The openstack dashboard's secret key is not accessible. 1) install rhel7.2 2) install openstack-selinux 3) install httpd mod_wsgi mod_ssl openstack-dashboard memcached python-memcached 4) modify secret_key variable on /etc/openstack-dashboard/local_settings with this: ... from horizon.utils import secret_key SECRET_KEY = secret_key.generate_or_read_from_file('/var/lib/openstack-dashboard/secret_key') ... 5) systemctl start httpd.service After starting httpd, under /var/lib/openstack-dashboard apache successfully created two files owned by root: [root@mi-lab-horizon01 ~]# ll /var/lib/openstack-dashboard/ totale 4 -rw-------. 1 root root 64 15 apr 11.07 secret_key -rw-r--r--. 1 root root 0 15 apr 11.07 _var_lib_openstack-dashboard_secret_key.lock [root@mi-lab-horizon01 ~]# but apache user can't read those files and also SELinux prevent append on file under var/lib to httpd process.
* Mon Apr 18 2016 Ryan Hallisey <rhallise> 0.7.3-2 - Horizon needs the ability to access its shared secret - Resolves: rhbz#1328177 Adds to postinstall: fcontext -N -a -t httpd_var_lib_t /var/lib/openstack-dashboard Which results in: [root@rhel7 ~]# ls -ldZ /var/lib/openstack-dashboard drwxr-x---. apache apache system_u:object_r:httpd_var_lib_t:s0 /var/lib/openstack-dashboard
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2016-2708.html