SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for python-keystone-2013.1.4.a1.g56851fa-1.1.noarch.rpm :
Thu Aug 8 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.4.a1.g56851fa:
+ Bump stable/grizzly next version to 2013.1.4

Tue Aug 6 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a10.gf60f742:
+ Maintain tokens after role assignments (bug 1170186)

Tue Aug 6 14:00:00 2013 dmuellerAATTsuse.com
- remove 0001-Maintain-tokens-after-role-assignments-bug-1170186.patch

Sat Jul 27 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a9.g27a5b42:
+ Fix issue with v3 tokens and group membership roles

Wed Jun 26 14:00:00 2013 dmuellerAATTsuse.com
- add dependency on git-core in -test package
- add 0001-Maintain-tokens-after-role-assignments-bug-1170186.patch

Tue Jun 25 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a8.g76a94c6:
+ Ignore conflict on v2 auto role assignment (bug 1161963)

Tue Jun 18 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a6.g8ea8024:
+ Improve the performance of tokens deletion for user

Mon Jun 17 14:00:00 2013 mvidnerAATTsuse.com
- fixed \'notifempty\' in logrotate config (bnc#825279).

Sat Jun 15 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a4.gb426022:
+ Replace password to \"
*
*
*\" in the debug message

Thu Jun 13 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a2.gc100fd2:
+ Force simple Bind for authentication

Thu Jun 13 14:00:00 2013 dmuellerAATTsuse.com
- fix typo in postinstall script

Sat Jun 8 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.3.a1.g4b22c02:
+ Bump stable/grizzly next version to 2013.1.3

Thu Jun 6 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.2.a11.g8dd57da:
+ remove_role_from_user_and_project affecting all users (bug 1170649)
+ Fix incorrect role assignment in migration.

Sat Jun 1 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.2.a9.g39c4ca1:
+ Read-only default domain for LDAP (bug 1168726)

Fri May 31 14:00:00 2013 dmuellerAATTsuse.com
- remove pylint dependency

Fri May 31 14:00:00 2013 dmuellerAATTsuse.com
- avoid warning in post script

Wed May 29 14:00:00 2013 dmuellerAATTsuse.com
- update test requires
- remove setBadness call from rpmlintrc

Wed May 22 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.2.a8.gf509179:
+ Accept env variables to override default passwords
+ LDAP list groups with missing member entry
+ Add rule for list_groups_for_user in policy.json

Tue May 21 14:00:00 2013 iartarisiAATTsuse.com
- add missing python-sqlalchemy-migrate requirement

Sat May 18 14:00:00 2013 dmuellerAATTsuse.com
- update requires based on pip-requires

Fri May 10 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.2.a3.g2e5cab9:
+ use swift stable branch

Thu May 9 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.2.a1.gaea73a7:
+ Revoke tokens on user delete (bug 1166670)
+ Bump stable/grizzly next version to 2013.1.2

Tue May 7 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.1.a11.gb874c8f:
+ Skip IPv6 tests for eventlet dns

Fri May 3 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.1.a10.g3aa0f45:
+ Fix token ids for memcached
+ residual grants after delete action (bug1125637)
+ Mark LDAP password and admin_token secret
+ Set defaultbranch in .gitreview to stable/grizzly

Fri Apr 26 14:00:00 2013 dmuellerAATTsuse.com
- add 0001-fix-duplicate-option-error.patch
- Require the new python-python-memcached version (1.48)

Wed Apr 24 14:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.1.1.a4.g5929850:
+ Use is_enabled() in folsom->grizzly upgrade (bug 1167421)
+ Fix for configuring non-default auth plugins properly

Thu Apr 4 14:00:00 2013 dmuellerAATTsuse.com
- update to grizzly branch

Tue Apr 2 14:00:00 2013 speilickeAATTsuse.com
- Update to version 2013.1.rc3

Thu Mar 28 13:00:00 2013 dmuellerAATTsuse.com
- update to 2013.1.rc2

Tue Mar 26 13:00:00 2013 dmuellerAATTsuse.com
- downgrade to 2013.1

Mon Mar 25 13:00:00 2013 opensuse-cloudAATTopensuse.org
- Update to version 2013.2.a338.gbceee56:
+ Fix XML handling of member links (bug 1156594)
+ Test default_project_id scoping (bug 1023502)
+ Ensure delete domain removes all owned entities
+ Utilize legacy_endpoint_id column (bug 1154918)
+ Pass project membership as dict in migration 015.
+ V2, V3 token intermix for unscoped tokens (bug 1156913)
+ Revise docs to use keystoneclient.middleware.auth_token
+ Fix live ldap tests
+ Support for LDAP groups (bug #1092187)
+ Correct spacing in warning msg
+ Validate domains unconditionally (bug 1130236)
+ Prohibit V3 V2 token intermix for resource in non-default domain (bug 1157430)
+ Properly handle emulated ldap enablement
+ Wrap config module and require manual setup (bug 1143998)
+ Enable emulation for domains
+ Allow trusts to be optional
+ Version bump to 2013.2
+ Add a dereference option for ldap
+ Move trusts to extension
+ Make versions aware of enabled pipelines.
+ Imported Translations from Transifex
+ Rework S3Token middleware tests.
+ Rename trust extension.

