OpenStack Object Storage (swift)

Merge lp:~david-goetz/swift/hash_path_suffix into lp:~hudson-openstack/swift/trunk

  1. hash_path_suffix
  2. Merge into trunk
Proposed by David Goetz
Status: Merged
Approved by: Mike Barton
Approved revision: 95
Merged at revision: 97
Proposed branch: lp:~david-goetz/swift/hash_path_suffix
Merge into: lp:~hudson-openstack/swift/trunk
Diff against target: 97 lines (+27/-3)
5 files modified
doc/source/development_saio.rst (+6/-0)
etc/swift.conf-sample (+3/-0)
swift/common/daemon.py (+1/-0)
swift/common/utils.py (+15/-2)
swift/common/wsgi.py (+2/-1)
To merge this branch: bzr merge lp:~david-goetz/swift/hash_path_suffix
Reviewer Review Type Date Requested Status
Mike Barton (community) Approve
Review via email: mp+38593@code.launchpad.net

This proposal supersedes a proposal from 2010-10-14.

Description of the change

Refactor SWIFT_HASH_PATH_SUFFIX to be in a config file. Adding new conf file /etc/swift/swift.conf

To post a comment you must log in.
Revision history for this message
Mike Barton (redbo) : Posted in a previous version of this proposal
review: Approve (clever)
Revision history for this message
Mike Barton (redbo) :
review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'doc/source/development_saio.rst'
2--- doc/source/development_saio.rst 2010-09-30 17:45:54 +0000
3+++ doc/source/development_saio.rst 2010-10-15 20:32:46 +0000
4@@ -199,6 +199,12 @@
5 [filter:cache]
6 use = egg:swift#memcache
7
8+ #. Create `/etc/swift/swift.conf`::
9+
10+ [swift-hash]
11+ # random unique string that can never change (DO NOT LOSE)
12+ swift_hash_path_suffix = changeme
13+
14 #. Create `/etc/swift/account-server/1.conf`::
15
16 [DEFAULT]
17
18=== added file 'etc/swift.conf-sample'
19--- etc/swift.conf-sample 1970-01-01 00:00:00 +0000
20+++ etc/swift.conf-sample 2010-10-15 20:32:46 +0000
21@@ -0,0 +1,3 @@
22+[swift-hash]
23+swift_hash_path_suffix = changeme
24+
25
26=== modified file 'swift/common/daemon.py'
27--- swift/common/daemon.py 2010-09-20 14:21:53 +0000
28+++ swift/common/daemon.py 2010-10-15 20:32:46 +0000
29@@ -45,6 +45,7 @@
30 sys.stderr = utils.LoggerFileObject(self.logger)
31
32 utils.drop_privileges(self.conf.get('user', 'swift'))
33+ utils.validate_configuration()
34
35 try:
36 os.setsid()
37
38=== modified file 'swift/common/utils.py'
39--- swift/common/utils.py 2010-10-08 18:40:51 +0000
40+++ swift/common/utils.py 2010-10-15 20:32:46 +0000
41@@ -31,7 +31,7 @@
42 import ctypes.util
43 import fcntl
44 import struct
45-from ConfigParser import ConfigParser
46+from ConfigParser import ConfigParser, NoSectionError, NoOptionError
47 from tempfile import mkstemp
48 import cPickle as pickle
49
50@@ -56,12 +56,25 @@
51 # Used by hash_path to offer a bit more security when generating hashes for
52 # paths. It simply appends this value to all paths; guessing the hash a path
53 # will end up with would also require knowing this suffix.
54-HASH_PATH_SUFFIX = os.environ.get('SWIFT_HASH_PATH_SUFFIX', 'endcap')
55+hash_conf = ConfigParser()
56+HASH_PATH_SUFFIX = ''
57+if hash_conf.read('/etc/swift/swift.conf'):
58+ try:
59+ HASH_PATH_SUFFIX = hash_conf.get('swift-hash',
60+ 'swift_hash_path_suffix')
61+ except (NoSectionError, NoOptionError):
62+ pass
63
64 # Used when reading config values
65 TRUE_VALUES = set(('true', '1', 'yes', 'True', 'Yes', 'on', 'On'))
66
67
68+def validate_configuration():
69+ if HASH_PATH_SUFFIX == '':
70+ sys.exit("Error: [swift-hash]: swift_hash_path_suffix missing "
71+ "from /etc/swift/swift.conf")
72+
73+
74 def load_libc_function(func_name):
75 """
76 Attempt to find the function in libc, otherwise return a no-op func.
77
78=== modified file 'swift/common/wsgi.py'
79--- swift/common/wsgi.py 2010-10-08 15:00:30 +0000
80+++ swift/common/wsgi.py 2010-10-15 20:32:46 +0000
81@@ -34,7 +34,7 @@
82 from eventlet.green import socket, ssl
83
84 from swift.common.utils import get_logger, drop_privileges, \
85- LoggerFileObject, NullLogger
86+ validate_configuration, LoggerFileObject, NullLogger
87
88
89 def monkey_patch_mimetools():
90@@ -112,6 +112,7 @@
91 sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 600)
92 worker_count = int(conf.get('workers', '1'))
93 drop_privileges(conf.get('user', 'swift'))
94+ validate_configuration()
95
96 def run_server():
97 wsgi.HttpProtocol.default_request_version = "HTTP/1.0"