On Wed, Sep 23, 2015 at 2:32 PM, Alex Schultz <aschultz at mirantis.com> wrote: > Hey all, > > So as part of the Puppet mid-cycle, we did bug triage. One of the > bugs that was looked into was bug 1289631[0]. This bug is about > applying the recommendations from the security guide[1] within the > puppet-swift module. So I'm sending a note out to get other feedback > on if this is a good idea or not. Should we be applying this type of > security items within the puppet modules by default? Should we make > this optional? Thoughts? > > > Thanks, > -Alex > > > [0] https://bugs.launchpad.net/puppet-swift/+bug/1289631 > [1] http://docs.openstack.org/security-guide/object-storage.html#securing-services-general Also for the puppet side of this conversation, the change for the security items[0] also seems to conflict with bug 1458915[1] which is about removing the posix users/groups/file modes. So which direction should we go? [0] https://review.openstack.org/#/c/219883/ [1] https://bugs.launchpad.net/puppet-swift/+bug/1458915