Always create signing_dir regardless of token format
Fixes bug 1088801
devstack does not create signing_dir when keystone token format is UUID.
If the default value of signing_dir is read-only, OpenStack services
such as Quantum server failed to start due to permission denied.
On the keystone client cannot know which token_format is used in keystone
in advance, so signing_dir should be created regardless of the token format.
Change-Id: I1b0d25c1ac4d22d9fb2c5443d15b96fdaa5a4c81
diff --git a/lib/nova b/lib/nova
index 3a4d34d..f059576 100644
--- a/lib/nova
+++ b/lib/nova
@@ -172,9 +172,7 @@
" -i $NOVA_API_PASTE_INI
fi
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
- iniset $NOVA_API_PASTE_INI filter:authtoken signing_dir $NOVA_AUTH_CACHE_DIR
- fi
+ iniset $NOVA_API_PASTE_INI filter:authtoken signing_dir $NOVA_AUTH_CACHE_DIR
if is_service_enabled n-cpu; then
# Force IP forwarding on, just on case
@@ -378,11 +376,9 @@
$NOVA_BIN_DIR/nova-manage db sync
fi
- if [[ "$KEYSTONE_TOKEN_FORMAT" == "PKI" ]]; then
- # Create cache dir
- sudo mkdir -p $NOVA_AUTH_CACHE_DIR
- sudo chown `whoami` $NOVA_AUTH_CACHE_DIR
- fi
+ # Create cache dir
+ sudo mkdir -p $NOVA_AUTH_CACHE_DIR
+ sudo chown `whoami` $NOVA_AUTH_CACHE_DIR
}
# install_novaclient() - Collect source and prepare