Red Hat Product Errata RHBA-2016:2711 - Bug Fix Advisory

Issued:: 2016-11-14
Updated:: 2016-11-14

RHBA-2016:2711 - Bug Fix Advisory

Overview
Updated Packages

Synopsis

openstack-keystone bug fix advisory

Type/Severity

Bug Fix Advisory

Topic

Updated OpenStack Identity packages that resolve various issues are now
available for Red Hat OpenStack Platform 8.0 (Liberty) for RHEL 7.

Description

Red Hat OpenStack Platform provides the facilities for building a private
or public infrastructure-as-a-service (IaaS) cloud running on commonly
available physical hardware. This advisory includes packages for:

OpenStack Identity service

The OpenStack Identity service (keystone) authenticates and authorizes
OpenStack users by keeping track of users and their permitted activities.
The Identity service supports multiple forms of authentication including
user name and password credentials, token-based systems, and AWS-style
logins.

This update addresses the following issue:

In certain cases, directories use the concept of POSIX groups, where the entities of users in the groups are represented as UIDs, not full DNs such as:

dn: cn=group1, cn=groups,dc=domain,dc=com
....
memberUid: user1
memberUid: user2
....
The LDAP driver was previously hardcoded for full DN entities, for example:
dn: cn=group1, cn=groups,dc=domain,dc=com
....
memberUid: uid=user1,cn=users,dc=domain,dc=com
memberUid: uid=user2,cn=users,dc=domain,dc=com
....
This update adds support for LDAP backends using POSIX groups. (BZ#1375685)

Solution

Before applying this update, ensure all previously released errata relevant
to your system have been applied.

Red Hat OpenStack Platform 8 runs on Red Hat Enterprise Linux 7.2.

The Red Hat OpenStack Platform 8 Release Notes contain the following:

An explanation of the way in which the provided components interact to

form a working cloud computing environment.

Technology Previews, Recommended Practices, and Known Issues.
The channels required for Red Hat OpenStack Platform 8, including which

channels need to be enabled and disabled.

The Release Notes are available at:
https://access.redhat.com/documentation/en/red-hat-openstack-platform/version-8/release-notes/

This update is available through 'yum update' on systems registered through
Red Hat Subscription Manager. For more information about Red Hat
Subscription Manager, see:

https://access.redhat.com/documentation/en-US/Red_Hat_Subscription_Management/1/html/RHSM/index.html

Affected Products

Red Hat OpenStack 8 x86_64

Fixes

BZ - 1375685 - Need support for OpenDirectory in LDAP driver in RHOSP 8.0

CVEs

(none)

References

(none)

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat OpenStack 8

SRPM
openstack-keystone-8.0.1-3.el7ost.src.rpm	SHA-256: b59a9171518c91c831be33931a11b1b54dc740150fbfc122eaca6aa9db5fcf56
x86_64
openstack-keystone-8.0.1-3.el7ost.noarch.rpm	SHA-256: 8c7bad0165c9fab4c4cacb000e377a7dc0b34e3271b6cc4480d15d461f85baf3
python-keystone-8.0.1-3.el7ost.noarch.rpm	SHA-256: 35590bf7f271d50059b9417f5e841ebc98e29e28446933daafdad965a9301b3d

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

Services

Tools

Red Hat Insights

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories