Hello community, here is the log from the commit of package openstack-keystone for openSUSE:Factory checked in at 2013-04-29 14:09:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openstack-keystone (Old) and /work/SRC/openSUSE:Factory/.openstack-keystone.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openstack-keystone", Maintainer is "[email protected]" Changes: -------- --- /work/SRC/openSUSE:Factory/openstack-keystone/openstack-keystone-doc.changes 2013-01-17 15:14:51.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone-doc.changes 2013-04-29 14:09:43.000000000 +0200 @@ -1,0 +2,10 @@ +Mon Mar 18 10:41:35 UTC 2013 - [email protected] + +- Drop +git.$TIMESTAMP.$COMMITHASH version suffix + +------------------------------------------------------------------- +Fri Feb 22 10:25:35 UTC 2013 - [email protected] + +- Require openstack-suse-macros instead of openstack-macros + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/openstack-keystone/openstack-keystone.changes 2013-04-17 23:13:05.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone.changes 2013-04-29 14:09:43.000000000 +0200 @@ -0,0 +1,82 @@ +------------------------------------------------------------------- +Thu Apr 4 16:27:44 UTC 2013 - [email protected] + +- update to grizzly branch + +------------------------------------------------------------------- +Tue Apr 2 08:48:35 UTC 2013 - [email protected] + +- Update to version 2013.1.rc3 + +------------------------------------------------------------------- +Thu Mar 28 10:49:54 UTC 2013 - [email protected] + +- update to 2013.1.rc2 + +------------------------------------------------------------------- +Tue Mar 26 12:44:27 UTC 2013 - [email protected] + +- downgrade to 2013.1 + +-------------------------------------------------------------------- +Mon Mar 25 13:52:34 UTC 2013 - [email protected] + +- Update to version 2013.2.a338.gbceee56: + + Fix XML handling of member links (bug 1156594) + + Test default_project_id scoping (bug 1023502) + + Ensure delete domain removes all owned entities + + Utilize legacy_endpoint_id column (bug 1154918) + + Pass project membership as dict in migration 015. + + V2, V3 token intermix for unscoped tokens (bug 1156913) + + Revise docs to use keystoneclient.middleware.auth_token + + Fix live ldap tests + + Support for LDAP groups (bug #1092187) + + Correct spacing in warning msg + + Validate domains unconditionally (bug 1130236) + + Prohibit V3 V2 token intermix for resource in non-default domain (bug 1157430) + + Properly handle emulated ldap enablement + + Wrap config module and require manual setup (bug 1143998) + + Enable emulation for domains + + Allow trusts to be optional + + Version bump to 2013.2 + + Add a dereference option for ldap + + Move trusts to extension + + Make versions aware of enabled pipelines. + + Imported Translations from Transifex + + Rework S3Token middleware tests. + + Rename trust extension. + +------------------------------------------------------------------- +Mon Mar 18 10:41:29 UTC 2013 - [email protected] + +- Drop +git.$TIMESTAMP.$COMMITHASH version suffix + +-------------------------------------------------------------------- +Sun Mar 17 11:28:35 UTC 2013 - [email protected] + +- Update to version 2013.1.a301.g16b4643+git.1363519715.16b4643: + + Explain LDAP page_size & default value + + Catch and log server exceptions + + Filter out legacy_endpoint_id (bug 1152635) + + Ensure tokens are revoked for relevant v3 api calls + + Switch to final 1.1.0 oslo.config release + + Added test cases to improve LDAP project testing + + Migrate roles from metadata to user_project_metadata + + duplicated trust tests + + quiet route logging on skipped tests + + Remove TODO that didn't land in grizzly + + No parent exception to wrap + + Remove duplicate password/token opts. + + Fixes bug 1151747: broken XML translation for resource collections + + xml_body returns backtrace on XMLSyntaxError + + extracting user and trust ids into normalized fields + + Discard null endpoints (bug 1152632) +- remove keystone-cs24277.diff: + * merged upstream + +------------------------------------------------------------------- +Wed Mar 13 10:17:48 UTC 2013 - [email protected] + +- add keystone-cs24277.diff: + * make keystone start again + @@ -2 +84 @@ -Wed Mar 20 16:27:29 UTC 2013 - [email protected] +Wed Mar 13 00:17:24 UTC 2013 - [email protected] @@ -4,2 +86,57 @@ -- Update to version 2012.2.4+git.1363796849.255b1d4: - + validate from backend (lp#1129713, bnc#809590, CVE-2013-1865) +- Update to version 2013.1.a271.g45228ca+git.1363133844.45228ca: + + cleanup trusts in controllers + + remove spurious roles check + + add belongs_to check + + Improve tests for api protection and filtering + +------------------------------------------------------------------- +Tue Mar 12 10:44:59 UTC 2013 - [email protected] + +- require python-oslo.config + +-------------------------------------------------------------------- +Tue Mar 12 00:10:56 UTC 2013 - [email protected] + +- Update to version 2013.1.a263.g09e2fc7+git.1363047056.09e2fc7: + + Make getting user-domain roles backend independant + + Make Keystone return v3 as part of the version api + + bug 1133526 + + Run keystone server in debug mode. + + Fix folsom -> grizzly role table migration issues (bug 1119789) + + Revert "from tests import" + + Revert "update tests/__init__.py to verify openssl version" + +-------------------------------------------------------------------- +Mon Mar 11 09:59:43 UTC 2013 - [email protected] + +- Update to version 2013.1.a251.g59757f6+git.1362995983.59757f6: + + Unpin pam dependency version + + Sync timeutils with oslo + + Remove obsolete *page[_marker] methods from LDAP backend. + + bug 1134802: fix inconsistent format for expires_at and issued_at + + Trusts + + Expand v3 trust test coverage + + keystone : Use Ec2Signer utility class from keystoneclient + + remove unused import + + Move auth plugins to 'keystone.auth.plugins' (bug 1136967) + + ports should be ints in config (bug 1137696) + + mark 2.0 API as stable + + Straighten out NotFound raising in LDAP backend. + + fix typo in kvs backend + + Move get_by_name to LdapBase. + + Remove unused methods from LDAP backed. + + return 201 Created on POST request (bug1131119) + + Delete tokens for user + + unable to load certificate should abort request + + add missing attributes for group/project tables (bug1126021) + + v3 endpoints won't have legacy ID's (bug 1150930) + + Change exception raised to Forbidden on trust_id + + from tests import + +------------------------------------------------------------------- +Fri Mar 8 11:01:34 UTC 2013 - [email protected] + +- Fix ownership of /var/log/keystone/keystone.log after call to + "keystone-manage pki_setup" in %post: if the package is installed + for the first time, the log file is owned by root, which breaks + keystone (since it can't write to the log file). @@ -13 +150,22 @@ -Tue Mar 5 16:51:28 UTC 2013 - [email protected] +Tue Mar 5 17:22:34 UTC 2013 - [email protected] + +- Update to version 2013.1.a210.g2515d1b+git.1362504154.2515d1b: + + Ensure keystone unittests do not leave CONF.policyfile in bad