Today in office hours someone reported a bug where keystone wasn't producing policy files based on the overrides on disk and the defaults in code [0]. After doing some digging, I found that keystone missed a step while moving policy into code. I have a patch [1] up that follows an approach from nova. With all of the policy in code work happening this release, I wanted to send a note in case folks were seeing this with their projects. Or just a reminder to test for it if you're unsure if your project will be affected. Let me know if you have any questions and I'll be happy to chip in if your project is experiencing issues. Lance [0] https://bugs.launchpad.net/keystone/+bug/1740951 [1] https://review.openstack.org/#/c/530828/ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 833 bytes Desc: OpenPGP digital signature URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20180102/642cc943/attachment.sig>