diff options
| author | Mark McLoughlin <markmc@redhat.com> | 2012-12-12 07:14:12 +0000 |
|---|---|---|
| committer | Mark McLoughlin <markmc@redhat.com> | 2012-12-12 08:26:59 +0000 |
| commit | 32af3c94bd62c46713a44bf75f2e4989f8b98bc4 (patch) | |
| tree | 6855a1fe7940cc706f07f90c36c5f7e32f356f83 /nova/utils.py | |
| parent | ac658aa7d0671fb9b5a0a2c504f4b73dff514da9 (diff) | |
| download | nova-32af3c94bd62c46713a44bf75f2e4989f8b98bc4.tar.gz nova-32af3c94bd62c46713a44bf75f2e4989f8b98bc4.tar.xz nova-32af3c94bd62c46713a44bf75f2e4989f8b98bc4.zip | |
Properly scope password options
enable_instance_password is only used in api.openstack.compute.servers
so move it there.
password_length is passed as a parameter to every generate_password()
call, so just move it into nova.utils and have generate_password()
use it by default.
Note: using a config option as the default value of a kwarg isn't a
good idea because the option value is read when the function is defined
which means you can't control its value during unit tests. Instead we
use password=None as the default.
blueprint: scope-config-opts
Change-Id: I445174515fc2eacc56c7cccecadadd2a7e57d4f4
Diffstat (limited to 'nova/utils.py')
| -rw-r--r-- | nova/utils.py | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/nova/utils.py b/nova/utils.py index 2491c5fcb..859fe5df8 100644 --- a/nova/utils.py +++ b/nova/utils.py @@ -64,12 +64,17 @@ monkey_patch_opts = [ ], help='List of modules/decorators to monkey patch'), ] -LOG = logging.getLogger(__name__) +utils_opts = [ + cfg.IntOpt('password_length', + default=12, + help='Length of generated instance admin passwords'), + cfg.BoolOpt('disable_process_locking', + default=False, + help='Whether to disable inter-process locks'), +] CONF = cfg.CONF CONF.register_opts(monkey_patch_opts) -CONF.register_opt( - cfg.BoolOpt('disable_process_locking', default=False, - help='Whether to disable inter-process locks')) +CONF.register_opts(utils_opts) CONF.import_opt('glance_host', 'nova.config') CONF.import_opt('glance_port', 'nova.config') CONF.import_opt('glance_protocol', 'nova.config') @@ -77,6 +82,8 @@ CONF.import_opt('instance_usage_audit_period', 'nova.config') CONF.import_opt('rootwrap_config', 'nova.config') CONF.import_opt('service_down_time', 'nova.config') +LOG = logging.getLogger(__name__) + # Used for looking up extensions of text # to their 'multiplied' byte amount BYTE_MULTIPLIERS = { @@ -423,7 +430,7 @@ def last_completed_audit_period(unit=None, before=None): return (begin, end) -def generate_password(length=20, symbolgroups=DEFAULT_PASSWORD_SYMBOLS): +def generate_password(length=None, symbolgroups=DEFAULT_PASSWORD_SYMBOLS): """Generate a random password from the supplied symbol groups. At least one symbol from each group will be included. Unpredictable @@ -432,6 +439,9 @@ def generate_password(length=20, symbolgroups=DEFAULT_PASSWORD_SYMBOLS): Believed to be reasonably secure (with a reasonable password length!) """ + if length is None: + length = CONF.password_length + r = random.SystemRandom() # NOTE(jerdfelt): Some password policies require at least one character |