state + + Move handle_conflicts decorator into sql + + flatten payload for policy + + Convert api to controller + + bug 1131840: fix auth and token data for XML translation + + domain_id_attributes in config.py have wrong default value + + command line switch for short pep8 output. + + Setup logging in keystone-manage command. + + Imported Translations from Transifex + + Enable a parameters on ldap to allow paged_search of ldap queries This fixes bug 1083463 + + update tests/__init__.py to verify openssl version + +------------------------------------------------------------------- +Mon Mar 4 13:38:13 UTC 2013 - [email protected] + +- Move python-ldap requirement to python-keystone subpackage + +------------------------------------------------------------------- +Thu Feb 28 14:07:54 UTC 2013 - [email protected] @@ -15,3 +173,11 @@ -- Update to version 2012.2.4+git.1362502288.8690166: - + Sync timeutils to pick up normalize fix. - + Backport of fix for 24-hour failure of pki. +- Fix last change + +------------------------------------------------------------------- +Mon Feb 25 13:27:40 UTC 2013 - [email protected] + +- Ghost /var/run/keystone + +------------------------------------------------------------------- +Mon Feb 25 10:07:11 UTC 2013 - [email protected] + +- Drop sysconfig from init scripts @@ -20 +186 @@ -Fri Feb 22 10:11:13 UTC 2013 - [email protected] +Sun Feb 24 18:52:11 UTC 2013 - [email protected] @@ -22,3 +188,60 @@ -- Update to version 2012.2.4+git.1361527873.37b3532: - + Disable XML entity parsing (CVE-2013-1664, CVE-2013-1665) - + Ensure user and tenant enabled in EC2 (CVE-2013-0282) +- Update to version 2013.1.a191.g30dbb74+git.1361731931.30dbb74: + + Remove test_auth_token_middleware + + Silence routes internal debug logging + + Workaround Migration issue with PostgreSQL + + Add pysqlite as explicit test dep + + project membership to role conversion ++++ 373 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/openstack-keystone/openstack-keystone.changes ++++ and /work/SRC/openSUSE:Factory/.openstack-keystone.new/openstack-keystone.changes Old: ---- FIX-BUILD.patch keystone-certs-test.patch keystone-hybrid-backend-folsom.tar.gz keystone-hybrid-conf-scope.patch keystone-sql-backend-from_dict.patch keystone-stable-folsom.tar.gz keystone-webob-empty-resp-environ.patch openstack-keystone.conf.sample openstack-keystone.wsgi New: ---- keystone-cs24277.diff keystone-hybrid-backend-master.tar.gz keystone-stable-grizzly.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openstack-keystone-doc.spec ++++++ --- /var/tmp/diff_new_pack.LIAVut/_old 2013-04-29 14:09:45.000000000 +0200 +++ /var/tmp/diff_new_pack.LIAVut/_new 2013-04-29 14:09:45.000000000 +0200 @@ -1,7 +1,7 @@ # # spec file for package openstack-keystone-doc # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,14 +19,14 @@ %define component keystone Name: openstack-%{component}-doc -Version: 2012.2.4+git.1363796849.255b1d4 +Version: 2013.1.1.a1.gec9115b Release: 0 -License: Apache-2.0 Summary: OpenStack Identity Service (Keystone) - Documentation -Url: https://github.com/openstack/keystone +License: Apache-2.0 Group: Documentation/HTML -Source: keystone-stable-folsom.tar.gz -BuildRequires: openstack-macros +Url: https://github.com/openstack/keystone +Source: keystone-stable-grizzly.tar.gz +BuildRequires: openstack-suse-macros BuildRequires: python-Sphinx BuildRequires: python-base BuildArch: noarch @@ -40,7 +40,7 @@ This package contains documentation files for openstack-keystone. %prep -%setup -q -n keystone-2012.2.4 +%setup -q -n keystone-2013.1.1.a1.gec9115b %openstack_cleanup_prep %build ++++++ openstack-keystone.spec ++++++ --- /var/tmp/diff_new_pack.LIAVut/_old 2013-04-29 14:09:45.000000000 +0200 +++ /var/tmp/diff_new_pack.LIAVut/_new 2013-04-29 14:09:45.000000000 +0200 @@ -1,8 +1,7 @@ # # spec file for package openstack-keystone # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. -# Copyright (c) 2011 B1 Systems GmbH, Vohburg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,51 +19,41 @@ %define component keystone %define groupname openstack-%{component} %define username openstack-%{component} -%define hybrid keystone-hybrid-backend-folsom +%define hybrid keystone-hybrid-backend-master Name: openstack-%{component} -Version: 2012.2.4+git.1363796849.255b1d4 +Version: 2013.1.1.a1.gec9115b Release: 0 -License: Apache-2.0 Summary: OpenStack Identity Service (Keystone) -Url: https://github.com/openstack/keystone +License: Apache-2.0 Group: Development/Languages/Python -Source: keystone-stable-folsom.tar.gz +Url: https://github.com/openstack/keystone +Source: keystone-stable-grizzly.tar.gz Source1: %{name}.init Source2: logging.conf Source3: default_catalog.templates -# Apache2 SSL proxy example configuration: -Source4: openstack-keystone.conf.sample -# WSGI application skeleton for public and admin API apps (for the SSL proxy): -Source5: openstack-keystone.wsgi # Hybrid identity backend - uses the existing LDAP backend for users and # the SQL backend for tenants/roles Source6: %{hybrid}.tar.gz Source7: %{name}.logrotate -# Add a configuration option for reading the ldap user_scope (part of -# the hybrid backend) -Patch1: keystone-hybrid-conf-scope.patch -# Don't modify the passed in dict to the sql backend's from_dict method -# (fixes our testsuite) https://review.openstack.org/14472 -Patch2: keystone-sql-backend-from_dict.patch -# Fix a unittest bug with empty environ on our version of WebOb -# (will probably never land in folsom) https://review.openstack.org/#/c/17193/ -Patch3: keystone-webob-empty-resp-environ.patch -# Fix a unittest bug that reads ssl configuration from etc -# (will probably never land in folsom) https://review.openstack.org/#/c/17341/ -Patch4: keystone-certs-test.patch -#TODO/FIXME: check the issue! -Patch666: FIX-BUILD.patch -BuildRequires: apache2 -BuildRequires: openstack-macros +BuildRequires: openstack-suse-macros +BuildRequires: openstack-utils BuildRequires: python-base BuildRequires: python-distribute +BuildRequires: python-oslo.config +# Documentation build requirements: BuildRequires: python-Sphinx Requires: logrotate +Requires: python-argparse +Requires: python-iso8601 Requires: python-keystone = %{version} +Requires: python-oslo.config BuildRoot: %{_tmppath}/%{name}-%{version}-build # To generate a self-signed certificate to be used in demo setups: -Requires(post): apache2-utils +Requires(post): coreutils +Requires(post): python-keystone +Requires(post): python-argparse +Requires(post): python-iso8601 Requires(post): openssl Requires(post): sysconfig %if 0%{?suse_version} > 1110 @@ -72,9 +61,6 @@ %else Requires(pre): shadow-utils %endif -%if 0%{?fedora} -Requires(pre): shadow-utils -%endif %if 0%{?suse_version} && 0%{?suse_version} <= 1110 %{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} %else @@ -87,20 +73,23 @@ family. %package -n python-keystone + Summary: OpenStack Identity Service (Keystone) - Python module Group: Development/Languages/Python Requires: python >= 2.6.8 -Requires: python-PasteDeploy Requires: python-Paste +Requires: python-PasteDeploy +Requires: python-Routes Requires: python-SQLAlchemy >= 