Juju Charms Collection
keystone package

Merge lp:~gandelman-a/charms/precise/keystone/ssh_user_fix into lp:~openstack-charmers/charms/precise/keystone/ha-support

  1. Precise Pangolin (12.04)
  2. ssh_user_fix
  3. Merge into ha-support
Proposed by Adam Gandelman
Status: Merged
Merged at revision: 62
Proposed branch: lp:~gandelman-a/charms/precise/keystone/ssh_user_fix
Merge into: lp:~openstack-charmers/charms/precise/keystone/ha-support
Diff against target: 52 lines (+7/-4)
3 files modified
hooks/keystone_hooks.py (+4/-1)
hooks/lib/unison.py (+2/-2)
revision (+1/-1)
To merge this branch: bzr merge lp:~gandelman-a/charms/precise/keystone/ssh_user_fix
Reviewer Review Type Date Requested Status
James Page Approve
Review via email: mp+154794@code.launchpad.net

Description of the change

Ensures SSH user is created during install hook. The CA library will attempt to ensure ownership of the CA directories on every access. Currently SSH_USER is only created during peer hooks. HTTPS enabled /w no peers results in chown failures when creating certs. Make sure user is created early.

To post a comment you must log in.
Revision history for this message
James Page (james-page) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'hooks/keystone_hooks.py'
2--- hooks/keystone_hooks.py 2013-03-19 13:50:23 +0000
3+++ hooks/keystone_hooks.py 2013-03-21 19:26:29 +0000
4@@ -120,8 +120,9 @@
5 execute("keystone-manage db_sync")
6 utils.start('keystone')
7
8- # ensure /var/lib/keystone is g+wrx for peer relations that
9+ # ensure user + permissions for peer relations that
10 # may be syncing data there via SSH_USER.
11+ unison.ensure_user(user=SSH_USER, group='keystone')
12 execute("chmod -R g+wrx /var/lib/keystone/")
13
14 time.sleep(5)
15@@ -359,6 +360,8 @@
16
17
18 def config_changed():
19+ unison.ensure_user(user=SSH_USER, group='keystone')
20+ execute("chmod -R g+wrx /var/lib/keystone/")
21
22 # Determine whether or not we should do an upgrade, based on the
23 # the version offered in keyston-release.
24
25=== modified file 'hooks/lib/unison.py'
26--- hooks/lib/unison.py 2013-03-18 14:13:57 +0000
27+++ hooks/lib/unison.py 2013-03-21 19:26:29 +0000
28@@ -109,7 +109,7 @@
29 out.write('%s\n' % host)
30
31
32-def _ensure_user(user, group=None):
33+def ensure_user(user, group=None):
34 # need to ensure a bash shell'd user exists.
35 try:
36 pwd.getpwnam(user)
37@@ -131,7 +131,7 @@
38 hooks with the same parameters.
39 """
40 if ensure_user:
41- _ensure_user(user, group)
42+ ensure_user(user, group)
43 priv_key, pub_key = get_keypair(user)
44 hook = os.path.basename(sys.argv[0])
45 if hook == '%s-relation-joined' % peer_interface:
46
47=== modified file 'revision'
48--- revision 2013-03-21 18:25:39 +0000
49+++ revision 2013-03-21 19:26:29 +0000
50@@ -1,1 +1,1 @@
51-212
52+213

Subscribers

People subscribed via source and target branches