Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openstack/nova/files/nova.prof_attr
author David Hollister <david.hollister@oracle.com>
Wed, 12 Oct 2016 14:01:13 -0600
changeset 7094 61352b4e5af5
parent 6031 1aaf20a19738
permissions -rw-r--r--
24797203 OpenStack RBAC profiles allow reading too many files 24797238 keystone RBAC and SMF should point at Apache log files 24797256 cinder RBAC and SMF should point at Apache log files 24830959 horizon RBAC and SMF should point at Apache log files

OpenStack Compute Management:RO::\
Manage OpenStack Nova:\
auths=solaris.admin.edit/etc/nova/*.conf,\
solaris.admin.edit/etc/nova/*.ini,\
solaris.admin.edit/etc/nova/*.json,\
solaris.smf.manage.nova,\
solaris.smf.value.nova;\
defaultpriv={file_dac_read}\:/var/svc/log/application-openstack-nova-*

OpenStack Management:RO:::profiles=OpenStack Compute Management

nova-compute:RO::\
Do not assign to users. \
Commands required for application/openstack/nova/nova-compute:\
auths=solaris.smf.manage.nova,solaris.smf.modify,solaris.smf.value.nova;\
profiles=OVS Administration,\
Unified Archive Administration,\
Zone Management,\
Zone Migration,\
Zone Security
upstream/oracle/userland-gate