auth_token failure if signing_dir not specified running under upstart
Bug #1078947 reported by
Ken Thomas
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
python-keystoneclient |
Fix Released
|
Medium
|
Dolph Mathews | ||
Ubuntu |
Incomplete
|
Undecided
|
Unassigned |
Bug Description
We're using upstart (initctl) to fire up our components on THEL 6. If we don't specify signing_dir under [keystone_
The work around for us is simple. We'll be adding signing_dir values to our glance api and registry configs, but it would be nice if the code didn't assume that 'HOME' is in the environment, or at least checked for errors when using os.environ.
Changed in ubuntu: | |
status: | New → Incomplete |
Changed in keystone: | |
status: | Invalid → New |
Changed in keystone: | |
status: | New → Triaged |
affects: | keystone → python-keystoneclient |
Changed in python-keystoneclient: | |
assignee: | Dolph Mathews (dolph) → nobody |
Changed in python-keystoneclient: | |
milestone: | none → 0.2.2 |
status: | Fix Committed → Fix Released |
importance: | Undecided → Medium |
assignee: | nobody → Dolph Mathews (dolph) |
To post a comment you must log in.
The code is writtend to *require* the distribution to make a secure decision about the signing dir. The signing dir holds certificates that, on a shared machine, should not be accessable to other users, or there is the potential for a security violation.
The only directory that we can trust be default is $HOME. For Distributions, the signing dir must be specified.