24797203 OpenStack RBAC profiles allow reading too many files
24797238 keystone RBAC and SMF should point at Apache log files
24797256 cinder RBAC and SMF should point at Apache log files
24830959 horizon RBAC and SMF should point at Apache log files
OpenStack Block Storage Management:RO::\
Manage OpenStack Cinder:\
auths=solaris.admin.edit/etc/cinder/*.conf,\
solaris.admin.edit/etc/cinder/*.ini,\
solaris.admin.edit/etc/cinder/*.json,\
solaris.smf.manage.cinder,\
solaris.smf.value.cinder;\
defaultpriv={file_dac_search}\:/var/log/cinder,\
{file_dac_read}\:/var/log/cinder/*,\
{file_dac_read}\:/var/svc/log/application-openstack-cinder-*
OpenStack Management:RO:::profiles=OpenStack Block Storage Management
cinder-volume:RO::\
Do not assign to users. \
Commands required for application/openstack/cinder/cinder-volume: