Update patch set 1

Patch Set 1:

(1 comment)

Patch-set: 1
Attention: {"person_ident":"Gerrit User 31646 \u003c31646@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"REMOVE","reason":"\u003cGERRIT_ACCOUNT_31646\u003e replied on the change"}
Attention: {"person_ident":"Gerrit User 8768 \u003c8768@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_31646\u003e replied on the change"}

eb557c0450684931b48b6975c80f8ce05f45a3d4

@@ -52,6 +52,24 @@
       "parentUuid": "21e9755b_a99c65b0",
       "revId": "eb557c0450684931b48b6975c80f8ce05f45a3d4",
       "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    },
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "3d3530b8_484ff51d",
+        "filename": "/PATCHSET_LEVEL",
+        "patchSetId": 1
+      },
+      "lineNbr": 0,
+      "author": {
+        "id": 31646
+      },
+      "writtenOn": "2023-10-23T23:53:59Z",
+      "side": 1,
+      "message": "There is no check for ldap users. The admin user keying passwd is getting updated using \"_update_keyring_password()\". The ldap user is using the profile of the \"admin\" user to do operations that a user with \"sys_protected\" perms would do. The \"keyring.set_password()\" is resetting the group ownership of the \"/opt/platform/.keyring/23.09/python_keyring/crypted_pass.cfg\" from sys_protected to root and this is what I fix. Sorry I cannot explain it any better. Is not very straight forward the way is set up. I do not feel comfortable though to  make the fix in the keyring.set_password() that is called in many places in the keystone package that I do not know about. I am following a use case that has been triggered in \"_update_keyring_password()\" and that is why I made the change there.\nMaybe Andy can explain more clear.",
+      "parentUuid": "476c317b_03bf6036",
+      "revId": "eb557c0450684931b48b6975c80f8ce05f45a3d4",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
     }
   ]
 }