Saturday, 2015-03-28

lhcheng	rodrigods: it does have 'OS-FEDERATION' in the user object. I'll submit a patch to expose that in AccessInfo too	00:04
*** henrynash has joined #openstack-keystone		00:08
*** ChanServ sets mode: +v henrynash		00:08
*** r-daneel has quit IRC		00:09
*** gokrokve has quit IRC		00:12
*** browne has quit IRC		00:13
*** _cjones_ has joined #openstack-keystone		00:18
*** timcline has quit IRC		00:35
*** openstackgerrit has quit IRC		00:35
*** openstackgerrit has joined #openstack-keystone		00:35
*** zzzeek has quit IRC		00:36
openstackgerrit	Brant Knudson proposed openstack/keystone: Document policy target for operation https://review.openstack.org/168521	00:44
*** jeffDeville has joined #openstack-keystone		00:58
*** jeffDeville has quit IRC		00:59
*** spandhe has quit IRC		01:04
*** dimsum__ has joined #openstack-keystone		01:16
*** henrynash has quit IRC		01:16
*** markvoelker has joined #openstack-keystone		01:19
*** _cjones_ has quit IRC		01:21
*** markvoelker has quit IRC		01:24
*** _cjones_ has joined #openstack-keystone		01:26
*** henrynash has joined #openstack-keystone		01:31
*** ChanServ sets mode: +v henrynash		01:31
lhcheng	morganfainberg: ping	01:37
*** openstack has joined #openstack-keystone		01:38
*** henrynash has quit IRC		01:47
openstackgerrit	Brant Knudson proposed openstack/keystone: Document policy target for operation https://review.openstack.org/168521	01:48
*** _cjones_ has quit IRC		01:54
*** rwsu has quit IRC		02:01
*** erkules_ has joined #openstack-keystone		02:09
*** jamielennox\|away is now known as jamielennox		02:11
*** erkules has quit IRC		02:11
*** bknudson has quit IRC		02:13
*** markvoelker has joined #openstack-keystone		02:20
*** dimsum__ has quit IRC		02:21
*** markvoelker has quit IRC		02:24
*** browne has joined #openstack-keystone		02:32
*** sigmavirus24 is now known as sigmavirus24_awa		02:54
*** mhu has quit IRC		03:04
*** mhu has joined #openstack-keystone		03:06
*** browne has quit IRC		03:08
*** browne has joined #openstack-keystone		03:12
*** markvoelker has joined #openstack-keystone		03:20
*** tqtran has quit IRC		03:21
*** markvoelker has quit IRC		03:25
openstackgerrit	Jamie Lennox proposed openstack/python-keystoneclient: Expose audit_id via AccessInfo https://review.openstack.org/168212	03:33
*** ljfisher has joined #openstack-keystone		03:45
morganfainberg	lhcheng, ping	03:45
morganfainberg	lhcheng, erm pong	03:45
lhcheng	morganfainberg: question on usage of unscoped federated token	03:49
morganfainberg	lhcheng: sure	03:50
lhcheng	so I can use the unscoped federated token to get the project list by using federation project list api	03:50
lhcheng	that works	03:50
morganfainberg	yes	03:51
lhcheng	then from the list of projects, I can scoped to a particular project using unscoped federated token	03:51
morganfainberg	yep	03:51
morganfainberg	standard workflow	03:51
lhcheng	now I have the project scoped token	03:51
morganfainberg	yep	03:52
lhcheng	can I used the project scoped token to list the user project?	03:52
lhcheng	*use	03:52
morganfainberg	lhcheng, to list all projects the user has? or to get project info?	03:53
lhcheng	I suppose I need to use the unscoped federated token and call federation project list api if I need that.	03:53
lhcheng	to list all projects user has	03:53
morganfainberg	user has access to that is?	03:53
lhcheng	yes	03:54
morganfainberg	should work the same, currently both scoped and unscoped tokens work that way	03:54
lhcheng	so I should be able the project scoped token to call the normal list user project api (not federation project list api)	03:55
morganfainberg	long term we want to make it so unscoped tokens are more of a "keystone scope" so you can do things like rescope a token, list projects, etc. and scoped tokens only work for their scope not the "unscoped"/session workflow	03:55
morganfainberg	lhcheng, as far as i know, these should act as normal tokens	03:55
