Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/neutron/files/neutron.prof_attr
author David Hollister <david.hollister@oracle.com>
Wed, 12 Oct 2016 14:01:13 -0600
changeset 7094 61352b4e5af5
parent 6031 1aaf20a19738
child 7225 aabff998909d
permissions -rw-r--r--
24797203 OpenStack RBAC profiles allow reading too many files 24797238 keystone RBAC and SMF should point at Apache log files 24797256 cinder RBAC and SMF should point at Apache log files 24830959 horizon RBAC and SMF should point at Apache log files

OpenStack Network Management:RO::\
Manage OpenStack Neutron:\
auths=solaris.admin.edit/etc/neutron/*.conf,\
solaris.admin.edit/etc/neutron/*.ini,\
solaris.admin.edit/etc/neutron/*.json,\
solaris.admin.edit/etc/neutron/plugins/*/*.ini,\
solaris.smf.manage.neutron,\
solaris.smf.value.neutron;\
defaultpriv={file_dac_read}\:/var/svc/log/application-openstack-neutron-*

OpenStack Management:RO:::profiles=OpenStack Network Management

neutron-agent:RO::\
Do not assign to users. \
Commands required for application/openstack/neutron agents:\
auths=solaris.network.interface.config,\
solaris.smf.manage.routing,\
solaris.smf.value.routing;\
profiles=Elastic Virtual Switch Administration,Network Firewall Management,\
Network IPsec Management,OVS Administration
upstream/oracle/userland-gate