0.7.8 Requires: python-WebOb -Requires: python-eventlet +Requires: python-eventlet >= 0.9.12 Requires: python-greenlet Requires: python-iso8601 >= 0.1.4 +Requires: python-keystoneclient >= 0.2 +Requires: python-ldap Requires: python-lxml Requires: python-pam Requires: python-passlib -Requires: python-routes Requires: python-sqlalchemy-migrate >= 0.7.2 %description -n python-keystone @@ -111,15 +100,16 @@ This package contains the core Python module of OpenStack Keystone. %package test + Summary: Testsuite for the OpenStack Keystone Group: Development/Languages/Python Requires: %{name} = %{version} Requires: python-Sphinx >= 1.1.2 +Requires: python-WebTest Requires: python-coverage -Requires: python-distribute >= 0.6.24 Requires: python-keystoneclient -Requires: python-ldap Requires: python-mox +Requires: python-netifaces Requires: python-nose Requires: python-nosehtmloutput Requires: python-nosexcover @@ -129,7 +119,6 @@ Requires: python-python-memcached Requires: python-swift Requires: python-unittest2 -Requires: python-WebTest %description test The OpenStack Keystone testsuite. It is used to verify the @@ -137,15 +126,8 @@ %prep # unpack the backend hybrid in addition to the main keyston source -%setup -q -T -D -b0 -a6 -n keystone-2012.2.4 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 -%patch4 -p1 -%patch666 -p1 +%setup -q -T -D -b0 -a6 -n keystone-2013.1.1.a1.gec9115b %openstack_cleanup_prep -# set the sqlite3 path to /var/lib/keystone -sed -i 's%^connection =.*%connection = sqlite:////var/lib/keystone/keystone.db%' etc/keystone.conf.sample %build python setup.py build @@ -155,14 +137,12 @@ python setup.py install --prefix=%{_prefix} --root=%{buildroot} ### directories -install -d -m 755 %{buildroot}%{_localstatedir}/lib/keystone -install -d -m 755 %{buildroot}%{_localstatedir}/log/keystone +install -d -m 755 %{buildroot}%{_localstatedir}/{lib,log,run}/keystone ### configuration files install -d -m 0755 %{buildroot}%{_sysconfdir}/keystone cp %{SOURCE2} %{buildroot}%{_sysconfdir}/keystone/ cp %{SOURCE3} %{buildroot}%{_sysconfdir}/keystone/default_catalog.templates.sample -sed -i -e 's,^template_file .*,template_file = /etc/keystone/default_catalog.templates,' etc/keystone.conf.sample cp etc/keystone.conf.sample %{buildroot}%{_sysconfdir}/keystone/keystone.conf cp etc/policy.json %{buildroot}%{_sysconfdir}/keystone/ install -p -D -m 644 %{SOURCE7} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} @@ -179,27 +159,44 @@ ### test subpackage %openstack_test_package_install -### apache/WSGI for SSL -%openstack_apache_ssl_cert_install -# Apache2 sample configuration -install -m 644 -D %{SOURCE4} %{buildroot}%{_sysconfdir}/apache2/conf.d/openstack-keystone.conf.sample -# Apache2 WSGI apps -install -D %{SOURCE5} %{buildroot}%{_localstatedir}/lib/keystone/wsgi/admin.wsgi -install -D %{SOURCE5} %{buildroot}%{_localstatedir}/lib/keystone/wsgi/main.wsgi +### create keystone ssl dirs +install -d %{buildroot}%{_sysconfdir}/keystone/ssl/private +touch %{buildroot}%{_sysconfdir}/keystone/ssl/private/signing_key.pem +install -d %{buildroot}%{_sysconfdir}/keystone/ssl/certs +touch %{buildroot}%{_sysconfdir}/keystone/ssl/certs/signing_cert.pem ### Keystone hybrid identity backend install -D -m 644 %{hybrid}/hybrid.py %{buildroot}%{python_sitelib}/keystone/identity/backends/ -install -m 644 %{hybrid}/hybrid_config.py %{buildroot}%{python_sitelib}/keystone/identity/backends/ install -D -m 644 %{hybrid}/test_backend_hybrid.py %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/ install -D -m 644 %{hybrid}/backend_hybrid.conf %{buildroot}%{_localstatedir}/lib/openstack-keystone-test/tests/ +### set default configuration (mostly applies to package-only setups and quickstart, i.e. not generally crowbar) +%define keystone_conf %{buildroot}%{_sysconfdir}/keystone/keystone.conf +openstack-config --set %{keystone_conf} DEFAULT verbose True +openstack-config --set %{keystone_conf} DEFAULT log_file keystone.log +openstack-config --set %{keystone_conf} DEFAULT log_dir /var/log/keystone +#TODO/FIXME(saschpe): Do we really want to use the file-based catalog or move into DB by default? +openstack-config --set %{keystone_conf} catalog template_file /etc/keystone/default_catalog.templates +openstack-config --set %{keystone_conf} catalog driver keystone.catalog.backends.templated.TemplatedCatalog +#TODO/FIXME(saschpe): Do we want to use sqlite per default or demand PostgreSQL right away? +openstack-config --set %{keystone_conf} sql connection sqlite:////var/lib/keystone/keystone.db + %pre getent group %{groupname} >/dev/null || groupadd -r %{groupname} getent passwd %{username} >/dev/null || useradd -r -g %{groupname} -d %{_localstatedir}/lib/keystone -s /sbin/nologin -c "OpenStack keystone Daemon" %{username} exit 0 %post -%openstack_apache_ssl_cert_post +# create an example.com certificate if not available already +if ! [ -r /etc/keystone/ssl/certs/signing_cert.pem ]; then + # recreate index.txt if it is only about the example.com config + if [ $(wc -l /etc/keystone/ssl/certs/index.txt) -le 1] && grep -q CN=www.example.com /etc/keystone/ssl/certs/index.txt; then + rm /etc/keystone/ssl/certs/index.txt + fi + /usr/bin/keystone-manage pki_setup --keystone-user %{username} --keystone-group %{groupname} + # keystone-manage will create a keystone.log file owned by root; fix that + test -f %{_localstatedir}/log/keystone/keystone.log && chown %{username}:%{groupname} %{_localstatedir}/log/keystone/keystone.log +fi %fillup_and_insserv %{name} %restart_on_update %{name} @@ -212,33 +209,34 @@ %files %defattr(-,root,root) -%dir %attr(0755, %{username}, %{groupname}) %{_localstatedir}/lib/keystone -%dir %attr(0750, %{username}, %{groupname}) %{_localstatedir}/log/keystone -%dir %attr(0750, root, %{groupname}) %{_sysconfdir}/keystone -%config(noreplace) %attr(0640, root, %{groupname}) %{_sysconfdir}/keystone/keystone.conf -%config(noreplace) %attr(0640, root, %{groupname}) %{_sysconfdir}/keystone/logging.conf -%config(noreplace) %{_sysconfdir}/keystone/policy.json +%dir %attr(0755, %{username}, %{groupname}) %{_localstatedir}/lib/%{component} +%dir %attr(0750, %{username}, %{groupname}) %{_localstatedir}/log/%{component} +%ghost %dir %attr(0750, %{username}, %{groupname}) %{_localstatedir}/run/%{component} +%dir %attr(0750, root, %{groupname}) %{_sysconfdir}/%{component} +%dir %attr(0755, root, %{groupname}) %{_sysconfdir}/%{component}/ssl +%dir %attr(0755, root, %{groupname}) %{_sysconfdir}/%{component}/ssl/certs +%ghost %attr(0644, root, %{groupname}) %{_sysconfdir}/%{component}/ssl/certs/signing_cert.pem +%dir %attr(0750, root, %{groupname}) %{_sysconfdir}/%{component}/ssl/private +%ghost %attr(0640, root, %{groupname}) %{_sysconfdir}/%{component}/ssl/private/signing_key.pem +%config(noreplace) %attr(0640, root, %{groupname}) %{_sysconfdir}/%{component}/%{component}.conf +%config(noreplace) %attr(0640, root, %{groupname}) %{_sysconfdir}/%{component}/logging.conf +%config %{_sysconfdir}/%{component}/policy.json %config(noreplace) %{_sysconfdir}/logrotate.d/%{name} -%attr(0640, %{username}, %{groupname}) %{_sysconfdir}/keystone/default_catalog.templates.sample +%attr(0640, %{username}, %{groupname}) %{_sysconfdir}/%{component}/default_catalog.templates.sample %{_initddir}/%{name} %{_sbindir}/rc%{name} %{_bindir}/keystone-all %{_bindir}/keystone-manage %{_mandir}/man1/keystone* -%openstack_apache_ssl_cert_files -%{_sysconfdir}/apache2/conf.d/openstack-keystone.conf.sample -%dir %attr(0755, root, root) %{_localstatedir}/lib/keystone/wsgi -%attr(0644, root, root) %{_localstatedir}/lib/keystone/wsgi/*.wsgi %doc tools/sample_data.sh %files -n python-keystone %defattr(-,root,root,-) -%{python_sitelib} -#%config %{python_sitelib}/keystone/identity/backends/hybrid_config.py %doc LICENSE +%{python_sitelib} %files test %defattr(-,root,root) -%{_localstatedir}/lib/openstack-keystone-test +%{_localstatedir}/lib/openstack-%{component}-test %changelog ++++++ _service ++++++ --- /var/tmp/diff_new_pack.LIAVut/_old 2013-04-29 14:09:45.000000000 +0200 +++ /var/tmp/diff_new_pack.LIAVut/_new 2013-04-29 14:09:45.000000000 +0200 @@ -3,8 +3,8 @@ <param name="url">git://github.com/SUSE-Cloud/keystone-hybrid-backend.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="version">folsom</param> - <param name="revision">folsom</param> + <param name="version">master</param> + <param name="revision">master</param> </service> <service name="recompress" mode="disabled"> @@ -13,7 +13,8 @@ </service> <service name="git_tarballs" mode="disabled"> - <param name="url">http://tarballs.openstack.org/keystone/keystone-stable-folsom.tar.gz</param> - <param name="email">[email protected]</param> + <param name="url">http://tarballs.openstack.org/keystone/keystone-stable-grizzly.tar.gz</param> + <param name="email">[email protected]</param> + <param name="plain-version">True</param> </service> </services> ++++++ default_catalog.templates ++++++ --- /var/tmp/diff_new_pack.LIAVut/_old 2013-04-29 14:09:45.000000000 +0200 +++ /var/tmp/diff_new_pack.LIAVut/_new 2013-04-29 14:09:45.000000000 +0200 @@ -17,6 +17,10 @@ catalog.RegionOne.volume.internalURL = http://%SERVICE_HOST%:8776/v1/$(tenant_id)s catalog.RegionOne.volume.name = Volume Service +catalog.RegionOne.network.publicURL = http://%SERVICE_HOST%:9696 +catalog.RegionOne.network.adminURL = http://%SERVICE_HOST%:9696 +catalog.RegionOne.network.internalURL = http://%SERVICE_HOST%:9696 +catalog.RegionOne.network.name = Network Service catalog.RegionOne.ec2.publicURL = http://%SERVICE_HOST%:8773/services/Cloud catalog.RegionOne.ec2.adminURL = http://%SERVICE_HOST%:8773/services/Admin ++++++ keystone-cs24277.diff ++++++ >From ad39c7b413491cb7c38f4161251e58ca4248458d Mon Sep 17 00:00:00 2001 From: Dan Prince <[email protected]> Date: Tue, 12 Mar 2013 22:44:48 -0400 Subject: [PATCH] Remove duplicate password/token opts. We already register these options in config.py so no need to dup them here. Fixes LP Bug #1154406. Change-Id: I301328ec3ec4823dd7fbec1e639e2841516352e5 --- keystone/auth/controllers.py | 9 --------- 1 file changed, 9 deletions(-) diff --git a/keystone/auth/controllers.py b/keystone/auth/controllers.py index 517995d..ba70735 100644 --- a/keystone/auth/controllers.py +++ b/keystone/auth/controllers.py @@ -36,15 +36,6 @@ CONF = config.CONF AUTH_METHODS = {} -# register method drivers -for method_name in CONF.auth.methods: - try: - config.register_str(method_name, group='auth') - except Exception as e: - # don't care about duplicate error - LOG.warn(e) - - def load_auth_method(method_name): if method_name not in CONF.auth.methods: raise exception.AuthMethodNotSupported() -- 1.8.1.4 ++++++ openstack-keystone.init ++++++ --- /var/tmp/diff_new_pack.LIAVut/_old 2013-04-29 