author | David Hollister <david.hollister@oracle.com> |
Wed, 12 Oct 2016 14:01:13 -0600 | |
changeset 7094 | 61352b4e5af5 |
parent 6031 | 1aaf20a19738 |
permissions | -rw-r--r-- |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
1 |
OpenStack Compute Management:RO::\ |
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
2 |
Manage OpenStack Nova:\ |
3998
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
3652
diff
changeset
|
3 |
auths=solaris.admin.edit/etc/nova/*.conf,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
3652
diff
changeset
|
4 |
solaris.admin.edit/etc/nova/*.ini,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
3652
diff
changeset
|
5 |
solaris.admin.edit/etc/nova/*.json,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
3652
diff
changeset
|
6 |
solaris.smf.manage.nova,\ |
5bd484384122
PSARC 2015/110 OpenStack service updates for Juno
Danek Duvall <danek.duvall@oracle.com>
parents:
3652
diff
changeset
|
7 |
solaris.smf.value.nova;\ |
7094
61352b4e5af5
24797203 OpenStack RBAC profiles allow reading too many files
David Hollister <david.hollister@oracle.com>
parents:
6031
diff
changeset
|
8 |
defaultpriv={file_dac_read}\:/var/svc/log/application-openstack-nova-* |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
9 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
10 |
OpenStack Management:RO:::profiles=OpenStack Compute Management |
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
11 |
|
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
12 |
nova-compute:RO::\ |
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
13 |
Do not assign to users. \ |
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
14 |
Commands required for application/openstack/nova/nova-compute:\ |
3652
7e731a1b0b39
PSARC/2014/377 noVNC - A browser based VNC client
Niall Power <niall.power@oracle.com>
parents:
1944
diff
changeset
|
15 |
auths=solaris.smf.manage.nova,solaris.smf.modify,solaris.smf.value.nova;\ |
6031
1aaf20a19738
PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
5195
diff
changeset
|
16 |
profiles=OVS Administration,\ |
1aaf20a19738
PSARC/2016/251 OpenStack Neutron ML2 framework and OVS mechanism driver
Girish Moodalbail <Girish.Moodalbail@oracle.COM>
parents:
5195
diff
changeset
|
17 |
Unified Archive Administration,\ |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
18 |
Zone Management,\ |
5195
694672bf3c17
PSARC 2015/324 OpenStack Nova support for kernel zone live-migration
david.comay@oracle.com
parents:
3998
diff
changeset
|
19 |
Zone Migration,\ |
1760
353323c7bdc1
PSARC/2013/350 OpenStack for Solaris (Umbrella)
Drew Fisher <drew.fisher@oracle.com>
parents:
diff
changeset
|
20 |
Zone Security |