Mon Mar 18 13:00:00 2013 speilickeAATTsuse.com
- Drop +git.$TIMESTAMP.$COMMITHASH version suffix

Sun Mar 17 13:00:00 2013 dmuellerAATTsuse.com
- Update to version 2013.1.a301.g16b4643+git.1363519715.16b4643:
+ Explain LDAP page_size & default value
+ Catch and log server exceptions
+ Filter out legacy_endpoint_id (bug 1152635)
+ Ensure tokens are revoked for relevant v3 api calls
+ Switch to final 1.1.0 oslo.config release
+ Added test cases to improve LDAP project testing
+ Migrate roles from metadata to user_project_metadata
+ duplicated trust tests
+ quiet route logging on skipped tests
+ Remove TODO that didn\'t land in grizzly
+ No parent exception to wrap
+ Remove duplicate password/token opts.
+ Fixes bug 1151747: broken XML translation for resource collections
+ xml_body returns backtrace on XMLSyntaxError
+ extracting user and trust ids into normalized fields
+ Discard null endpoints (bug 1152632)
- remove keystone-cs24277.diff:

* merged upstream

Wed Mar 13 13:00:00 2013 dmuellerAATTsuse.com
- add keystone-cs24277.diff:

* make keystone start again

Wed Mar 13 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1.a271.g45228ca+git.1363133844.45228ca:
+ cleanup trusts in controllers
+ remove spurious roles check
+ add belongs_to check
+ Improve tests for api protection and filtering

Tue Mar 12 13:00:00 2013 dmuellerAATTsuse.com
- require python-oslo.config

Tue Mar 12 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1.a263.g09e2fc7+git.1363047056.09e2fc7:
+ Make getting user-domain roles backend independant
+ Make Keystone return v3 as part of the version api
+ bug 1133526
+ Run keystone server in debug mode.
+ Fix folsom -> grizzly role table migration issues (bug 1119789)
+ Revert \"from tests import\"
+ Revert \"update tests/__init__.py to verify openssl version\"

Mon Mar 11 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1.a251.g59757f6+git.1362995983.59757f6:
+ Unpin pam dependency version
+ Sync timeutils with oslo
+ Remove obsolete
*page[_marker] methods from LDAP backend.
+ bug 1134802: fix inconsistent format for expires_at and issued_at
+ Trusts
+ Expand v3 trust test coverage
+ keystone : Use Ec2Signer utility class from keystoneclient
+ remove unused import
+ Move auth plugins to \'keystone.auth.plugins\' (bug 1136967)
+ ports should be ints in config (bug 1137696)
+ mark 2.0 API as stable
+ Straighten out NotFound raising in LDAP backend.
+ fix typo in kvs backend
+ Move get_by_name to LdapBase.
+ Remove unused methods from LDAP backed.
+ return 201 Created on POST request (bug1131119)
+ Delete tokens for user
+ unable to load certificate should abort request
+ add missing attributes for group/project tables (bug1126021)
+ v3 endpoints won\'t have legacy ID\'s (bug 1150930)
+ Change exception raised to Forbidden on trust_id
+ from tests import

Fri Mar 8 13:00:00 2013 vuntzAATTsuse.com
- Fix ownership of /var/log/keystone/keystone.log after call to
\"keystone-manage pki_setup\" in %post: if the package is installed
for the first time, the log file is owned by root, which breaks
keystone (since it can\'t write to the log file).

Thu Mar 7 13:00:00 2013 bwiedemannAATTsuse.com
- fix logging.conf to be about keystone and have absolute path

Tue Mar 5 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1.a210.g2515d1b+git.1362504154.2515d1b:
+ Ensure keystone unittests do not leave CONF.policyfile in bad state
+ Move handle_conflicts decorator into sql
+ flatten payload for policy
+ Convert api to controller
+ bug 1131840: fix auth and token data for XML translation
+ domain_id_attributes in config.py have wrong default value
+ command line switch for short pep8 output.
+ Setup logging in keystone-manage command.
+ Imported Translations from Transifex
+ Enable a parameters on ldap to allow paged_search of ldap queries This fixes bug 1083463
+ update tests/__init__.py to verify openssl version

Mon Mar 4 13:00:00 2013 iartarisiAATTsuse.com
- Move python-ldap requirement to python-keystone subpackage

Thu Feb 28 13:00:00 2013 dmuellerAATTsuse.com
- Fix last change

Mon Feb 25 13:00:00 2013 saschpeAATTsuse.de
- Ghost /var/run/keystone

Mon Feb 25 13:00:00 2013 saschpeAATTsuse.de
- Drop sysconfig from init scripts

Sun Feb 24 13:00:00 2013 dmuellerAATTsuse.com
- Update to version 2013.1.a191.g30dbb74+git.1361731931.30dbb74:
+ Remove test_auth_token_middleware
+ Silence routes internal debug logging
+ Workaround Migration issue with PostgreSQL
+ Add pysqlite as explicit test dep
+ project membership to role conversion
+ Remove usage of UserRoleAssociation.id in LDAP
+ Add an update option to run_tests.sh
+ make fakeldap._match_query work for an arbitrary number of groups
+ Update sample_data.sh to match docs
+ Use oslo-config-2013.1b3
+ Remove old, outdated keystone devref docs
+ Implement name space for domains
+ Update the Keystone policy engine to the latest openstack common
+ Ensure user and tenant enabled in EC2
+ merging in fix from oslo upstream
+ Disable XML entity parsing
+ make LDAP query scope configurable
+ enabled attribute emulation support
+ v3 token API
+ Pass query filter attributes to policy engine
+ Removed redundant assertion
+ Update oslo-config version.
+ domain-scoping
+ Fix id_to_dn for creating objects
+ Tests for domain-scoped tokens
+ Change the default LDAP mapping for description.
+ Correct SQL migration 017 column name

Fri Feb 22 13:00:00 2013 saschpeAATTsuse.de
- Require openstack-suse-macros instead of openstack-common-macros

Thu Feb 21 13:00:00 2013 iartarisiAATTsuse.com
- added oslo-config requirement

Mon Feb 18 13:00:00 2013 saschpeAATTsuse.de
- Init script cleanup:
+ Drop useless shell variables
+ Don\'t depend on $network facility, we already have $remote_fs
(comes after $network)
+ Source /etc/sysconfig/openstack-keystone (if available), orthogonal
to the other init scripts we provide. We\'re not using this feature
ATM though
- Default configuration cleanup:
+ Use openstack-utils to set as much default values in the package
as possible (instead of patch/sed/...). Some may be overwritting
later on by, .e.g., crowbar
- More useful lograte configuration:
+ Compress
+ Make sure to keep log files for at least 90 days (i.e. rotate 15
+ weekly = 15 weeks).
+ Add size=1M to avoid getting DoS\'ed by wild daemons
+ Use copytruncate instead of create+postrotate+sharedscripts to
avoid a daemon restart

Mon Feb 18 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1.a138.g5a8682d+git.1361180251.5a8682d:
+ fix unit test when memcache middleware is not configured
+ Fix bugs with set ldap password.
+ Cleaned up keystone-all --help output
+ add missing kvs functionality (bug1119770)
+ remove unneeded config reloading (it\'s already done during setUp)
+ Update to oslo version code.

Thu Feb 14 13:00:00 2013 iartarisiAATTsuse.com
- Remove unused/upstreamed patches for requests and LDAP scope

Thu Feb 14 13:00:00 2013 iartarisiAATTsuse.cz
- Update keystone-hybrid-backend to fix unit tests
- Update to version 2013.1+git.1360841915.901d079:
+ Fix normalize identity sql ugrade for Mysql and postgresql
+ Sync latest cfg from oslo-incubator
+ Update .coveragerc
+ Query only attributes strictly required for keystone when using it with existing LDAP servers
+ remove duplicate model declaration/attribution
+ import tools/flakes from oslo
+ Expand dependency injection test coverage
+ simplify query building logic
+ Generate apache-style common access logs
+ Add missing log_format, log_file, log_dir opts.
+ allow unauthenticated connections to an LDAP server
+ Missed import for IPv6 tests skip.
+ Spell accommodate correctly.
+ Use install_venv_common.py from oslo.
+ Keystone backend preparation for domain-scoping
+ Fix spelling mistakes
+ Fix test_contrib_s3_core unit test
+ add check for config-dir parameter (bug1101129)
+ don\'t create a new, copied list in get_project_users
+ Tenant update on LDAP breaks if there is no update to apply
+ adding additional backend tests (bug1101244)

Tue Feb 12 13:00:00 2013 dmuellerAATTsuse.com
- add service-endpoints for Quantum

Mon Feb 11 13:00:00 2013 dmuellerAATTsuse.com
- Update to version 2013.1+git.1360597319.c05041e:
+ Add --keystone-user/group to keystone-manage pki_setup
+ UserApi.update not to require all fields in arg
+ return 400 Bad Request if invalid params supplied (bug1061738)
+ Relational API links
+ Adds png versions of all svg image files. Changes reference.

