Configure the admin as admin Make our usual admin user to be a real admin, and open the way for improving the per project policy.json files. Change-Id: I133a5953d209bc1edbd03ecfae750f77e3eaa64d Related-Change: https://review.openstack.org/#/c/242232

commit: 9ea497539bb1e20fc2d247719f98401d5f7cd67c [log] [tgz]
author: Attila Fazekas <afazekas@redhat.com> Tue Mar 22 15:22:03 2016 +0100
committer: afazekas <afazekas@redhat.com> Wed Mar 23 19:03:14 2016 +0100
tree: ead23f1ad29ecb90a1ecf47c2b2b95d454de7613
parent: 0a2a7ae8471575d887a19b9bf8b7375ea1fd7f45 [diff]
diff --git a/lib/keystone b/lib/keystone
index acdd7e4..71f20ac 100644
--- a/lib/keystone
+++ b/lib/keystone

@@ -340,6 +340,12 @@
     iniset $KEYSTONE_CONF DEFAULT max_token_size 16384
 
     iniset $KEYSTONE_CONF fernet_tokens key_repository "$KEYSTONE_CONF_DIR/fernet-keys/"
+
+    # Configure the project created by the 'keystone-manage bootstrap' as the cloud-admin project.
+    # The users from this project are globally admin as before, but it also
+    # allows policy changes in order to clarify the adminess scope.
+    iniset $KEYSTONE_CONF resource admin_project_domain_name default
+    iniset $KEYSTONE_CONF resource admin_project_name admin
 }
 
 # create_keystone_accounts() - Sets up common required keystone accounts
commit	9ea497539bb1e20fc2d247719f98401d5f7cd67c	[log] [tgz]
author	Attila Fazekas <afazekas@redhat.com>	Tue Mar 22 15:22:03 2016 +0100
committer	afazekas <afazekas@redhat.com>	Wed Mar 23 19:03:14 2016 +0100
tree	ead23f1ad29ecb90a1ecf47c2b2b95d454de7613
parent	0a2a7ae8471575d887a19b9bf8b7375ea1fd7f45 [diff]