keyring: use a specific group for permissions

- create a group 'cephkeyring'
- ensure nova and cinder are part of this group.

Note: I don't use Puppet to manage the users, since it's already managed
by puppet-cinder and puppet-nova.

Bug #402

spec/classes/cloud_volume_storage_spec.rb

@@ -106,6 +106,8 @@ describe 'cloud::volume::storage' do
           :os_password    => 'secret',
           :os_auth_url    => 'http://keystone.host:5000/v2.0'
         )
+        should contain_exec('add-cinder-to-cephkeyring-group').with( :command => 'useradd -G cephkeyring cinder || true')
+        should contain_group('cephkeyring').with(:ensure => 'present')
       end
     end