auth_token middleware has too much state
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Identity (keystone) |
Invalid
|
High
|
Unassigned |
Bug Description
I was trying to install swift to use keystone. This requires installing keystone to use the auth_token middleware. I got this error when the proxy server tried to start. There are a few problems with this code. First, this kind of software should never be using $HOME for anything. Second, it should probably not be creating directories. If it must do so, the code needs to defend itself against race conditions with other processes that might be using the same middleware. Checking if a directory exists and then trying to create it is not correct. I don't know what signing_dir is or if it is required but it is not in the sample conf file at all.
Traceback (most recent call last):
File "/usr/local/
run_
File "/usr/local/
loadapp(
File "/usr/lib/
return loadobj(APP, uri, name=name, **kw)
File "/usr/lib/
return context.create()
File "/usr/lib/
return self.object_
File "/usr/lib/
app = filter(app)
File "/usr/lib/
return AuthProtocol(app, conf)
File "/usr/lib/
os.
File "/usr/lib/
mkdir(name, mode)
OSError: [Errno 13] Permission denied: '/root/
Changed in keystone: | |
status: | New → Invalid |
It would also be nice auth_token.py were stand-alone so that you don't have to install all of keystone. The swift docs actually say that it is stand-alone and that you can just put in on your python path but that doesn't work because it imports other stuff from keystone.