发起问题
0

I edit /etc/keystone/policy.json, but i doesn't work, why?

提问于 2015-11-30 00:08:46 -0600

endoresu 图像

i edit /etc/keystone/policy.json: "identity:list_users": "!", then i try: # keystone user-list [root@controller ~]# source admin-openrc.sh [root@controller ~]# keystone user-list +----------------------------------+------------+---------+-------------+ | id | name | enabled | email | +----------------------------------+------------+---------+-------------+ | 0ebdfa91267c48ee88876d9f5ee1369b | admin | True | | | 4668d9221ad74dc8b3ad9487a20d581d | ceilometer | True | | | 24580d0ff7a64099951b7b687790c06f | cinder | True | | | 52cec2bb73f44fe690320ebfc834127c | demo | True | | | 7ce8b8c7ed89405a88858b6e450a47af | glance | True | | | 9226fdd2fc6447b0a3dd1077790681a6 | heat | True | | | 755cf4ce6e1349f583a25776b36e8bab | neutron | True | | | 51ae700747f34795897b30518935dff2 | nova | True | | | fdca7030e5dc4c2394b88cfd435c729e | swift | True | | | 00cb02a2e84d4c6cbaeb98ecb4535b69 | trove | True | | +----------------------------------+------------+---------+-------------+

the command work well, it seems that /etc/keystone/policy.json does not work, why?

edit retag flag offensive close merge delete
0

回答 2015-11-30 21:13:29 -0600

Because 'admin' role has the highest permission, not bound by the policy.json.

edit flag offensive delete link 更多

你的回答

Please start posting anonymously - your entry will be published after you log in or create a new account.

开始回答

提问工具

统计

已提问: 2015-11-30 00:08:46 -0600

已查看: 357 次

最后更新: Nov 30 '15