[Bug 1869132] Re: [focal] /etc/keystone owned by root
Corey Bryant
corey.bryant at canonical.com
Thu Mar 26 15:50:05 UTC 2020
Ok the guidance for keystone is more strict. For keystone, /etc/
files/directories should be owned by keystone:keystone:
https://docs.openstack.org/security-guide/identity/checklist.html
** Changed in: keystone (Ubuntu)
Status: New => Triaged
** Changed in: keystone (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to keystone in Ubuntu.
https://bugs.launchpad.net/bugs/1869132
Title:
[focal] /etc/keystone owned by root
Status in keystone package in Ubuntu:
Triaged
Bug description:
root at juju-c9e7e0-4:/etc# dpkg -l keystone
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==============-============================================-============-====================================
ii keystone 2:17.0.0~b3~git2020032415.9f9040257-0ubuntu1 all OpenStack identity service - Daemons
root at juju-c9e7e0-4:/etc# ls -ld /etc
drwxr-xr-x 82 root root 154 Mar 26 06:51 /etc
root at juju-c9e7e0-4:/etc# ls -ld /etc/keystone
drwxr-x--- 3 root keystone 8 Mar 26 06:51 /etc/keystone
root at juju-c9e7e0-4:/etc# ls -l /etc/keystone
total 215
-rw-r----- 1 root keystone 2303 Mar 24 19:01 default_catalog.templates
-rw-r----- 1 root keystone 104730 Mar 24 19:02 keystone.conf
-rw-r----- 1 root keystone 96670 Mar 24 19:02 keystone.policy.yaml
-rw-r----- 1 root keystone 1046 Mar 24 19:02 logging.conf
drwxrwxr-x 2 keystone keystone 2 Mar 26 06:51 policy.d
-rw-r----- 1 root keystone 665 Mar 24 19:01 sso_callback_template.html
root at juju-c9e7e0-4:/etc#
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/1869132/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list