From 920a49cfa055733d575282973e23558c33087a4a Mon Sep 17 00:00:00 2001 From: RHE Date: Fri, 24 Nov 2017 13:54:26 +0100 Subject: remove keystone-moon Change-Id: I80d7c9b669f19d5f6607e162de8e0e55c2f80fdd Signed-off-by: RHE --- .../notes/add-bootstrap-cli-192500228cc6e574.yaml | 17 ----------------- 1 file changed, 17 deletions(-) delete mode 100644 keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml (limited to 'keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml') diff --git a/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml b/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml deleted file mode 100644 index 997ee64a..00000000 --- a/keystone-moon/releasenotes/notes/add-bootstrap-cli-192500228cc6e574.yaml +++ /dev/null @@ -1,17 +0,0 @@ ---- -features: - - > - [`blueprint bootstrap `_] - keystone-manage now supports the bootstrap command - on the CLI so that a keystone install can be - initialized without the need of the admin_token - filter in the paste-ini. -security: - - The use of admin_token filter is insecure compared - to the use of a proper username/password. Historically - the admin_token filter has been left enabled in - Keystone after initialization due to the way CMS - systems work. Moving to an out-of-band initialization using - ``keystone-manage bootstrap`` will eliminate the security concerns around - a static shared string that conveys admin access to keystone - and therefore to the entire installation. -- cgit 1.2.3-korg