Re: [Rdo-list] No /usr/share/keystone/keystone-paste.ini in openstack-keystone-2015.1.0-1.el7.noarch.rpm
----- Original Message -----
From: "Alan Pevec" <apevec(a)gmail.com>
To: "Steve Gordon" <sgordon(a)redhat.com>, nkinder(a)redhat.com
2015-05-25 14:29 GMT+02:00 Steve Gordon <sgordon(a)redhat.com>:
> OK, but in this case the keystone-paste.ini we are using in RDO includes
> the admin_token_auth directives that the documentation patch is
> endeavoring to remove [1] and the RHEL-OSP 7 beta packages I took a look
> at don't. Which is correct?
It is an upstream bug and potential security issue which should be
fixed instead of working around in documentation and deployment tools:
https://review.openstack.org/185464
Cheers,
Alan
Thanks Alan,
Just to be explicit you are saying it is enough if the documentation is updated to set
admin_token = <None> in the /etc/keystone/keystone.conf and the fact that
/usr/share/keystone/keystone-dist-paste.ini contains admin_token_auth directives is
irrelevant if this is the case?
Thanks,
Steve