Re: [RFR] templates://keystone/{keystone.templates}
Christian PERRIER wrote:
> Template: keystone/auth-token
> Type: string
> -_Description: Auth server admin token:
> +_Description: Authentication server administration token:
> + Please enter the token to use with the authentication
> + server.
>
> Just some wild guess. I have no idea about what server, what token,
> what admin.
>
> So, I'm basically unabbreviate words....and add a long description.
>
> If anyone has a better idea, (s)he's welcome.
Google finds me some documentation here that looks reassuring:
http://docs.openstack.org/api/openstack-compute/programmer/content/getting-the-authentication-token.html
In which case admins would be typing in the token-ID here. Examples
in the docs include "999888777666" and "ADMIN".
Looking at the control file:
> Package: keystone
[...]
> Description: OpenStack identity service
> This is the identity service used by OpenStack for authentication (authN)
> and high-level authorization (authZ). It currently supports token-based
> authN and user-service authorization. It is scalable to include OAuth, SAML
> and openID in future versions. Out of the box, Keystone uses a SQLite DB as
> an identity store with the option to connect to external LDAP.
> .
> This package contains the daemons.
"Token-based authN and user-service authorization" is a bid oddly
phrased - why abbreviate authN and not authZ when you've just gone to
the trouble of defining both? And what does "user-service
authorization" mean? Per-user and per-service? Maybe it should be
"user/service authZ".
The "currently... in the future" lines may be a bad idea (lines like
this just collect cobwebs) but at least they'd read less abruptly as a
single sentence. I'll also take out the word "include" (Keystone is
going to support them, not absorb them), add a comma, and capitalise
"OpenID".
I've been asking around, and there's no consensus on whether "SQLite"
is "esskewellite", "esskew-light", or "sequelite". So we should
probably try to avoid the need to decide whether it's "a" or "an"
"SQLite DB" (and in fact avoid "DB").
Revised boilerplate:
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
authN with user/service authZ, and is scalable to support OAuth, SAML,
and openID in future versions. Out of the box, Keystone uses SQLite for
its identity store database, with the option to connect to external LDAP.
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
diff -ru old/control new/control
--- old/control 2012-07-31 20:41:56.763392635 +0100
+++ new/control 2012-08-04 09:11:50.452411957 +0100
@@ -57,9 +57,9 @@
Description: OpenStack identity service - library
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
- authN and user-service authorization. It is scalable to include OAuth, SAML
- and openID in future versions. Out of the box, Keystone uses a SQLite DB as
- an identity store with the option to connect to external LDAP.
+ authN with user/service authZ, and is scalable to support OAuth, SAML,
+ and OpenID in future versions. Out of the box, Keystone uses SQLite for
+ its identity store database, with the option to connect to external LDAP.
.
This package contains the Python libraries.
@@ -75,9 +75,9 @@
Description: OpenStack identity service
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
- authN and user-service authorization. It is scalable to include OAuth, SAML
- and openID in future versions. Out of the box, Keystone uses a SQLite DB as
- an identity store with the option to connect to external LDAP.
+ authN with user/service authZ, and is scalable to support OAuth, SAML,
+ and OpenID in future versions. Out of the box, Keystone uses SQLite for
+ its identity store database, with the option to connect to external LDAP.
.
This package contains the daemons.
@@ -88,8 +88,8 @@
Description: OpenStack identity service - documentation
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
- authN and user-service authorization. It is scalable to include OAuth, SAML
- and openID in future versions. Out of the box, Keystone uses a SQLite DB as
- an identity store with the option to connect to external LDAP.
+ authN with user/service authZ, and is scalable to support OAuth, SAML,
+ and OpenID in future versions. Out of the box, Keystone uses SQLite for
+ its identity store database, with the option to connect to external LDAP.
.
This package contains the documentation.
diff -ru old/keystone.templates new/keystone.templates
--- old/keystone.templates 2012-07-31 20:41:54.235392711 +0100
+++ new/keystone.templates 2012-08-04 09:04:29.840411806 +0100
@@ -19,4 +19,6 @@
Template: keystone/auth-token
Type: string
-_Description: Auth server admin token:
+_Description: Authentication server administration token:
+ Please enter the token to use with the authentication
+ server.
Template: keystone/configure_db
Type: boolean
Default: false
_Description: Set up a database for Keystone?
No database has been set up for Keystone to use. If you want
to set one up now, please make sure you have all needed
information:
.
* the host name of the database server (which must allow TCP
connections from this machine);
* a username and password to access the database;
* the type of database management software you want to use.
.
If you don't choose this option, no database will be set up and
Keystone will use regular SQLite support.
.
You can change this setting later on by running "dpkg-reconfigure
-plow keystone".
Template: keystone/auth-token
Type: string
_Description: Authentication server administration token:
Please enter the token to use with the authentication
server.
Source: keystone
Section: net
Priority: extra
Maintainer: PKG OpenStack <openstack-devel@lists.alioth.debian.org>
Uploaders: Loic Dachary (OuoU) <loic@debian.org>,
Julien Danjou <acid@debian.org>,
Thomas Goirand <zigo@debian.org>,
Ghe Rivero <ghe.rivero@stackops.com>
Build-Depends: debhelper (>= 7.0.50),
python-all (>= 2.6.6-3~),
python-all-dev (>= 2.6.6-3~) | python-support,
python-lxml,
python-setuptools,
python-sphinx,
python-unittest2,
python-paste,
python-pastedeploy,
python-routes,
python-eventlet,
python-webob,
python-sqlalchemy,
python-passlib,
python-ldap,
python-memcache,
python-swift,
python-nose,
python-migrate,
python-prettytable,
python-mox,
python-dateutil,
pep8,
git-core,
po-debconf
Standards-Version: 3.9.3
Homepage: http://launchpad.net/keystone
Vcs-Browser: http://anonscm.debian.org/gitweb/?p=openstack/keystone.git;a=summary
Vcs-Git: git://anonscm.debian.org/openstack/keystone.git
Package: python-keystone
Architecture: all
Section: python
Depends: ${python:Depends}, ${misc:Depends},
python-passlib,
python-sqlalchemy,
python-routes,
python-lxml,
python-httplib2,
python-eventlet,
python-paste,
python-pastedeploy,
python-pastescript,
python-webob,
python-sqlite,
python-nova,
python-dateutil
Recommends: python-memcache, python-ldap
Description: OpenStack identity service - library
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
authN with user/service authZ, and is scalable to support OAuth, SAML,
and OpenID in future versions. Out of the box, Keystone uses SQLite for
its identity store database, with the option to connect to external LDAP.
.
This package contains the Python libraries.
Package: keystone
Architecture: all
Section: python
Depends: ${python:Depends}, ${misc:Depends},
python-keystone (= ${source:Version}),
adduser,
lsb-base (>= 3.0-6),
dbconfig-common,
python-keystoneclient
Description: OpenStack identity service
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
authN with user/service authZ, and is scalable to support OAuth, SAML,
and OpenID in future versions. Out of the box, Keystone uses SQLite for
its identity store database, with the option to connect to external LDAP.
.
This package contains the daemons.
Package: keystone-doc
Architecture: all
Section: doc
Depends: ${misc:Depends}, libjs-jquery, libjs-underscore
Description: OpenStack identity service - documentation
This is the identity service used by OpenStack for authentication (authN)
and high-level authorization (authZ). It currently supports token-based
authN with user/service authZ, and is scalable to support OAuth, SAML,
and OpenID in future versions. Out of the box, Keystone uses SQLite for
its identity store database, with the option to connect to external LDAP.
.
This package contains the documentation.
Reply to: