24797203 OpenStack RBAC profiles allow reading too many files
24797238 keystone RBAC and SMF should point at Apache log files
24797256 cinder RBAC and SMF should point at Apache log files
24830959 horizon RBAC and SMF should point at Apache log files
OpenStack Network Management:RO::\
Manage OpenStack Neutron:\
auths=solaris.admin.edit/etc/neutron/*.conf,\
solaris.admin.edit/etc/neutron/*.ini,\
solaris.admin.edit/etc/neutron/*.json,\
solaris.admin.edit/etc/neutron/plugins/*/*.ini,\
solaris.smf.manage.neutron,\
solaris.smf.value.neutron;\
defaultpriv={file_dac_read}\:/var/svc/log/application-openstack-neutron-*
OpenStack Management:RO:::profiles=OpenStack Network Management
neutron-agent:RO::\
Do not assign to users. \
Commands required for application/openstack/neutron agents:\
auths=solaris.network.interface.config,\
solaris.smf.manage.routing,\
solaris.smf.value.routing;\
profiles=Elastic Virtual Switch Administration,Network Firewall Management,\
Network IPsec Management,OVS Administration