Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1138680

Summary: Document commands to set permissions for each service when configuring rabbitmq.
Product: Red Hat OpenStack Reporter: Lee Yarwood <lyarwood>
Component: doc-Installation_and_Configuration_GuideAssignee: Martin Lopes <mlopes>
Status: CLOSED DUPLICATE QA Contact: RHOS Documentation Team <rhos-docs>
Severity: high Docs Contact:
Priority: high    
Version: 5.0 (RHEL 7)CC: ddomingo, lyarwood, yeylon
Target Milestone: ---Keywords: Documentation
Target Release: 5.0 (RHEL 7)   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-10-10 04:43:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Lee Yarwood 2014-09-05 12:38:21 UTC 
Description of problem:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Installation_and_Configuration_Guide/sect-Prerequisite_Message_Broker.html#sect-Install_and_Configure_the_RabbitMQ_Message_Broker

At present the service rabbitmq users created when following the above guide are not given permissions to access their respective resources, resulting in "access to vhost '/' refused for user '$service'" messages being logged.

Additional info:

The puppet profiles for cinder [1] and nova [2] appear to set ".*" ".*" ".*", can we get away with documenting the same or do we need more strict permissions in place?

[1] https://github.com/stackforge/puppet-cinder/blob/master/manifests/rabbitmq.pp#L57
[2] https://github.com/stackforge/puppet-nova/blob/master/manifests/rabbitmq.pp#L62
Comment 5 Martin Lopes 2014-09-12 00:37:55 UTC 
Updated guide has been re-spun, tagged.
Comment 6 Martin Lopes 2014-09-14 23:56:30 UTC 
Updated guide is now on the portal.
Comment 7 Martin Lopes 2014-10-10 04:43:41 UTC 

*** This bug has been marked as a duplicate of bug 1134990 ***