Mon Feb 11 13:00:00 2013 dmuellerAATTsuse.com
- Remove lp-bug-1031372.patch:

* Merged upstream

Thu Feb 7 13:00:00 2013 iartarisiAATTsuse.com
- use in-memory database for hybrid backend unit-tests

Wed Feb 6 13:00:00 2013 iartarisiAATTsuse.com
- re-enable hybrid backend

Wed Feb 6 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1+git.1360164508.8ec247b:
+ Document user group LDAP options
+ Why .pop()\'ing urls first is important
+ Imported Translations from Transifex
+ Delete Roles for User and Project LDAP
+ Fixes \'not in\' operator usage
+ Add size validations to token controller.

Mon Feb 4 13:00:00 2013 dmuellerAATTsuse.com
- Update to version 2013.1+git.1359979034.4722c84:
+ Updates migration 008 to work on PostgreSQL.
+ Create a default domain (bp default-domain)
+ tenant to project in the apis
+ Tenant to Project in Back ends
+ Enable/disable domains (bug 1100145)
+ Readme: use \'doc\' directory not \'docs\'

Thu Jan 31 13:00:00 2013 dmuellerAATTsuse.com
- Add lp-bug-1031372.patch: Rework the way pki_setup is used

Mon Jan 28 13:00:00 2013 saschpeAATTsuse.de
- Add keystone-requests-compat.patch: Compatiblity with requests>=1.0

Mon Jan 28 13:00:00 2013 dmuellerAATTsue.com
- Update to version 2013.1+git.1359377368.56f194a:
+ rename tenant to project in sql
+ Fix pep8 error.

Wed Jan 23 13:00:00 2013 cloud-develAATTsuse.de
- Update to version 2013.1+git.1358959177.7691276:
+ Limit the size of HTTP requests.

Wed Jan 23 13:00:00 2013 saschpeAATTsuse.de
- Clean up %config(noreplace), only logrotate config and
*.conf
files should be noreplace

Tue Jan 22 13:00:00 2013 dmuellerAATTsuse.com
- use pki_setup to setup initial public/private key pair

Mon Jan 21 13:00:00 2013 dmuellerAATTsuse.com
- Update to version 2013.1+git.1358761910.8748cfa:
+ Allow running of sql against the live DB.
+ Test that you can undo & re-apply all migrations
+ downgrade user and tenant
+ Auto-detect max SQL migration
+ Safer data migrations
+ Sync base identity Driver defs with SQL driver
+ Fix i18n of string templates.
+ Enhance wsgi to listen on ipv6 address
+ add database string field length check
+ Autoload schema before creating FK\'s (bug 1098174)
+ Enable exception format checking in the tests.
+ reorder tables for delete

Wed Jan 16 13:00:00 2013 dmuellerAATTsuse.com
- copy example ssl cert to the place where keystone expects it
- remove apache2 ssl/wsgi wrapper, keystone can do SSL on its
own

Mon Jan 14 13:00:00 2013 saschpeAATTsuse.de
- Update to version 2013.1+git.1358172938.ceec5c0:
+ Validated URLs in v2 endpoint creation API
+ Fixes import order nits
+ Cleanup keystoneclient testing requirements
+ Correct spelling errors / typos in test names
+ Keystone server support for user groups
+ Add missing .po files to tarball
+ adds keyring to test-requires
+ Revert \"shorten pep8 output\"
+ Upgrade WebOb to 1.2.3
+ il8n some strings
+ Imported Translations from Transifex
+ Removed unused variables
+ Removed unused imports
+ Add pyflakes to tox.ini
+ Fix spelling typo
+ shorten pep8 output
+ Driver registry
+ Adding a means to connect back to a pydevd debugger.
+ add in pip requires for requests
+ Split endpoint records in SQL by interface
+ Fix typo s/interalurl/internalurl/
+ module refactoring
+ Test for content-type appropriate 404 (bug 1089987)
+ Imported Translations from Transifex
+ fixing bug 1046862
+ Expand default time delta (bug 1089988)
+ Add tests for contrib.s3.core.
+ Test drivers return HTTP 501 Not Implemented
+ Support non-default role_id_attribute
+ Remove swift auth.
+ Move token controller into keystone.token
+ Import pysqlite2 if sqlite3 is not available.
+ Remove mentions of essex in docs (bug 1085247)
+ Ensure serviceCatalog is list when empty, not dict
+ Adding downgrade steps for migration scripts.
+ Port to argparse based cfg
+ Only \'import
*\' from \'core\' modules
+ use keystone test and change config during setUp
+ Bug 1075090 -- Fixing log messages in python source code to support internationalization.
+ Added documentation for the external auth support
+ check the redirected path on the request, not the response
+ Validate password type (bug 1081861)
+ split identities module into logical parts remove unneeded imports from core
+ Ensure token expiration is maintained (bug 1079216)
+ normalize identity
+ Fixes typo in keystone setup doc
+ Imported Translations from Transifex
+ Stop using cfg\'s internal implementation details
+ syncing run_tests to match tox
+ Expose auth failure details in debug mode
+ Utilize policy.json by default (bug 1043758)
+ Wrap v3 API with RBAC (bug 1023943)
+ v3 Identity
+ v3 Catalog
+ v3 Policies
+ Import auth_token middleware from keystoneclient
+ Imported Translations from Transifex
+ Refix transient test failures
+ Make the controller addresses configurable.
+ Expose authn/z failure info to API in debug mode
+ Refactor TokenController.authenticate() method.
+ Fix error un fixtures.
+ Ensures User is member of tenant in ec2 validation
+ Properly list tokens with a null tenant
+ Reduce total number of fixtures
+ Provide config file fields for enable users in LDAP backend (bug1067516)
+ populate table check.
+ Run test_keystoneclient_sql in-memory
+ Make tox.ini run pep8 checks on bin.
+ tweaking docs to fix link to wiki Keystone page
+ Various pep8 fixes for keystone.
+ Use the right subprocess based on os monkeypatch
+ Fix transient test failures (bug 1077065, bug 1045962)
+ Rewrite initial migration
+ Fix default port for identity.internalURL
+ Improve feedback on test failure
+ fixes bug 1074172
+ SQL upgrade test.
+ Include \'extra\' attributes twice (bug 1076120)
+ Return non-indexed attrs, not \'extra\' (bug 1075376)
+ bug 1069945: generate certs for the tests in one place
+ monkeypatch cms Popen
+ HACKING compliance: consistent use of \'except\'
+ auth_token hash pki key PKI tokens on hash in memcached when accessed by auth_token middelware
+ key all backends off of hash of pki token.
+ don\'t import filter_user name, use it from the identity module
+ don\'t modify the passed in dict to from_dict
+ move hashing user password functions to common/utils
+ ignore .tox directory for pep8 in runtests
+ Imported Translations from Transifex
+ Implements REMOTE_USER authentication support.
+ pin sqlalchemy to 0.7
+ Move \'opentack.context\' and \'openstack.params\' definitions to keystone.common.wsgi
+ Removes duplicate flag for token_format.
+ Raise exception if openssl stderr indicates one.
+ Ignore keystone.openstack for PEP8
+ Fixed typo in log message
+ Fixes 500 err on authentication for invalid body
+ Enable Deletion of Services with Endpoints
+ Exception.message deprecated in py26 (bug 1070890)
+ Utilize logging instead of print()
+ stop LdapIdentity.create_user from returning the user\'s password
+ Compare token expiry without seconds
+ Moved SQL backend tests into memory
+ Add trove classifiers for PyPI
+ Adding handling for get user/tenant by name
+ Fixed bug 1068851. Refreshed new crypto for the SSL tests.
+ move filter_user function to keystone.identity.core
+ Fixes response for missing credentials in auth
+ making PKI default token type
+ Fixes Bug 1063852
+ bug 1068674
+ Update common.
+ Extract hardcoded configuration in ldap backend (bug 1052111)
+ Fix Not Found error, when router not match.
+ add --config-dir=DIR for keystone-all option
+ Add --config-dir=DIR in OPTIONS
+ Delete role does not delete role assignments in tenants (bug 1057436)
+ replacing PKI token detection from content length to content prefix. (bug 1060389)
+ Document PKI configuration and management
+ Raise if we see incorrect keyword args \"condition\" or \"methods\"
+ Filter users in LDAP backend (bug 1052925)
+ Use setup.py develop to insert code into venv.
+ Raise 400 if credentials not provided (bug 1044032)
+ Fix catalog when services have no URL
+ Unparseable endpoint URL\'s should raise friendly error
+ Configurable actions on LDAP backend in users Active Directory (bug 1052929)
+ Unable to delete tenant if contains roles in LDAP backend (bug 1057407)
+ Replaced underscores with dashes
+ fixes bug 1058429
+ Command line switch for standard threads.
+ Remove run_test.py in favor of stock nose.
+ utf-8 encode user keys in memcache (bug 1056373)
+ Convert database schemas to use utf8 character set.
+ Return a meaningful Error when token_id is missing
+ Backslash continuation cleanup
+ notify calling process we are ready to serve
+ add Swift endpoint in sample data
+ Updated Fix for duplicated entries on LDAP backend for get_tenant_users
+ Fix wsgi config file access for HTTPD
+ Bump version to 2013.1
+ add Quantum endpoint in sample data
+ Add XML namespace support for OSADM service api.
+ Identity API v3 Config, Routers, Controllers
- Updated requirements
- Dropped patches (merged upstream):
+ keystone-certs-test.patch
+ keystone-sql-backend-from_dict.patch
+ keystone-webob-empty-resp-environ.patch
- Dropped FIX-BUILD.patch, we should fix that finally
- Disabled hybrid LDAP backend

