Managing access gets HTTP 500 due to using deprecated option timeout
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
swauth (Ubuntu) |
Invalid
|
Medium
|
Billy Olsen | ||
Trusty |
Fix Released
|
Medium
|
Billy Olsen | ||
Wily |
Fix Released
|
Medium
|
Billy Olsen | ||
Xenial |
Fix Released
|
Medium
|
Billy Olsen |
Bug Description
[Impact]
When running the 1.0.4-0ubuntu1 version of swauth with Swift 2.7.0-0ubuntu2~
root@juju-
Account creation failed: 500 Server Error
User creation failed: 500 Server Error
The upstream Swift release *finally* removed a deprecated timeout parameter for their custom memcache client 'set' function call in https:/
The minimal fix for this bug is to backport commit c44b5b6 [1], which adds a test to determine if the version of swift has the time option or not. This commit has been removed in the latest version of swauth because swift/swauth no longer support clients < Juno, which would mean they all have the time parameter rather than the timeout parameter. The removal of that code caused this bug to manifest itself.
[1] https:/
[Test Case]
1. Deploy swift-proxy and swift storage from the trusty-liberty Ubuntu Cloud Archive.
2. Deploy the swauth middleware (apt-get install swauth).
3. Configure swauth following the instructions at http://
4. Create test user:
swauth-
5. Ensure it works:
swift -A http[s]
[Regression Potential]
The cherry-pick of the fix should be fairly safe as the code dates to April 2013. That was, however, on a different version of the swauth code. An error in this code path would prevent servers from being able to use Swift itself as a wsgi middleware auth plugin.
[Other Info]
Upstream version 1.1.0 was recently released (after having been defunct since version 1.0.8 for 3 years) with the Mitaka version of OpenStack under the big tent model. The 1.1.0 version was recently synced from debian unstable into yakkety. There's a fair number of changes between 1.0.4 and 1.1.0 that I think warrants more testing and verification against the trusty-mitaka cloud-archive. However, the minimally invasive patch will enable this to work across versions providing sooner relief to any users encountering this issue.
description: | updated |
Changed in swauth (Ubuntu): | |
assignee: | nobody → Billy Olsen (billy-olsen) |
Changed in swauth (Ubuntu): | |
status: | New → In Progress |
importance: | Undecided → Medium |
tags: | added: sts |
Changed in swauth (Ubuntu Trusty): | |
status: | New → In Progress |
Changed in swauth (Ubuntu Wily): | |
status: | New → In Progress |
Changed in swauth (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in swauth (Ubuntu Trusty): | |
importance: | Undecided → Medium |
Changed in swauth (Ubuntu Wily): | |
importance: | Undecided → Medium |
Changed in swauth (Ubuntu Xenial): | |
importance: | Undecided → Medium |
Changed in swauth (Ubuntu Trusty): | |
assignee: | nobody → Billy Olsen (billy-olsen) |
Changed in swauth (Ubuntu Wily): | |
assignee: | nobody → Billy Olsen (billy-olsen) |
Changed in swauth (Ubuntu Xenial): | |
assignee: | nobody → Billy Olsen (billy-olsen) |
tags: | added: sts-sponsor |
tags: | added: sts-sru |
tags: | added: verification-done-trusty |
tags: | added: verification-done-wily |
tags: |
added: verification-done verification-done-xenial removed: verification-needed |
Changed in swauth (Ubuntu): | |
status: | In Progress → Invalid |
tags: | removed: sts-sponsor |
tags: |
added: sts-sru-done removed: sts-sru |
Since Yakkety was synced with the 1.1.0 version of the upstream swauth package, it does not need the fix. However, trusty, wily, and xenial all have version 1.0.4 of the swauth package so need this bug fix.