author | David Hollister <david.hollister@oracle.com> |
Wed, 12 Oct 2016 14:01:13 -0600 | |
changeset 7094 | 61352b4e5af5 |
parent 3998 | 5bd484384122 |
permissions | -rw-r--r-- |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
1 |
OpenStack Identity Management:RO::\ |
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
2 |
Manage OpenStack Keystone:\ |
3998
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
1944
diff
changeset
|
3 |
auths=solaris.admin.edit/etc/keystone/*.conf,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
1944
diff
changeset
|
4 |
solaris.admin.edit/etc/keystone/*.ini,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
1944
diff
changeset
|
5 |
solaris.admin.edit/etc/keystone/*.json,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
1944
diff
changeset
|
6 |
solaris.admin.edit/etc/keystone/default_catalog.templates,\ |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
7 |
solaris.smf.manage.keystone,\ |
1944
56ac2df1785b
PSARC/2014/207 OpenStack Glance Update to Havana
Drew Fisher <drew.fisher@oracle.com>
parents:
1760
diff
changeset
|
8 |
solaris.smf.value.keystone;\ |
7094
61352b4e5af5
24797203 OpenStack RBAC profiles allow reading too many files
David Hollister <david.hollister@oracle.com>
parents:
3998
diff
changeset
|
9 |
defaultpriv={file_dac_read}\:/var/svc/log/application-openstack-keystone*,\ |
61352b4e5af5
24797203 OpenStack RBAC profiles allow reading too many files
David Hollister <david.hollister@oracle.com>
parents:
3998
diff
changeset
|
10 |
{file_dac_search}\:/var/log/keystone,\ |
61352b4e5af5
24797203 OpenStack RBAC profiles allow reading too many files
David Hollister <david.hollister@oracle.com>
parents:
3998
diff
changeset
|
11 |
{file_dac_read}\:/var/log/keystone/* |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
12 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
13 |
OpenStack Management:RO:::profiles=OpenStack Identity Management |