Fri Jan 11 13:00:00 2013 iartarisiAATTsuse.com
- revert %setup to also unpack hybrid backend tarball

Fri Jan 11 13:00:00 2013 iartarisiAATTsuse.com
- update and re-enable backend hybrid code:

* use sample config for testing

* raise errors in user retrieval code instead of returning None

Fri Jan 11 13:00:00 2013 saschpeAATTsuse.de
- Require WebTest instead of webtest in the test sub-package

Thu Jan 10 13:00:00 2013 saschpeAATTsuse.de
- Add logrotate configuration

Wed Jan 9 13:00:00 2013 bwiedemannAATTsuse.com
- package sample_data.sh for use in quickstart script

Wed Dec 19 13:00:00 2012 saschpeAATTsuse.de
- Move to obs-service-git_tarballs
- Update to version 2012.2.3+git.1355917214.0c8c2a3:
+ Merge commit \'refs/changes/01/17901/1\' of ssh://review.openstack.org:29418/openstack/keystone into stable/folsom
+ Bump next version to 2012.2.3
+ Ensure serviceCatalog is list when empty, not dict

Mon Dec 10 13:00:00 2012 saschpeAATTsuse.de
- Update to version 2012.2.1+git.1354224563.7869c3e:
+ lp#1064914 Removing user from a tenant isn\'t invalidating user access to
tenant
+ lp#1073569 Jenkins jobs fail because of incompatibility between
sqlalchemy-migrate and the newest sqlalchemy-0.8.0b1
+ lp#1078497 keystone throws error when removing user from tenant.
+ lp#1060389 Non PKI Tokens longer than 32 characters can never be valid
+ lp#1068851 Openssl tests rely on expired certificate
+ lp#1079216 token expires time incorrect for auth by one token
+ lp#968519 Object reference validation should occur in drivers
+ lp#1068674 Redo part of bp/sql-identiy-pam undone by bug 968519

Wed Dec 5 13:00:00 2012 saschpeAATTsuse.de
- Use AATTPARENT_TAGAATT in _service file to automate versioning

Mon Dec 3 13:00:00 2012 iartarisiAATTsuse.com
- fix unittest failure with ssl certificates

Fri Nov 30 13:00:00 2012 iartarisiAATTsuse.com
- fix unittest failure on our version of webob

Thu Nov 22 13:00:00 2012 iartarisiAATTsuse.com
- fix typo in passlib dependency package name

Thu Nov 22 13:00:00 2012 saschpeAATTsuse.de
- Split of doc package into seperate spec file
- Comment out hybrid_backend parts for now to fix build
- Re-arranged %build section to match other packages
- Removed a whole bunch of unneded build requirements
- Updated requirements for python module and test sub-packages

Wed Nov 21 13:00:00 2012 iartarisiAATTsuse.com
- disable keystone-hybrid-backend source service

Tue Nov 20 13:00:00 2012 iartarisiAATTsuse.com
- Add source service for keystone-hybrid-backend
- Update to latest git (f65604d):
+ Ensures User is member of tenant in ec2 validation

Thu Nov 15 13:00:00 2012 saschpeAATTsuse.de
- Use openstack-macros

Thu Nov 8 13:00:00 2012 saschpeAATTsuse.de
- Fix malformed changes file entries

Thu Nov 8 13:00:00 2012 saschpeAATTsuse.de
- Update to version 2012.2 (Folsom):
+ See https://github.com/openstack/keystone/commits/folsom-3
- Drop the following upstreamed patches:
+ keystone-ldap-no-authentication.patch
+ keystone-log-warn-auth-errors.patch
- Rebased the following patches:
+ keystone-sql-backend-from_dict.patch
+ keystone-hybrid-conf-scope.patch
- BuildRequire python-pam for man-page build
- Install new man-pages keystone-all.1 and keystone-manage.1
- Introduce temporary FIX-BUILD.patch

Thu Nov 8 13:00:00 2012 saschpeAATTsuse.de
- Drop from_vcs build flag

Wed Oct 31 13:00:00 2012 saschpeAATTsuse.de
- Drop temporary fixes for file permissions and attributes in %post
section. They were necessary only to migrate from pre-1.0 packages.

Tue Oct 16 14:00:00 2012 iartarisiAATTsuse.cz
- patch sql backend\'s from_dict method to not modify the content of the
passed in dict (lp:1066851)

Wed Oct 10 14:00:00 2012 iartarisiAATTsuse.cz
- add hybrid backend test configuration file

Wed Oct 10 14:00:00 2012 iartarisiAATTsuse.cz
- make user search ldap SCOPE configurable in the hybrid backend

Mon Oct 8 14:00:00 2012 iartarisiAATTsuse.cz
- fix LDAP bind with dinamically found user DN

Fri Oct 5 14:00:00 2012 iartarisiAATTsuse.cz
- hybrid backend fixes:
+ use the DN for the user we just signed in to check for password
+ fix invalid user error (bnc#783200)

Tue Oct 2 14:00:00 2012 iartarisiAATTsuse.cz
- fix checking for SQL user passwords in the hybrid backend bnc#783036

Mon Oct 1 14:00:00 2012 jenkinsAATTsuse.de
- Update to latest git (0e1f05e):
+ utf-8 encode user keys in memcache (bug 1056373)

Wed Sep 26 14:00:00 2012 jdsnAATTsuse.de
- make init script start after database (bnc#781798)

Sun Sep 16 14:00:00 2012 jenkinsAATTsuse.de
- Update to latest git (176ee9b):
+ Require authz to update user\'s tenant (bug 1040626)
+ List tokens for memcached backend
+ Delete user tokens after role grant/revoke
+ Limit token revocation to tenant (bug 1050025)

Wed Sep 12 14:00:00 2012 vuntzAATTsuse.com
- Do not use a sed to modify /usr/bin/gensslcert in %post: this
file belongs to another package, and we actually don\'t do any
change with the sed... Fix bnc#779747.

Mon Sep 10 14:00:00 2012 vuntzAATTsuse.com
- Add keystone-fix-revoke.patch: fix revoking of roles to also
invalidate already existing tokens. Fix bnc#779477,
CVE-2012-4413.

Tue Aug 28 14:00:00 2012 cthielAATTsuse.com
- Require authz to update user\'s tenant (lp#1040626, bnc#777664)

Fri Aug 24 14:00:00 2012 bwiedemannAATTsuse.com
- mark hybrid_config.py as config

Thu Aug 23 14:00:00 2012 jenkinsAATTsuse.de
- Update to latest git (a16a0ab):
+ Allow overloading of username and tenant name in the config files.
+ Returning roles from authenticate in ldap backend

Tue Aug 14 14:00:00 2012 iartarisiAATTsuse.cz
- Add hybrid identity backend

Tue Aug 14 14:00:00 2012 iartarisiAATTsuse.cz
- Add patch to log all Unauthorized exceptions (authentication
failures). Discussed in bnc#753329.

Fri Aug 10 14:00:00 2012 jenkinsAATTsuse.de
- Update to latest git (359c426):
+ Open 2012.1.3 development

Wed Aug 8 14:00:00 2012 jenkinsAATTsuse.de
- Update to latest git (afc37ae):
+ Open 2012.1.2 development

Tue Aug 7 14:00:00 2012 bwiedemannAATTsuse.com
- drop executable bit from config file

Tue Jul 31 14:00:00 2012 jenkinsAATTsuse.de
- Update to latest git (f65604d):
+ fix variable names to coincide with the ones in common.ldap
+ Import ec2 credentials from old keystone db
+ Raise unauthorized if tenant disabled (bug 988920)

Tue Jul 31 14:00:00 2012 iartarisiAATTsuse.cz
- Remove fix-ldap-varnames patch after being accepted upstream

Wed Jul 25 14:00:00 2012 saschpeAATTsuse.de
- Secure file permissions for Apache SSL certificate files

Thu Jul 19 14:00:00 2012 cthielAATTsuse.com
- drop keystone-cleanup-user-tenant-deletion.patch, which has been merged
upstream: https://review.openstack.org/#/c/7482/

Tue Jul 17 14:00:00 2012 saschpeAATTsuse.de
- Fix WSGI app names, use the \'composite\' apps to get the correct
routes mapping

