[Openstack-security] [openstack/sahara] SecurityImpact review request change Ic5ab5a875754c09aae59d0313d5726f2bd4f7282
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Dec 9 12:07:18 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/251813
Log:
commit 11ad68b87325e772e0de99c018d01f75483b3803
Author: Vitaly Gridnev <vgridnev at mirantis.com>
Date: Tue Dec 1 14:46:13 2015 +0300
Trust usage improvements in sahara
There are several improvements in usage trusts.
* create trust always and without expiry to allow
provisioning of large clusters
* fix issues with auth_plugin setup during cluster
provisioning, so that we can use trusts to
refresh auth_token
* enable redelegation for cluster trusts, because
heat also will create trusts during heat stack
creation
* refreshing cluster before create/delete trusts
to check to be sure that correct trust applied
to cluster.
* removing config option for expiry since it unused now.
SecurityImpact
Closes-bug: 1521992
Related-bug: 1486653
Change-Id: Ic5ab5a875754c09aae59d0313d5726f2bd4f7282
More information about the Openstack-security
mailing list