| *** mhen_ is now known as mhen | 01:10 | |
| opendevreview | Matúš Jenča proposed openstack/keystonemiddleware master: Support Redis and Redis Sentinel Cache https://review.opendev.org/c/openstack/keystonemiddleware/+/915872 | 07:57 |
|---|---|---|
| *** jph5 is now known as jph | 10:15 | |
| *** jph6 is now known as jph | 12:45 | |
| lajoskatona | Hi, a dumb question, we run through the security-guide, and found a strange check for the user:group setting for the services | 14:38 |
| lajoskatona | i.e.: for keystone the suggestion is to have keystone:keystone for cfg file for example ( https://docs.openstack.org/security-guide/identity/checklist.html#check-identity-01-is-user-group-ownership-of-config-files-set-to-keystone ) | 14:38 |
| lajoskatona | but for other (non-keystone) services to have root:<service-name> user:group setup: https://docs.openstack.org/security-guide/networking/checklist.html#check-neutron-01-is-user-group-ownership-of-config-files-set-to-root-neutron | 14:39 |
| lajoskatona | Do you know if there is some deeper for me unknown reason for this difference? | 14:41 |
| lajoskatona | just for reference these parts of the docs were set in these patches: https://review.opendev.org/c/openstack/security-doc/+/204435 & https://review.opendev.org/c/openstack/security-doc/+/240385 | 14:43 |
| *** jph1 is now known as jph | 23:37 | |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!