Tue Jul 17 14:00:00 2012 saschpeAATTsuse.de
- Forward keystone WSGI log events to mod_wsgi

Tue Jul 17 14:00:00 2012 iartarisiAATTsuse.cz
- Fix some variable names in the LDAP backend which were causing
NameErrors
- Don\'t require authentication for LDAP

Mon Jul 16 14:00:00 2012 iartarisiAATTsuse.cz
- Fix bnc#755426 cleanup dependent data upon user/tenant deletion

Mon Jul 9 14:00:00 2012 saschpeAATTsuse.de
- Provide Apache2 SSL-proxy example configuration based on mod_wsgi
- Provide self-signed SSL certificates to be used for non-production setups
(like openstack-quickstart)
- Fix /var/lib/keystone permissions to 0755

Mon Jul 2 14:00:00 2012 saschpeAATTsuse.de
- Drop runtime requirement on openstack-glance
- Change requirement for openstack-swift to python-swift, keystone
only seems to use it in the S3-compatibility code
- Change requirement for openstack-nova to python-nova, keystone
only seems to use it in the EC2-compatibility code

Wed Jun 27 14:00:00 2012 saschpeAATTsuse.de
- Change versioning scheme to $release+git.$AUTHORDATE.$COMMITREV
- Simplify from_vcs macros

Wed Jun 27 14:00:00 2012 vuntzAATTsuse.com
- Really drop unused disable-tests.patch: not needed anymore.

Tue Jun 26 14:00:00 2012 saschpeAATTsuse.de
- Consistent package summaries
- Use upstream description and correct URL
- Macro cleanup:
+ Package is noarch except for SLE-11
+ No need to redefine %_initddir, SLE-11 works correctly

Mon Jun 25 14:00:00 2012 saschpeAATTsuse.de
- Also install documentation and manpage when build
- No need for \"fixing\" the %_initddir macro

Tue Jun 12 14:00:00 2012 saschpeAATTsuse.de
- Use \'openstack-keystone\' system user instead of \'keystone\'

Wed Jun 6 14:00:00 2012 saschpeAATTsuse.de
- Add %restart_on_update to %post section for openstack-keystone
(daemons should be restarted after package update)
- Fix some rpmlint warnings
- Added rpmlintrc for non-issues

Thu May 24 14:00:00 2012 jfehligAATTsuse.com
- Add \'Requires: python >= 2.6.8\' to openstack-keystone and
python-keystone subpackage

Thu Mar 29 14:00:00 2012 bwiedemannAATTsuse.com
- use latest upstream default_catalog.templates to fix nova-volume problems

Tue Feb 14 13:00:00 2012 bwiedemannAATTsuse.com
- run as keystone user

Wed Feb 8 13:00:00 2012 rhaferAATTsuse.de
- Updated to the lastest git checkout

Thu Jan 26 13:00:00 2012 rhaferAATTsuse.de
- Fixed try-restart implementation in init-script

Thu Jan 26 13:00:00 2012 rhaferAATTsuse.de
- Fixed init script dependencies

Thu Jan 26 13:00:00 2012 rhaferAATTsuse.de
- removed no longer needed workaround for lp#921054
- patch for lp#921634 is upstreamed
- refreshed config file patch

Tue Jan 24 13:00:00 2012 rhaferAATTsuse.de
- Added workaround for doc/, examples/ and tools/ dirs showing up
in site-packages/
(https://bugs.launchpad.net/keystone/+bug/921054)
- Include examples into the -doc subpackage

Tue Jan 24 13:00:00 2012 rhaferAATTsuse.de
- cleaned up more dependencies

Mon Jan 23 13:00:00 2012 rhaferAATTsuse.de
- run testsuite during build

Fri Jan 20 13:00:00 2012 rhaferAATTsuse.de
- Updated to today\'s git snapshot
- Removed some unneeded conditionals
- Updated dependencies

Mon Jan 16 13:00:00 2012 prusnakAATTopensuse.org
- fix initscript scriptlets

Tue Jan 10 13:00:00 2012 bwiedemannAATTsuse.com
- use spdx.org License name Apache-2.0

Tue Dec 13 13:00:00 2011 mlinAATTsuse.com
- Enabled build from git
- Removed unnecessary dependencies
- Separate python-keystone
- Fix rpmlint warning
- Enabled build for Fedora

Mon Dec 5 13:00:00 2011 prusnakAATTopensuse.org
- added preun and postun sections to handle initscripts

Mon Dec 5 13:00:00 2011 prusnakAATTopensuse.org
- spec cleanup


  
ICM