[openstack-dev] [puppet][swift] Applying security recommendations within puppet-swift

Alex Schultz aschultz at mirantis.com
Wed Sep 23 21:10:02 UTC 2015


On Wed, Sep 23, 2015 at 2:32 PM, Alex Schultz <aschultz at mirantis.com> wrote:
> Hey all,
>
> So as part of the Puppet mid-cycle, we did bug triage.  One of the
> bugs that was looked into was bug 1289631[0].  This bug is about
> applying the recommendations from the security guide[1] within the
> puppet-swift module.  So I'm sending a note out to get other feedback
> on if this is a good idea or not.  Should we be applying this type of
> security items within the puppet modules by default? Should we make
> this optional?  Thoughts?
>
>
> Thanks,
> -Alex
>
>
> [0] https://bugs.launchpad.net/puppet-swift/+bug/1289631
> [1] http://docs.openstack.org/security-guide/object-storage.html#securing-services-general

Also for the puppet side of this conversation, the change for the
security items[0] also seems to conflict with bug 1458915[1] which is
about removing the posix users/groups/file modes.  So which direction
should we go?

[0] https://review.openstack.org/#/c/219883/
[1] https://bugs.launchpad.net/puppet-swift/+bug/1458915



More information about the OpenStack-dev mailing list