From f277b4c585c8a73d68088ebea6d1adf1e2909d64 Mon Sep 17 00:00:00 2001 From: sayalilunkad Date: Sun, 30 Nov 2014 20:09:22 +0530 Subject: [PATCH] Uses openssl to generate random token This patch remove the hard-coded value for the ADMIN_TOKEN and generates the token dynamically using openssl as per the install-guides. Change-Id: I7010bac7724dadb6cf1a34481048d77fbcb8604b --- labs/config/credentials | 5 ----- labs/scripts/setup_keystone.sh | 10 +++++----- 2 files changed, 5 insertions(+), 10 deletions(-) diff --git a/labs/config/credentials b/labs/config/credentials index d34f5aed..15a3465f 100644 --- a/labs/config/credentials +++ b/labs/config/credentials @@ -13,11 +13,6 @@ # Used for MySQL or whatever other DBMS is configured : ${RABBIT_PASSWORD:=rabbitPass} -# A "shared secret" used as OS_SERVICE_TOKEN, together with -# OS_SERVICE_ENDPOINT, before keystone can be used for authentication -# Produced by: openssl rand -hex 10 -: ${ADMIN_TOKEN:=c9fbb405c325e018fc5e} - # Tenant and role for admin accounts : ${ADMIN_ROLE_NAME:=admin} : ${ADMIN_TENANT_NAME:=admin} diff --git a/labs/scripts/setup_keystone.sh b/labs/scripts/setup_keystone.sh index de888ee0..8fcbe748 100755 --- a/labs/scripts/setup_keystone.sh +++ b/labs/scripts/setup_keystone.sh @@ -41,11 +41,11 @@ setup_database keystone echo "Creating the database tables for keystone." sudo keystone-manage db_sync -# NOTE: Commenting out command for openssl to -# generate random token as we are passing default value in -# $ADMIN_TOKEN. Should be changed in future to follow -# install-guides structure. -# openssl rand -hex 10 +# Create a "shared secret" used as OS_SERVICE_TOKEN, together with +# OS_SERVICE_ENDPOINT, before keystone can be used for authentication +echo -n "Using openssl to generate a random admin token: " +ADMIN_TOKEN=$(openssl rand -hex 10) +echo "$ADMIN_TOKEN" echo "Configuring [DEFAULT] section in /etc/keystone/keystone.conf."