morganfainberg	there may be some "assert user exists" checks that need to be fixed, but those would be oversights	03:56
morganfainberg	afaik	03:56
lhcheng	morganfainberg: ++ that would clearer separation between the usage of the token	03:58
morganfainberg	lhcheng, that is a long term goal	03:58
* morganfainberg is getting sooooo tired of "flash out of date"		03:59
lhcheng	morganfainberg: bad news.. using the project scoped token to call the normal list user project api a user not found error	04:01
morganfainberg	lhcheng, told you it was likely going to need to avoid an assert user exists	04:01
morganfainberg	;)	04:01
lhcheng	morganfainberg: going to submit a patch to remove that, going to nag you guys about that.	04:02
morganfainberg	lhcheng, you should only remove that for federated tokens	04:02
morganfainberg	basically i'd like to see a lot of OS-FEDERATION that duplicates main API functions just work with the main API	04:02
lhcheng	morganfainberg: trying to get the websso patch in horizon for RC	04:03
morganfainberg	lhcheng, right.	04:03
morganfainberg	so we special case the assert user exists for federation. we know the user exists or we wouldn't have gotten a token	04:03
morganfainberg	actually wait	04:03
morganfainberg	the issue is you need to know based on groups	04:03
morganfainberg	not on the user_id	04:03
morganfainberg	this might be a bit of a rabbit hole	04:04
openstackgerrit	Jamie Lennox proposed openstack/python-keystoneclient: Use UUID values in v3 test fixtures https://review.openstack.org/168546	04:04
lhcheng	morganfainberg: hmm that'll be tricky	04:08
morganfainberg	yeah	04:09
lhcheng	morganfainberg: even for groups, there is no indicator if that group is for federation. Is the somewhere in group assignment?	04:09
morganfainberg	lhcheng, no you need to act on the auth	04:10
morganfainberg	-context	04:10
morganfainberg	in that case	04:10
*** mhu has quit IRC		04:10
*** mhu has joined #openstack-keystone		04:14
lhcheng	the code for list user project is doing a lot, checking for role/group assignment. I suspect I have to remove the user assert check in more than one places :,(	04:16
lhcheng	morganfainberg: I'll dig into this	04:17
lhcheng	thanks for confirming about "project scoped token to call the normal list user project api"	04:17
morganfainberg	lhcheng, this may be a case where merging this functionality is a lot of work which is why it's in OS-FEDERATION at the moment	04:18
lhcheng	was already in the processing of adding a workaround in horizon to keep a separate call for list user project	04:18
morganfainberg	like i said, i'd like to see duplicated API functionality from what was originally an extension make it's way into the proper API	04:18
morganfainberg	lhcheng, assume you wont land the change in Kilo to make this work with the normal APIs	04:18
morganfainberg	work arounds until we can streamline in Liberty are just fine.	04:19
lhcheng	morganfainberg: not so excited putting a hack in horizon, we already have so many	04:19
lhcheng	one more wouldn't hurt :P	04:20
morganfainberg	lhcheng, unfortunately reworking APIs in Kilo for keystone is a tough sell right now	04:20
morganfainberg	we are at FFE	04:20
morganfainberg	FF*	04:20
morganfainberg	and WebSSO is not a FFE	04:20
lhcheng	morganfainberg: understood	04:20
lhcheng	yeah, the WebSSO in keystone got in before FF	04:20
morganfainberg	yep	04:21
morganfainberg	adn i'm telling you now, I'm nixing any more FFEs	04:21
morganfainberg	not even going to bring it up to release mgmnt group	04:21
morganfainberg	we're at bug fix time.	04:21
*** markvoelker has joined #openstack-keystone		04:21
morganfainberg	and getting RC smoothed out	04:21
lhcheng	morganfainberg: but isn't this a bug fix? :P since it is expected to work	04:22
lhcheng	hehe	04:22
morganfainberg	if it requires massive reworking of APIs and there is an alternative we can use for now	04:22
