Set default signing_dir based on os USER.

Updates the Keystone auth_token middleware so that it sets the
default signing_dir name base on the OS username obtained
from the environment. This should help resolve potential permissions
issues which can occur when multiple OpenStack services attempt
to use the same signing directory name.

Fixes LP Bug #1031022.

Change-Id: I53bceed27f60721b8f61ffec2d1e91ec2ea464ed

1 files changed, 2 insertions, 1 deletions

diff --git a/keystone/middleware/auth_token.py b/keystone/middleware/auth_token.py
index e042dbb1..3835f4c3 100644
--- a/keystone/middleware/auth_token.py
+++ b/keystone/middleware/auth_token.py
@@ -150,7 +150,8 @@ class AuthProtocol(object):
         self.key_file = conf.get('keyfile')
 
         #signing
-        self.signing_dirname = conf.get('signing_dir', '/tmp/keystone-signing')
+        default_signing_dir = '/tmp/keystone-signing-%s' % os.environ['USER']
+        self.signing_dirname = conf.get('signing_dir', default_signing_dir)
         if (os.path.exists(self.signing_dirname) and
                 not os.access(self.signing_dirname, os.W_OK)):
                 raise "TODO: Need to find an Exception to raise here."