14:09:45.000000000 +0200 +++ /var/tmp/diff_new_pack.LIAVut/_new 2013-04-29 14:09:45.000000000 +0200 @@ -4,74 +4,68 @@ # Provides: openstack-keystone # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog -# Should-Start: $network mysql postgresql -# Should-Stop: $network mysql postgresql +# Should-Start: mysql postgresql +# Should-Stop: mysql postgresql # Default-Start: 3 5 # Default-Stop: 0 1 2 6 -# Short-Description: OpenStack keystone -# Description: OpenStack keystone. +# Short-Description: OpenStack Identity (Keystone) +# Description: OpenStack Identity (Keystone) ### END INIT INFO USER="openstack-keystone" -GROUP="openstack-keystone" -DAEMON="/usr/bin/keystone-all" CONFFILE="/etc/keystone/keystone.conf" +RUNDIR="/var/run/Keystone" -DAEMON_OPTIONS="--config-file=$CONFFILE --log-file=/var/log/keystone/keystone.log" -OPTIONS="${OPTIONS} $DAEMON_OPTIONS" +# $RUNDIR can be tmpfs, thus we have to create/own it here: +mkdir -p $RUNDIR && chown $USER. $RUNDIR -# Shell functions sourced from /etc/rc.status: -# rc_check check and set local and overall rc status -# rc_status check and set local and overall rc status -# rc_status -v be verbose in local rc status and clear it afterwards -# rc_status -v -r ditto and clear both the local and overall rc status -# rc_status -s display "skipped" and exit with status 3 -# rc_status -u display "unused" and exit with status 3 -# rc_failed set local and overall rc status to failed -# rc_failed <num> set local and overall rc status to <num> -# rc_reset clear both the local and overall rc status -# rc_exit exit appropriate to overall rc status -# rc_active checks whether a service is activated by symlinks . /etc/rc.status -FULLNAME="OpenStack Keystone" - case "$1" in start) - echo -n "Starting $FULLNAME" - cd /var/lib/keystone - startproc -s -u $USER -t ${STARTUP_TIMEOUT:-5} -q $DAEMON $OPTIONS + echo -n "Starting keystone" + /sbin/startproc -q -s -u $USER /usr/bin/keystone-all --config-file=$CONFFILE rc_status -v ;; stop) - echo -n "Shutting down $FULLNAME" - killproc $DAEMON + echo -n "Shutting down keystone" + /sbin/killproc /usr/bin/keystone-all rc_status -v ;; restart) $0 stop - $0 start - rc_status + $0 start + rc_status + ;; + force-reload) + $0 try-restart + rc_status ;; reload) + echo -n "Reload service keystone" + rc_failed 3 + rc_status -v ;; status) - echo -n "Checking $FULLNAME" - /sbin/checkproc $DAEMON - rc_status -v + echo -n "Checking for service keystone" + /sbin/checkproc /usr/bin/keystone-all + rc_status -v ;; - condrestart|try-restart) + try-restart|condrestart) + if test "$1" = "condrestart"; then + echo "${attn} Use try-restart ${done}(LSB)${attn} rather than condrestart ${warn}(RH)${norm}" + fi $0 status if test $? = 0; then - $0 restart + $0 restart else - rc_reset # Not running is not a failure. + rc_reset # Not running is not a failure. fi - # Remember status and be quiet - rc_status + rc_status # Remember status and be quiet ;; *) - echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart}" - exit 2 + echo "Usage: $0 {start|stop|status|try-restart|restart|force-reload|reload}" + exit 1 + ;; esac -exit $? +rc_exit ++++++ openstack-keystone.logrotate ++++++ --- /var/tmp/diff_new_pack.LIAVut/_old 2013-04-29 14:09:45.000000000 +0200 +++ /var/tmp/diff_new_pack.LIAVut/_new 2013-04-29 14:09:45.000000000 +0200 @@ -1,5 +1,13 @@ +compress + /var/log/keystone/*.log { - daily + rotate 15 + size 1M + weekly + dateext missingok + notifyempty su openstack-keystone openstack-keystone + copytruncate + sharedscripts } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
