Summary: | sys-auth/keystone-2013.2.r2 - token-get fails | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Davide Rebeccani <davide.rebeccani> |
Component: | Current packages | Assignee: | Gentoo OpenStack team <openstack> |
Status: | RESOLVED FIXED | ||
Severity: | normal | Keywords: | PATCH |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
keystone-2013.2-r1.ebuild
keystone init.d file |
Description
Davide Rebeccani
2013-12-13 13:18:55 UTC
Created attachment 365220 [details]
keystone-2013.2-r1.ebuild
Corrected build file with:
1. Creation of keystone user and group to run the daemon under
2. Added pkg_postinst() information about how to configure keystone PKI
3. Added pkg_config() to configure PKI as reported in pkg_postinst()
Created attachment 365222 [details]
keystone init.d file
Fixed keystone init.d file to run the keystone daemon under the keystone user.
Comment on attachment 365220 [details]
keystone-2013.2-r1.ebuild
--- keystone-2013.2-r1.ebuild 2013-11-28 18:39:30.380637752 +0100
+++ - 2013-12-13 15:29:34.891724152 +0100
@@ -79,6 +79,11 @@
"${FILESDIR}/2013.2-CVE-2013-4477.patch"
)
+pkg_setup() {
+ enewgroup keystone
+ enewuser keystone -1 -1 /var/lib/keystone keystone
+}
+
python_prepare_all() {
mkdir ${PN}/tests/tmp || die
cp etc/keystone-paste.ini ${PN}/tests/tmp/ || die
@@ -103,4 +108,26 @@
doins etc/keystone.conf.sample etc/logging.conf.sample
doins etc/default_catalog.templates etc/policy.json
doins etc/policy.v3cloudsample.json etc/keystone-paste.ini
+
+ fowners keystone:keystone /var/run/keystone /var/log/keystone /etc/keystone
+}
+
+pkg_postinst() {
+ elog "You might want to run:"
+ elog "emerge --config =${CATEGORY}/${PF}"
+ elog "if this is a new install."
+ elog "If you have not already configured your openssl installation"
+ elog "please do it by modifying /etc/ssl/openssl.cnf"
+ elog "BEFORE issuing the configuration command."
+ elog "Otherwise default values will be used."
+}
+
+pkg_config() {
+ if [ ! -d "${ROOT}"/etc/keystone/ssl ] ; then
+ einfo "Press ENTER to configure the keystone PKI, or Control-C to abort now..."
+ read
+ "${ROOT}"/usr/bin/keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
+ else
+ einfo "keystone PKI certificates directory already present, skipping configuration"
+ fi
}
is this for 2013.1 or 2013.2? looks like you have both mentioned in the comments. Sorry for the typo. I was meaning sys-auth/keystone-2013.2-r1 :-) fixed in 2013.2-r2 and 2013.2.9999 thanks for all the work :D |