def main(cls): from keystone.token.providers.fernet import utils as fernet keystone_user_id, keystone_group_id = cls.get_user_group() fernet.create_key_directory(keystone_user_id, keystone_group_id) if fernet.validate_key_repository(requires_write=True): fernet.initialize_key_repository(keystone_user_id, keystone_group_id)
def symptom_usability_of_Fernet_key_repository(): """Fernet key repository is not setup correctly. The Fernet key repository is expected to be readable by the user running keystone, but not world-readable, because it contains security-sensitive secrets. """ return ('fernet' in CONF.token.provider and not fernet_utils.validate_key_repository())
def symptom_usability_of_Fernet_key_repository(): """Fernet key repository is not setup correctly. The Fernet key repository is expected to be readable by the user running keystone, but not world-readable, because it contains security-sensitive secrets. """ return ( 'fernet' in CONF.token.provider and not fernet_utils.validate_key_repository())
def main(cls): from keystone.token.providers.fernet import utils as fernet keystone_user_id, keystone_group_id = cls.get_user_group() if fernet.validate_key_repository(): fernet.rotate_keys(keystone_user_id, keystone_group_id)
def main(cls): keystone_user_id, keystone_group_id = cls.get_user_group() if fernet.validate_key_repository(): fernet.rotate_keys(keystone_user_id, keystone_group_id)
def main(cls): keystone_user_id, keystone_group_id = cls.get_user_group() fernet.create_key_directory(keystone_user_id, keystone_group_id) if fernet.validate_key_repository(): fernet.initialize_key_repository( keystone_user_id, keystone_group_id)