Enabling service's users in /etc/cron.allow When https://gerrit.mcp.mirantis.net/25051 is merged only users added to `linux:system:cron` pillar will be allowed to use crontab tasks. This commit adds the following users: * aodh * cassandra * ceph * elasticsearch * glance * keystone * panko * xtrabackup * zookeeper Enable managing cron packages/services and add 'root' user to both `/etc/at.allow` and `/etc/cron.allow`. Related-Prod: PROD-22546 Change-Id: Id543d0906842955c5632b1efa6985186afa6c9a9

commit: 986260f8971a46c5934b2ebd586a61bed3168451 [log] [tgz]
author: Dmitry Teselkin <dteselkin@mirantis.com> Thu Aug 30 19:07:25 2018 +0300
committer: Aleksey Zvyagintsev <azvyagintsev@mirantis.com> Fri Aug 31 12:39:27 2018 +0000
tree: f59e0e16e39a00b80b8c0bad6b2679591fde5652
parent: 826d97ba108d45fa2e6e610389d73ea1d1f2d575 [diff] [blame]
diff --git a/keystone/server/fernet_rotation/cluster.yml b/keystone/server/fernet_rotation/cluster.yml
index a4aad33..7da8b5b 100644
--- a/keystone/server/fernet_rotation/cluster.yml
+++ b/keystone/server/fernet_rotation/cluster.yml

@@ -24,6 +24,10 @@
         credential_rotation_driver: ${_param:credential_rotation_driver}
   linux:
     system:
+      cron:
+        user:
+          keystone:
+            enabled: true
       job:
         keystone_fernet_rotate_rsync:
           command: '/var/lib/keystone/keystone_keys_rotate.sh -r -s -t fernet >> /var/log/keystone/keystone-rotate.log 2>> /var/log/keystone/keystone-rotate.log'
commit	986260f8971a46c5934b2ebd586a61bed3168451	[log] [tgz]
author	Dmitry Teselkin <dteselkin@mirantis.com>	Thu Aug 30 19:07:25 2018 +0300
committer	Aleksey Zvyagintsev <azvyagintsev@mirantis.com>	Fri Aug 31 12:39:27 2018 +0000
tree	f59e0e16e39a00b80b8c0bad6b2679591fde5652
parent	826d97ba108d45fa2e6e610389d73ea1d1f2d575 [diff] [blame]