Issued:: 2016-11-14
Updated:: 2016-11-14

RHBA-2016:2711 - openstack-keystone bug fix advisory

Synopsis

openstack-keystone bug fix advisory

Type/Severity

Bug Fix Advisory None

Topic

Updated OpenStack Identity packages that resolve various issues are now available for Red Hat OpenStack Platform 8.0 (Liberty) for RHEL 7.

Description

Red Hat OpenStack Platform provides the facilities for building a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware. This advisory includes packages for:

OpenStack Identity service

The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication including user name and password credentials, token-based systems, and AWS-style logins.

This update addresses the following issue:

In certain cases, directories use the concept of POSIX groups, where the entities of users in the groups are represented as UIDs, not full DNs such as: dn: cn=group1, cn=groups,dc=domain,dc=com .... memberUid: user1 memberUid: user2 .... The LDAP driver was previously hardcoded for full DN entities, for example: dn: cn=group1, cn=groups,dc=domain,dc=com .... memberUid: uid=user1,cn=users,dc=domain,dc=com memberUid: uid=user2,cn=users,dc=domain,dc=com .... This update adds support for LDAP backends using POSIX groups. (BZ#1375685)

Solution

Before applying this update, ensure all previously released errata relevant to your system have been applied.

Red Hat OpenStack Platform 8 runs on Red Hat Enterprise Linux 7.2.

The Red Hat OpenStack Platform 8 Release Notes contain the following:

An explanation of the way in which the provided components interact to form a working cloud computing environment.
Technology Previews, Recommended Practices, and Known Issues.
The channels required for Red Hat OpenStack Platform 8, including which channels need to be enabled and disabled.

The Release Notes are available at: This content is not included.https://access.redhat.com/documentation/en/red-hat-openstack-platform/version-8/release-notes/

This update is available through 'yum update' on systems registered through Red Hat Subscription Manager. For more information about Red Hat Subscription Manager, see:

This content is not included.https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html

Affected Products

Product	Version	Arch
Red Hat OpenStack	8	x86_64

Updated Packages

python-keystone-8.0.1-3.el7ost.noarch.rpm
openstack-keystone-8.0.1-3.el7ost.src.rpm
openstack-keystone-8.0.1-3.el7ost.noarch.rpm

Fixes

This content is not included.BZ - 1375685

CVEs

(none)

References

(none)

Additional information

The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.