Browse code
don't use secrete as admin password - fixes #34
Jesse Andrews authored on 2011/10/03 03:11:17Showing 2 changed files
| ... | ... |
@@ -6,8 +6,8 @@ $BIN_DIR/keystone-manage $* tenant add demo |
| 6 | 6 |
$BIN_DIR/keystone-manage $* tenant add invisible_to_admin |
| 7 | 7 |
|
| 8 | 8 |
# Users |
| 9 |
-$BIN_DIR/keystone-manage $* user add admin secrete |
|
| 10 |
-$BIN_DIR/keystone-manage $* user add demo secrete |
|
| 9 |
+$BIN_DIR/keystone-manage $* user add admin %ADMIN_PASSWORD% |
|
| 10 |
+$BIN_DIR/keystone-manage $* user add demo %ADMIN_PASSWORD% |
|
| 11 | 11 |
|
| 12 | 12 |
# Roles |
| 13 | 13 |
$BIN_DIR/keystone-manage $* role add Admin |
| ... | ... |
@@ -36,6 +36,8 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS |
| 36 | 36 |
# Tokens |
| 37 | 37 |
$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00 |
| 38 | 38 |
|
| 39 |
-# EC2 related creds |
|
| 40 |
-$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" |
|
| 41 |
-$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials" |
|
| 39 |
+# EC2 related creds - note we are setting the token to user_password |
|
| 40 |
+# but keystone doesn't parse them - it is just a blob from keystone's |
|
| 41 |
+# point of view |
|
| 42 |
+$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials" |
|
| 43 |
+$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials" |
| ... | ... |
@@ -147,6 +147,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292}
|
| 147 | 147 |
# Service Token - Openstack components need to have an admin token |
| 148 | 148 |
# to validate user tokens. |
| 149 | 149 |
SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`}
|
| 150 |
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`}
|
|
| 150 | 151 |
|
| 151 | 152 |
# Install Packages |
| 152 | 153 |
# ================ |
| ... | ... |
@@ -415,6 +416,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
| 415 | 415 |
cp $FILES/keystone_data.sh $KEYSTONE_DATA |
| 416 | 416 |
sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA |
| 417 | 417 |
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA |
| 418 |
+ sudo sed -e "s,%ADMIN_PASSWORD%,$ADMIN_PASSWORD,g" -i $KEYSTONE_DATA |
|
| 418 | 419 |
# initialize keystone with default users/endpoints |
| 419 | 420 |
BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA |
| 420 | 421 |
fi |
| ... | ... |
@@ -513,6 +515,8 @@ fi |
| 513 | 513 |
if [[ "$ENABLED_SERVICES" =~ "key" ]]; then |
| 514 | 514 |
echo "keystone is serving at http://$HOST_IP:5000/v2.0/" |
| 515 | 515 |
echo "examples on using novaclient command line is in exercise.sh" |
| 516 |
+ echo "the default users are: admin and demo" |
|
| 517 |
+ echo "the password: $ADMIN_PASSWORD" |
|
| 516 | 518 |
fi |
| 517 | 519 |
|
| 518 | 520 |
# Summary |