yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #73163
[Bug 1445199] Re: Nova user should not have admin role
Devstack is meant to provide a deployment suitable for development, not
a hardened setup that could be used in production. While it could adopt
this if Nova supported it, I'll mark the bug as invalid for devstack.
** Changed in: devstack
Status: New => Invalid
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1445199
Title:
Nova user should not have admin role
Status in devstack:
Invalid
Status in OpenStack Compute (nova):
Confirmed
Status in OpenStack Security Advisory:
Invalid
Bug description:
Most of the service users are granted the 'service' role on the 'service' project, except the 'nova' user which is given 'admin'. The 'nova' user should also be given only the 'service' role on the 'service' project.
This is for security hardening.
To manage notifications about this bug go to:
https://bugs.launchpad.net/devstack/+bug/1445199/+subscriptions