Excerpts from Levin's message of 2016-01-11 02:37:09 -0800: > Dear openstack developers, > I installed openstack via devstack recently, and I found out that the > admin passwords for services like cinder and nova are stored in plain > text in their /etc/*/*.conf files. These files are rw--r--r-- by > default, which I believe to be a pretty serious security risk. Is this > intended, and/or configurable pre-install?
As others stated, devstack is not for production. For production there are many methods, these are all developed in the OpenStack "big tent": Ansible - http://git.openstack.org/cgit/openstack/openstack-ansible Chef - https://wiki.openstack.org/wiki/Chef/GettingStarted Fuel - https://wiki.openstack.org/wiki/Fuel Puppet Modules - https://wiki.openstack.org/wiki/Puppet TripleO - https://wiki.openstack.org/wiki/TripleO And there are others whose development happens outside the openstack tent. __________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
