Gitiles
Code Review Sign In
gerrit.mcp.mirantis.com / salt-models / reclass-system / 05238eba875d1985b62a0b4dba0cb81bfd15e052
commit05238eba875d1985b62a0b4dba0cb81bfd15e052[log] [tgz]
authorPavlo Shchelokovskyy <shchelokovskyy@gmail.com>Thu May 16 16:04:33 2019 +0300
committeroshyshko <oshyshko@mirantis.com>Tue May 21 08:03:01 2019 +0000
tree1b3ab0b82341d4f630a15c64df523ce70d0eaf5f
parent9f9b9e68ef40a543ed344b65af872f0ab3d40811 [diff]
Do not lockout service users on auth failures

whith security compliance in keystone enabled and predictable service
user names it is very easy to DoS the cloud when locking out of service
users on auth failure is not disabled.

Change-Id: I6974b670fc2b7a2b384f8bc8a2c939929ef59064
Related-Issue: PROD-28027
(cherry picked from commit c2d455aaf3942a9b0bbd1ae2929df56606ec61b6)
1 file changed
tree: 1b3ab0b82341d4f630a15c64df523ce70d0eaf5f
  1. .releasenotes/
  2. aodh/
  3. apache/
  4. aptly/
  5. artifactory/
  6. auditd/
  7. backupninja/
  8. barbican/
  9. billometer/
  10. bind/
  11. cassandra/
  12. ccp/
  13. ceilometer/
  14. ceph/
  15. cinder/
  16. collectd/
  17. debmirror/
  18. defaults/
  19. designate/
  20. devops_portal/
  21. docker/
  22. dogtag/
  23. elasticsearch/
  24. etcd/
  25. fluentd/
  26. freeipa/
  27. galera/
  28. gerrit/
  29. git/
  30. glance/
  31. glusterfs/
  32. gnocchi/
  33. grafana/
  34. graphite/
  35. haproxy/
  36. heat/
  37. heka/
  38. helm/
  39. horizon/
  40. influxdb/
  41. ironic/
  42. jenkins/
  43. keepalived/
  44. keycloak/
  45. keystone/
  46. kibana/
  47. kubernetes/
  48. libvirt/
  49. linux/
  50. maas/
  51. manila/
  52. memcached/
  53. model_manager/
  54. mongodb/
  55. murano/
  56. mysql/
  57. nagios/
  58. neutron/
  59. nginx/
  60. nova/
  61. ntp/
  62. octavia/
  63. opencontrail/
  64. openldap/
  65. openscap/
  66. openssh/
  67. panko/
  68. postgresql/
  69. powerdns/
  70. prometheus/
  71. rabbitmq/
  72. reclass/
  73. rsyslog/
  74. rundeck/
  75. sahara/
  76. salt/
  77. sensu/
  78. sphinx/
  79. statsd/
  80. swift/
  81. telegraf/
  82. vnf_onboarding/
  83. watchdog/
  84. xtrabackup/
  85. zookeeper/
  86. .gitignore
  87. .gitreview
  88. CHANGELOG.rst
  89. init.yml
  90. README.rst