1300395 – Rebase openstack-keystone to 8.0.1

Bug 1300395 - Rebase openstack-keystone to 8.0.1

Summary: Rebase openstack-keystone to 8.0.1

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat OpenStack
Classification:	Red Hat
Component:	openstack-keystone
Sub Component:
Version:	8.0 (Liberty)
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	ga
Target Release:	8.0 (Liberty)
Assignee:	Nathan Kinder
QA Contact:	nlevinki
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-01-20 16:23 UTC by Nathan Kinder
Modified:	2023-02-22 23:02 UTC (History)
CC List:	7 users (show)
Fixed In Version:	openstack-keystone-8.0.1-1.el7ost
Doc Type:	Rebase: Bug Fixes Only
Doc Text:	This rebase package for Identity Service addresses the following issues: * Identity Service (keystone) uses a hard-coded LDAP membership attribute when checking if a user is enabled, if the 'enabled emulation' feature is being used. Consequently, users who were `enabled` may show as `disabled` if an unexpected LDAP membership attribute is used. With this fix, the 'enabled emulation' membership check now uses the configurable LDAP membership attribute that is used for group resources. As a result, the 'enabled' status for users is shown correctly when different LDAP membership attributes are configured. (Launchpad bug #1515302, Red Hat BZ#1282944) * If a user_id just happens to be of 16 character length, the Identity service could incorrectly assume that it was handling a UUID value when using the Fernet token provider. This would trigger a "Could not find user" error in the Identity service logs. This has been corrected to properly handle 16 character user IDs. (Launchpad bug #1497461)
Clone Of:
Environment:
Last Closed:	2016-04-07 21:25:23 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHEA-2016:0603	0	normal	SHIPPED_LIVE	Red Hat OpenStack Platform 8 Enhancement Advisory	2016-04-08 00:53:53 UTC

Description Nathan Kinder 2016-01-20 16:23:34 UTC

We need to rebase openstack-keystone to the 8.0.1 release from the liberty/stable branch for RHEL OSP8, as there is at least one bug in there which we've backported to earlier RHEL OSP releases.

Comment 5 nlevinki 2016-02-02 09:55:50 UTC

rpm -qa |grep keystone
openstack-keystone-8.0.1-1.el7ost.noarch
python-keystoneclient-1.7.2-1.el7ost.noarch
python-keystonemiddleware-2.3.1-1.el7ost.noarch
python-keystone-8.0.1-1.el7ost.noarch
python-keystoneauth1-1.1.0-4.el7ost.noarch

Comment 6 errata-xmlrpc 2016-04-07 21:25:23 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-0603.html

Note You need to log in before you can comment on or make changes to this bug.