' channel on OFTC ----------------------------------- Release: on 2023-09-26 05:17:42 SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7 Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst URL: https://docs.openstack.org/security-guide/identity/checklist.html In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html ), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check useless, as it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. Issue persists in Check-Identity-01 and Check-Identity-02 steps. This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes: - [ ] This doc is inaccurate in this way: ______ - [ ] This is a doc addition request. - [X] I have a fix to the document that I can paste below including example: input and output. If you have a troubleshooting or support issue, use the following resources:  - The mailing list: https://lists.openstack.org  - IRC: 'openstack' channel on OFTC ----------------------------------- Release: on 2023-09-26 05:17:42 SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7 Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst URL: https://docs.openstack.org/security-guide/identity/checklist.html
2024-01-24 13:55:31 Franciszek Przewoźny description In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html ), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check useless, as it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. Issue persists in Check-Identity-01 and Check-Identity-02 steps. This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes: - [ ] This doc is inaccurate in this way: ______ - [ ] This is a doc addition request. - [X] I have a fix to the document that I can paste below including example: input and output. If you have a troubleshooting or support issue, use the following resources:  - The mailing list: https://lists.openstack.org  - IRC: 'openstack' channel on OFTC ----------------------------------- Release: on 2023-09-26 05:17:42 SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7 Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst URL: https://docs.openstack.org/security-guide/identity/checklist.html In Security Guide checklist (https://docs.openstack.org/security-guide/identity/checklist.html ), user is advised to check whenever /etc/keystone/policy.json file has correct ownership. JSON formatted policy files are deprecated since Keystone 19.0.0 (Wallaby) (https://docs.openstack.org/keystone/latest/configuration/policy.html), so that makes this check useless, as it won't find policy.json file in newer deployments. It should be corrected to policy.yaml file, or should include both checks. Issue exists in Check-Identity-01 and Check-Identity-02 steps. This bug tracker is for errors with the documentation, use the following as a template and remove or add fields as you see fit. Convert [ ] into [x] to check boxes: - [ ] This doc is inaccurate in this way: ______ - [ ] This is a doc addition request. - [X] I have a fix to the document that I can paste below including example: input and output. If you have a troubleshooting or support issue, use the following resources:  - The mailing list: https://lists.openstack.org  - IRC: 'openstack' channel on OFTC ----------------------------------- Release: on 2023-09-26 05:17:42 SHA: a9f6c5f8f6dda96d9055f1ccdf8e3e31dc90c9f7 Source: https://opendev.org/openstack/security-doc/src/security-guide/source/identity/checklist.rst URL: https://docs.openstack.org/security-guide/identity/checklist.html