From 561c9ab9c9a69247d9bc965c0fc50f46e62b0c76 Mon Sep 17 00:00:00 2001
From: Emilien Macchi <emilien.macchi@enovance.com>
Date: Wed, 21 May 2014 19:24:38 +0200
Subject: [PATCH] Do not use root user to flush Keystone tokens

If you run keystone-manage token_flush as root and you have verbosity
enabled, the log file keystone.log will be owned by root user if it does
not exist. If Keystone is not started, it won't be able to start the
first time due to permission issue.

Using "keytone" user by default to flush the logs avoids to face this
situation and let the user know he has to use OpenStack users when
running CLI.

Change-Id: I9c806d13c727a79869485cd5f5d5d51b757a783e
Signed-off-by: Emilien Macchi <emilien.macchi@enovance.com>
---
 doc/install-guide/section_keystone-install.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/doc/install-guide/section_keystone-install.xml b/doc/install-guide/section_keystone-install.xml
index 62bb1dc4e5..ca5d51436a 100644
--- a/doc/install-guide/section_keystone-install.xml
+++ b/doc/install-guide/section_keystone-install.xml
@@ -218,11 +218,11 @@ log_dir = /var/log/keystone</programlisting>
             hour and log the output to
             <filename>/var/log/keystone/keystone-tokenflush.log</filename>:</para>
           <screen os="ubuntu;debian"><prompt>#</prompt> <userinput>(crontab -l 2>&amp;1 | grep -q token_flush) || \
-echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&amp;1' >> /var/spool/cron/crontabs/root</userinput></screen>
+echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&amp;1' >> /var/spool/cron/crontabs/keystone</userinput></screen>
           <screen os="rhel;centos;fedora"><prompt>#</prompt> <userinput>(crontab -l 2>&amp;1 | grep -q token_flush) || \
-echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&amp;1' >> /var/spool/cron/root</userinput></screen>
+echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&amp;1' >> /var/spool/cron/keystone</userinput></screen>
           <screen os="opensuse;sles"><prompt>#</prompt> <userinput>(crontab -l 2>&amp;1 | grep -q token_flush) || \
-echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&amp;1' >> /var/spool/cron/tabs/root</userinput></screen>
+echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&amp;1' >> /var/spool/cron/tabs/keystone</userinput></screen>
         </step>
       </substeps>
     </step>