bc8b321fe2
This patch updates all the roles to the latest available SHA's, updates all the OpenStack Service SHA's and also updates the appropriate python requirements pins. Change-Id: Ia9cb9dd47b391ebcbcc26d320245e3a7e4751568
22 lines
668 B
YAML
22 lines
668 B
YAML
---
|
|
features:
|
|
- |
|
|
The role now enables auditing during early boot to comply with the
|
|
requirements in V-38438. By default, the GRUB configuration variables in
|
|
``/etc/default/grub.d/`` will be updated and the active ``grub.cfg`` will
|
|
be updated.
|
|
|
|
Deployers can opt-out of the change entirely by setting a variable:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_enable_audit_during_boot: no
|
|
|
|
Deployers may opt-in for the change without automatically updating the
|
|
active ``grub.cfg`` file by setting the following Ansible variables:
|
|
|
|
.. code-block:: yaml
|
|
|
|
security_enable_audit_during_boot: yes
|
|
security_enable_grub_update: no
|