diff options
author | Dan Prince <dprince@redhat.com> | 2012-07-30 15:15:04 -0400 |
---|---|---|
committer | Dan Prince <dprince@redhat.com> | 2012-07-30 15:15:04 -0400 |
commit | 4444577e23cf3365479793d90e3ae337e4638b6a (patch) | |
tree | 31de0bba70f9b0fdeb73b08f131d6794e7f05b26 /keystone/middleware | |
parent | 73556fa0285d05adc54ef4f247198cf58da36639 (diff) | |
download | keystone-4444577e23cf3365479793d90e3ae337e4638b6a.tar.gz keystone-4444577e23cf3365479793d90e3ae337e4638b6a.tar.xz keystone-4444577e23cf3365479793d90e3ae337e4638b6a.zip |
Set default signing_dir based on os USER.
Updates the Keystone auth_token middleware so that it sets the
default signing_dir name base on the OS username obtained
from the environment. This should help resolve potential permissions
issues which can occur when multiple OpenStack services attempt
to use the same signing directory name.
Fixes LP Bug #1031022.
Change-Id: I53bceed27f60721b8f61ffec2d1e91ec2ea464ed
Diffstat (limited to 'keystone/middleware')
-rw-r--r-- | keystone/middleware/auth_token.py | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/keystone/middleware/auth_token.py b/keystone/middleware/auth_token.py index e042dbb1..3835f4c3 100644 --- a/keystone/middleware/auth_token.py +++ b/keystone/middleware/auth_token.py @@ -150,7 +150,8 @@ class AuthProtocol(object): self.key_file = conf.get('keyfile') #signing - self.signing_dirname = conf.get('signing_dir', '/tmp/keystone-signing') + default_signing_dir = '/tmp/keystone-signing-%s' % os.environ['USER'] + self.signing_dirname = conf.get('signing_dir', default_signing_dir) if (os.path.exists(self.signing_dirname) and not os.access(self.signing_dirname, os.W_OK)): raise "TODO: Need to find an Exception to raise here." |