morganfainberg	yes but liberty	04:22
lhcheng	morganfainberg: gotcha	04:23
lhcheng	I'll dig around for a bit to see how much work is needed	04:23
morganfainberg	yeah.	04:23
morganfainberg	sounds good	04:24
morganfainberg	remember, build the basic technology then improve it.	04:24
lhcheng	morganfainberg: gotcha	04:24
lhcheng	thanks!	04:24
morganfainberg	lhcheng, tht is also why we have the "expirimental" stuff now	04:25
morganfainberg	;	04:25
lhcheng	time for late dinner	04:25
morganfainberg	:)	04:25
morganfainberg	i should also dinner later	04:25
lhcheng	heh	04:25
lhcheng	later	04:25
morganfainberg	but i was stupidly tired and took a nap at 5pm	04:25
morganfainberg	just woke back up	04:25
lhcheng	oh uh	04:25
morganfainberg	nah, was good	04:25
morganfainberg	well just woke up = 1.5 hrs ago	04:26
morganfainberg	so 2.5hr nap	04:26
morganfainberg	made up for the ~4hrs sleep i got last night	04:26
morganfainberg	feeling pretty good.	04:26
morganfainberg	more relaxed :)	04:26
*** markvoelker has quit IRC		04:26
lhcheng	not that long, you should still be able to sleep later	04:26
lhcheng	that's more of a catch-up nap	04:26
lhcheng	:)	04:26
*** ljfisher has quit IRC		04:27
lhcheng	0 balance now, you can sleep normally later	04:27
lhcheng	alright later, have a good dinner	04:29
openstackgerrit	Merged openstack/keystone: Change the way values are migrated for 007_add_remote_id_table https://review.openstack.org/168239	04:44
*** _cjones_ has joined #openstack-keystone		04:55
*** rushiagr_away is now known as rushiagr		04:57
*** _cjones_ has quit IRC		04:59
*** browne has quit IRC		05:21
*** markvoelker has joined #openstack-keystone		05:22
*** markvoelker has quit IRC		05:26
*** stevemar has joined #openstack-keystone		05:32
*** ChanServ sets mode: +v stevemar		05:32
morganfainberg	stevemar: I think we are down to ~two feature patches for ffes	05:39
morganfainberg	And most bugs are in-progress	05:40
stevemar	morganfainberg, btw - you and gyee approved the ECP patches, but they depend on https://review.openstack.org/#/c/166086/	05:42
stevemar	just a minor change to keystone-specs	05:42
morganfainberg	Crap thought that merged.	05:43
stevemar	morganfainberg, the new routes was merged	05:43
stevemar	but not the change to the relay state prefix	05:43
morganfainberg	Ahh	05:43
morganfainberg	You +1 on gyee's changes?	05:44
morganfainberg	Looks like we still have ss:temp: in some places.	05:45
stevemar	morganfainberg, ss:temp: was for the update case	05:46
stevemar	gyee just wanted to make sure there was a second colon at the end	05:47
morganfainberg	Ah	05:47
morganfainberg	+2	05:49
stevemar	we might have to bug gyee to +2 it	05:50
stevemar	marek is afk for a week or so	05:50
morganfainberg	I'm tempted to take your +1 for gyee's changes and his +1 as a plus2	05:52
morganfainberg	Tempted.	05:52
morganfainberg	But it can wait till Monday.	05:53
morganfainberg	Gyee is also on vacation next week iirc	05:53
stevemar	morganfainberg, i'm also tempted to do that	05:55
stevemar	since we could close the other 2 patches and the ffe bp	05:55
stevemar	morganfainberg, i could bug topol to review on monday	05:55
morganfainberg	i dunno dstanek might be still lurking around	05:59
jamielennox	morganfainberg: the user exists check in the project listing are supposed to be there	05:59
morganfainberg	jamielennox, it's more of a collapsing the case for federated users	05:59
jamielennox	morganfainberg: those are the legacy routes for non-federated users, federated specific has /OS-FEDERATION/{something} and then the new route is /auth/projects which handles both	06:00
morganfainberg	ah the new route is waht i was looking for	06:00
morganfainberg	lhcheng, ^^	06:00
morganfainberg	jamielennox, thanks.	06:00
jamielennox	morganfainberg: yep, i'm talking to lhcheng in horizon, which is what made me realize what you were discussing earlier	06:00
