Add keystone user for keystone-manage commands Change-Id: I754540fe3d33bdb2f9369c461d32baa018e2792e Related-Prod: PROD-26062

commit: 2a7bd98fa3d07b4313ff70c03d68a58a3578a85a [log] [tgz]
author: Oleksandr Bryndzii <obryndzii@mirantis.com> Fri Dec 21 10:07:17 2018 +0000
committer: Oleksandr Bryndzii <obryndzii@mirantis.com> Fri Dec 21 14:06:15 2018 +0000
tree: 037a3459b3d9c91de2a4c6957df94d7c10a61e1a
parent: e2bb1e90901ae0c9e9e5c14fd9495809cfd47f5d [diff]
diff --git a/keystone/db/offline_sync.sls b/keystone/db/offline_sync.sls
index 3b0147d..4be91d6 100644
--- a/keystone/db/offline_sync.sls
+++ b/keystone/db/offline_sync.sls

@@ -3,6 +3,7 @@
 keystone_syncdb:
   cmd.run:
   - name: keystone-manage db_sync && sleep 1
+  - runas: 'keystone'
   - timeout: 120
   {%- if grains.get('noservices') or server.get('role', 'primary') == 'secondary' %}
   - onlyif: /bin/false

diff --git a/keystone/server.sls b/keystone/server.sls
index 95094a6..be3a282 100644
--- a/keystone/server.sls
+++ b/keystone/server.sls

@@ -330,6 +330,7 @@
 keystone_fernet_setup:
   cmd.run:
   - name: keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
+  - runas: 'keystone'
   - require:
     - service: {{ keystone_service }}
     - file: keystone_fernet_keys
@@ -378,6 +379,7 @@
 keystone_credential_setup:
   cmd.run:
   - name: keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
+  - runas: 'keystone'
   - require:
     - service: {{ keystone_service }}
     - file: keystone_credential_keys
@@ -410,6 +412,7 @@
           --bootstrap-service-name keystone
           --bootstrap-region-id {{ server.get('admin_region', 'RegionOne') }}
           --bootstrap-internal-url {{ server.bind.get('protocol', 'http') }}://{{ server.bind.address }}:{{ server.bind.get('port', 5000) }}
+  - runas: 'keystone'
   - unless:
       . /root/keystonercv3; openstack endpoint list --service identity --interface internal -f value -c URL  |grep {{ server.bind.get('port', 5000) }}
     {%- if grains.get('noservices', False) %}

diff --git a/keystone/upgrade/post/init.sls b/keystone/upgrade/post/init.sls
index 70f9bf1..7957078 100644
--- a/keystone/upgrade/post/init.sls
+++ b/keystone/upgrade/post/init.sls

@@ -9,6 +9,7 @@
 keystone_doctor:
   cmd.run:
     - name: keystone-manage doctor
+    - runas: 'keystone'
   {%- if grains.get('noservices') or server.get('role', 'primary') == 'secondary' %}
     - onlyif: /bin/false
   {%- endif %}

diff --git a/keystone/upgrade/pre/init.sls b/keystone/upgrade/pre/init.sls
index b9c09c3..34438ac 100644
--- a/keystone/upgrade/pre/init.sls
+++ b/keystone/upgrade/pre/init.sls

@@ -9,6 +9,7 @@
 keystone_doctor:
   cmd.run:
     - name: keystone-manage doctor
+    - runas: 'keystone'
   {%- if grains.get('noservices') or server.get('role', 'primary') == 'secondary' %}
     - onlyif: /bin/false
   {%- endif %}
commit	2a7bd98fa3d07b4313ff70c03d68a58a3578a85a	[log] [tgz]
author	Oleksandr Bryndzii <obryndzii@mirantis.com>	Fri Dec 21 10:07:17 2018 +0000
committer	Oleksandr Bryndzii <obryndzii@mirantis.com>	Fri Dec 21 14:06:15 2018 +0000
tree	037a3459b3d9c91de2a4c6957df94d7c10a61e1a
parent	e2bb1e90901ae0c9e9e5c14fd9495809cfd47f5d [diff]