change_password_after_first_use is documented but doesn't exist
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Fix Released
|
Low
|
Samuel de Medeiros Queiroz |
Bug Description
With change_
keystone.conf:
[security_
# Configuring password expiration
password_
# Force users to immediately change their password upon first use
change_
(demo) samueldmq@
Qua Mai 3 21:24:34 UTC 2017
(demo) samueldmq@
+------
| Field | Value |
+------
| domain_id | default |
| enabled | True |
| id | 0d56a461493a43a
| name | demo |
| options | {} |
| password_expires_at | 2017-05-
+------
(demo) samueldmq@
Qua Mai 3 21:27:47 UTC 2017
(demo) samueldmq@
(demo) samueldmq@
+------
| Field | Value |
+------
| domain_id | default |
| enabled | True |
| id | 0d56a461493a43a
| name | demo |
| options | {} |
| password_expires_at | 2017-05-
+------
Environment:
- Ubuntu 14.04 LTS
- Using virtualenv-15.0.1 with Python 3.5
- keystone master version
- python-
Changed in keystone: | |
assignee: | nobody → Rajat Sharma (tajar29) |
tags: | added: pci |
Changed in keystone: | |
importance: | Undecided → Low |
Changed in keystone: | |
milestone: | none → pike-3 |
I cannot recreate this, it works correctly for me. Using master as of about 2 weeks ago.
keystone.conf:
[security_ compliance] expires_ days = 1 password_ after_first_ use = true
# Configuring password expiration
password_
# Force users to immediately change their password upon first use
change_
pi@controllerpi:~ $ date -u ------- ------- -+----- ------- ------- ------- ------- -+ ------- ------- -+----- ------- ------- ------- ------- -+ f801302350ade48 fc | 20T22:09: 34.826090 | ------- ------- -+----- ------- ------- ------- ------- -+ ------- ------- -+----- ------- ------- ------- ------- -+ ------- ------- -+----- ------- ------- ------- ------- -+ f801302350ade48 fc | 20T22:11: 04.000000 | ------- ------- -+----- ------- ------- ------- ------- -+
Tue Jun 20 22:09:05 UTC 2017
pi@controllerpi:~ $ openstack user create demo --password demo --domain default
+------
| Field | Value |
+------
| domain_id | default |
| enabled | True |
| id | 045f275ca5d342f
| name | demo |
| options | {} |
| password_expires_at | 2017-06-
+------
pi@controllerpi:~ $ openstack user set demo --password demo1
pi@controllerpi:~ $ openstack user show demo
+------
| Field | Value |
+------
| domain_id | default |
| enabled | True |
| id | 045f275ca5d342f
| name | demo |
| options | {} |
| password_expires_at | 2017-06-
+------
pi@controllerpi:~ $ date -u
Tue Jun 20 22:11:10 UTC 2017