morganfainberg	jamielennox, hard to keep track of all this (especially when just waking from a nap)	06:00
stevemar	lhcheng, i was just thinking, is there a call in DOA/horizon that calls list domains?	06:01
stevemar	that would have to be updated too	06:01
morganfainberg	jamielennox, also... https://review.openstack.org/#/c/166086/ should be an easy +2.	06:01
morganfainberg	jamielennox, if you have but a moment to look	06:01
lhcheng	stevemar: list domains is in horizon	06:02
lhcheng	but yeah, that would need some love too	06:02
morganfainberg	there is clearly federated auth ux cleanup to do	06:02
stevemar	morganfainberg, it should just be around listing domains and projects	06:03
jamielennox	morganfainberg: i have no idea what the use case for that prefix is	06:03
stevemar	jamielennox, there are details in the blueprint, i could explain it quickly	06:04
lhcheng	stevemar: list domain/project/roles/groups all works fine with the project scoped token	06:04
jamielennox	i mean the review looks fine, just for +A purposes i don't know what it's doing	06:04
lhcheng	(i know it should be domain scoped token)	06:04
lhcheng	but horizon is not there yet	06:04
openstackgerrit	OpenStack Proposal Bot proposed openstack/keystone: Imported Translations from Transifex https://review.openstack.org/168550	06:04
morganfainberg	stevemar, uh...	06:04
morganfainberg	stevemar, <Sessions lifetime="7200" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="true" cookieProps="; path=/; secure; HttpOnly">	06:05
morganfainberg	stevemar, http://iam.harvard.edu/resources/saml-shibboleth-integration is "ss:mem:" wrong?	06:05
morganfainberg	and "ss:mem" supposed to be used (no trailing : )	06:05
morganfainberg	or is that doc wrong	06:05
morganfainberg	oh nvm	06:06
stevemar	morganfainberg, the doc isn't wrong. the setting in shibboleth should be ss:mem (no trailing)	06:06
morganfainberg	the trailing : is correct	06:06
morganfainberg	for us	06:06
* morganfainberg brain drizzles		06:06
stevemar	morganfainberg, yeah, the actual assertion would be prefix + ':' + <some_id>	06:07
stevemar	like: ss:mem:456e74900b306b5ed54ec9fb23c614f9fa73ece1c97ec004ed	06:07
morganfainberg	yep	06:07
*** browne has joined #openstack-keystone		06:07
*** arif-ali has quit IRC		06:07
stevemar	also, it's a config option now, so even more flexibility	06:07
stevemar	jamielennox, an ECP wrapped assertion is a SAML assertion wrapped with ECP headers	06:08
stevemar	one of the tags is RelayState, which contains data like: ss:mem:<some_id>	06:09
stevemar	but that prefix is configurable on each service provider	06:09
jamielennox	that's annoyin	06:10
jamielennox	g	06:10
stevemar	wasn't our choice, it's an option that shibboleth provides	06:10
stevemar	and if we send an assertion from an idp to an sp with different relay state prefix, it is rejected	06:11
stevemar	from what i can tell, most use the default (ss:mem)	06:11
stevemar	but just in case, we wanted to give the user the ability to set it on a per SP basis, so when an assertion is sent over, it's not rejected	06:11
morganfainberg	it's silly	06:12
morganfainberg	is what it is	06:12
jamielennox	spec by committee	06:12
morganfainberg	yep	06:12
morganfainberg	oh well :(	06:12
morganfainberg	we need to support it	06:12
jamielennox	alright +Aed, seems like we need it	06:12
*** browne has quit IRC		06:13
stevemar	\o/	06:14
openstackgerrit	Merged openstack/keystone-specs: Add a relay_state_prefix to the service provider resource https://review.openstack.org/166086	06:14
stevemar	yeah, unfortunately we don't want anyone to be wedged	06:15
stevemar	morganfainberg, oh man, i can't believe brant added a test for this: https://review.openstack.org/#/c/168521/	06:15
stevemar	that is amazing	06:15
stevemar	test for a doc change	06:15
*** markvoelker has joined #openstack-keystone		06:23
stevemar	morganfainberg, i don't think the depends-on tag works properly :(	06:27
*** markvoelker has quit IRC		06:28
openstackgerrit	Steve Martinelli proposed openstack/keystone: Add API to create ecp wrapped saml assertion https://review.openstack.org/162866	06:28
openstackgerrit	Steve Martinelli proposed openstack/keystone: Add relay_state_prefix to Service Provider https://review.openstack.org/166078	06:29
morganfainberg	stevemar hm. it should.	06:29
morganfainberg	stevemar, but maybe not	06:29
stevemar	morganfainberg, it's been 15 minutes and nothing was kicked off	06:29
morganfainberg	stevemar, it also might have just needed a recheck	06:29
morganfainberg	basically i think depends-on just blocks it from running not auto queues it	06:29
stevemar	ah	06:29
stevemar	last time i tried that, with the dependent patch merged, i rechecked the one i wanted; and it just passed check, not gate	06:30
stevemar	gate didn't even start	06:30
morganfainberg	file a bug w/ infra?	06:30
morganfainberg	on zuul i think	06:31
openstackgerrit	Steve Martinelli proposed openstack/keystone: Add API to create ecp wrapped saml assertion https://review.openstack.org/162866	06:31
stevemar	morganfainberg, hope you don't mind my approving them	06:31
morganfainberg	nah all hoodf	06:32
stevemar	i'm leaving a message explaining why	06:32
morganfainberg	good*	06:32
stevemar	morganfainberg, i feel you are on mobile	06:32
morganfainberg	stevemar, nah just tired.	07:03
morganfainberg	stevemar, and sorta sleepy	07:03
stevemar	morganfainberg, was gonna say... we should bump this bug: https://bugs.launchpad.net/keystone/+bug/1424500	07:05
openstack	Launchpad bug 1424500 in Keystone "Federation list projects endpoint does not honor project inherited role assignments" [Medium,Triaged] - Assigned to Samuel de Medeiros Queiroz (samueldmq)	07:05
*** lhcheng is now known as lhcheng_afk		07:17
*** markvoelker has joined #openstack-keystone		07:23
*** wpf has quit IRC		07:24
*** junhongl has quit IRC		07:24
*** markvoelker has quit IRC		07:28
*** wpf has joined #openstack-keystone		07:32
*** junhongl has joined #openstack-keystone		07:33
*** redrobot has quit IRC		07:34
*** jdennis has quit IRC		07:34
*** amaurymedeiros has quit IRC		07:34
*** jdennis has joined #openstack-keystone		07:35
*** amaurymedeiros has joined #openstack-keystone		07:35
*** amaurymedeiros has joined #openstack-keystone		07:35
*** redrobot has joined #openstack-keystone		07:35
*** redrobot is now known as Guest96413		07:36
openstackgerrit	wanghong proposed openstack/keystone: remove useless nocatalog tests of endpoint_filter https://review.openstack.org/144946	07:45
*** stevemar has quit IRC		08:16
openstackgerrit	Merged openstack/keystone: Add relay_state_prefix to Service Provider https://review.openstack.org/166078	08:17
openstackgerrit	Merged openstack/keystone: Add API to create ecp wrapped saml assertion https://review.openstack.org/162866	08:18
*** markvoelker has joined #openstack-keystone		08:24
*** markvoelker has quit IRC		08:29
*** wanghong has quit IRC		08:34
*** jacer_huawei has joined #openstack-keystone		08:37
*** markvoelker has joined #openstack-keystone		09:25
*** henrynash has joined #openstack-keystone		09:28
*** ChanServ sets mode: +v henrynash		09:28
*** markvoelker has quit IRC		09:29
*** jamielennox is now known as jamielennox\|away		09:56
*** markvoelker has joined #openstack-keystone		10:26
*** markvoelker has quit IRC		10:30
*** jasondotstar has quit IRC		10:37
*** jasondotstar has joined #openstack-keystone		10:38
*** lhcheng__ has joined #openstack-keystone		11:07
*** lhcheng_afk has quit IRC		11:11
*** lhcheng__ has quit IRC		11:17
*** mhu has quit IRC		11:23
*** mhu has joined #openstack-keystone		11:27
*** markvoelker has joined #openstack-keystone		13:28
*** markvoelker has quit IRC		13:33
*** sigmavirus24_awa is now known as sigmavirus24		13:41
*** iwi has joined #openstack-keystone		13:43
*** sigmavirus24 is now known as sigmavirus24_awa		13:48
*** atiwari has quit IRC		13:50
*** iwi has quit IRC		13:53
*** iwi has joined #openstack-keystone		13:55
*** iwi has quit IRC		13:58
*** iwi has joined #openstack-keystone		14:10
openstackgerrit	Dave Chen proposed openstack/keystone: Don't add unformatted project-specific endpoints to catalog https://review.openstack.org/144860	14:17
*** iamjarvo has joined #openstack-keystone		14:18
*** iwi has quit IRC		14:25
*** markvoelker has joined #openstack-keystone		14:29
*** markvoelker has quit IRC		14:34
*** iwi has joined #openstack-keystone		14:50
*** markvoelker has joined #openstack-keystone		14:52
*** iwi has quit IRC		14:54
*** markvoelker has quit IRC		14:57
*** rushiagr is now known as rushiagr_away		15:07
*** rushiagr_away is now known as rushiagr		15:07
*** erkules_ is now known as erkules		15:31
*** erkules has joined #openstack-keystone		15:31
*** markvoelker has joined #openstack-keystone		15:53
*** markvoelker has quit IRC		15:57
*** joesavak has joined #openstack-keystone		16:00
*** timcline has joined #openstack-keystone		16:08
*** dims has joined #openstack-keystone		16:14
*** timcline has quit IRC		16:19
*** gokrokve has joined #openstack-keystone		16:21
*** joesavak has quit IRC		16:23
*** gokrokve_ has joined #openstack-keystone		16:39
*** gokrokve has quit IRC		16:42
*** markvoelker has joined #openstack-keystone		16:54
*** markvoelker has quit IRC		16:58
*** browne has joined #openstack-keystone		17:16
*** gokrokve_ has quit IRC		17:17
*** lhcheng has joined #openstack-keystone		17:19
*** browne has quit IRC		17:36
*** browne has joined #openstack-keystone		17:37
*** browne has quit IRC		17:37
*** pnavarro\|off has joined #openstack-keystone		17:40
*** markvoelker has joined #openstack-keystone		17:54
*** markvoelker has quit IRC		17:59
*** Ephur has quit IRC		18:18
*** markvoelker has joined #openstack-keystone		18:55
*** markvoelker has quit IRC		19:00
*** f13o has quit IRC		19:05
*** pnavarro\|off has quit IRC		19:30
*** pnavarro\|off has joined #openstack-keystone		19:47
*** hogepodge has joined #openstack-keystone		19:49
*** markvoelker has joined #openstack-keystone		19:56
*** markvoelker has quit IRC		20:01
*** Ephur has joined #openstack-keystone		20:07
*** Ephur has quit IRC		20:51
*** sigmavirus24_awa is now known as sigmavirus24		20:51
*** markvoelker has joined #openstack-keystone		20:57
*** markvoelker has quit IRC		21:01
*** rushiagr is now known as rushiagr_away		21:04
*** rushiagr_away is now known as rushiagr		21:08
*** jamielennox\|away is now known as jamielennox		21:20
*** pnavarro\|off has quit IRC		21:30
*** haneef_ has quit IRC		21:30
*** nkinder has quit IRC		21:30
*** breton has quit IRC		21:30
*** rodrigods has quit IRC		21:30
*** vhoward- has quit IRC		21:30
*** rodrigods has joined #openstack-keystone		21:30
*** haneef_ has joined #openstack-keystone		21:30
*** breton has joined #openstack-keystone		21:31
*** pnavarro\|off has joined #openstack-keystone		21:31
*** nkinder has joined #openstack-keystone		21:31
*** rushiagr is now known as rushiagr_away		21:33
*** vhoward has joined #openstack-keystone		21:34
*** iamjarvo has quit IRC		21:35
*** Guest90957 is now known as mfisch		21:36
*** mfisch has joined #openstack-keystone		21:36
*** browne has joined #openstack-keystone		21:37
*** pnavarro\|off has quit IRC		21:44
*** markvoelker has joined #openstack-keystone		21:57
*** markvoelker has quit IRC		22:02
*** henrynash has quit IRC		22:08
*** samueldmq has joined #openstack-keystone		22:20
*** browne has quit IRC		22:23
*** jdennis has quit IRC		22:24
*** jdennis has joined #openstack-keystone		22:24
*** markvoelker has joined #openstack-keystone		22:58
*** markvoelker has quit IRC		23:03
*** iwi has joined #openstack-keystone		23:07
*** dims has quit IRC		23:38
*** browne has joined #openstack-keystone		23:44
*** browne has quit IRC		23:48
*** iwi has quit IRC		23:57
*** markvoelker has joined #openstack-keystone		23:59

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!