From c99c976881b8e41c4333dfbf2bbae8d5608b38e6 Mon Sep 17 00:00:00 2001
From: David Goetz <david.goetz@gmail.com>
Date: Thu, 14 Oct 2010 15:58:44 -0700
Subject: [PATCH 1/2] Refactor SWIFT_HASH_PATH_SUFFIX to be in a config file

---
 doc/source/development_saio.rst |  6 ++++++
 etc/swift.conf-sample           |  3 +++
 swift/common/utils.py           | 14 ++++++++++++--
 3 files changed, 21 insertions(+), 2 deletions(-)
 create mode 100644 etc/swift.conf-sample

diff --git a/doc/source/development_saio.rst b/doc/source/development_saio.rst
index 17a443d692..bdb3a1daf1 100644
--- a/doc/source/development_saio.rst
+++ b/doc/source/development_saio.rst
@@ -199,6 +199,12 @@ virtual machine will emulate running a four node Swift cluster.
         [filter:cache]
         use = egg:swift#memcache
 
+  #. Create `/etc/swift/swift.conf`::
+
+        [swift-hash]
+        # random unique string that can never change (DO NOT LOSE)
+        swift_hash_path_suffix = changeme
+
   #. Create `/etc/swift/account-server/1.conf`::
 
         [DEFAULT]
diff --git a/etc/swift.conf-sample b/etc/swift.conf-sample
new file mode 100644
index 0000000000..7e1c31d26c
--- /dev/null
+++ b/etc/swift.conf-sample
@@ -0,0 +1,3 @@
+[swift-hash]
+swift_hash_path_suffix = changeme
+
diff --git a/swift/common/utils.py b/swift/common/utils.py
index f8feb73968..f87a0d55d2 100644
--- a/swift/common/utils.py
+++ b/swift/common/utils.py
@@ -31,7 +31,7 @@ import ctypes
 import ctypes.util
 import fcntl
 import struct
-from ConfigParser import ConfigParser
+from ConfigParser import ConfigParser, NoSectionError, NoOptionError
 from tempfile import mkstemp
 import cPickle as pickle
 
@@ -56,7 +56,17 @@ _posix_fadvise = None
 # Used by hash_path to offer a bit more security when generating hashes for
 # paths. It simply appends this value to all paths; guessing the hash a path
 # will end up with would also require knowing this suffix.
-HASH_PATH_SUFFIX = os.environ.get('SWIFT_HASH_PATH_SUFFIX', 'endcap')
+hash_conf = ConfigParser()
+HASH_PATH_SUFFIX = None
+if hash_conf.read('/etc/swift/swift.conf'):
+    try:
+        HASH_PATH_SUFFIX = hash_conf.get('swift-hash',
+                                         'swift_hash_path_suffix')
+    except (NoSectionError, NoOptionError):
+        pass
+if HASH_PATH_SUFFIX is None:
+    sys.exit("Error: [swift-hash]: swift_hash_path_suffix missing "
+             "from /etc/swift/swift.conf")
 
 # Used when reading config values
 TRUE_VALUES = set(('true', '1', 'yes', 'True', 'Yes', 'on', 'On'))

From 3749d8c23a9f121057fffaa440493825a025f4a7 Mon Sep 17 00:00:00 2001
From: David Goetz <david.goetz@gmail.com>
Date: Fri, 15 Oct 2010 12:28:38 -0700
Subject: [PATCH 2/2] making the server starter fail if SWIFT_HASH_PATH_SUFFIX
 is not there

---
 swift/common/daemon.py |  1 +
 swift/common/utils.py  | 11 +++++++----
 swift/common/wsgi.py   |  3 ++-
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/swift/common/daemon.py b/swift/common/daemon.py
index 464dab49ca..26892824b8 100644
--- a/swift/common/daemon.py
+++ b/swift/common/daemon.py
@@ -45,6 +45,7 @@ class Daemon(object):
             sys.stderr = utils.LoggerFileObject(self.logger)
 
         utils.drop_privileges(self.conf.get('user', 'swift'))
+        utils.validate_configuration()
 
         try:
             os.setsid()
diff --git a/swift/common/utils.py b/swift/common/utils.py
index f87a0d55d2..0aaa8c0114 100644
--- a/swift/common/utils.py
+++ b/swift/common/utils.py
@@ -57,21 +57,24 @@ _posix_fadvise = None
 # paths. It simply appends this value to all paths; guessing the hash a path
 # will end up with would also require knowing this suffix.
 hash_conf = ConfigParser()
-HASH_PATH_SUFFIX = None
+HASH_PATH_SUFFIX = ''
 if hash_conf.read('/etc/swift/swift.conf'):
     try:
         HASH_PATH_SUFFIX = hash_conf.get('swift-hash',
                                          'swift_hash_path_suffix')
     except (NoSectionError, NoOptionError):
         pass
-if HASH_PATH_SUFFIX is None:
-    sys.exit("Error: [swift-hash]: swift_hash_path_suffix missing "
-             "from /etc/swift/swift.conf")
 
 # Used when reading config values
 TRUE_VALUES = set(('true', '1', 'yes', 'True', 'Yes', 'on', 'On'))
 
 
+def validate_configuration():
+    if HASH_PATH_SUFFIX == '':
+        sys.exit("Error: [swift-hash]: swift_hash_path_suffix missing "
+                 "from /etc/swift/swift.conf")
+
+
 def load_libc_function(func_name):
     """
     Attempt to find the function in libc, otherwise return a no-op func.
diff --git a/swift/common/wsgi.py b/swift/common/wsgi.py
index 5628517264..513ae17220 100644
--- a/swift/common/wsgi.py
+++ b/swift/common/wsgi.py
@@ -34,7 +34,7 @@ wsgi.ACCEPT_ERRNO.add(ECONNRESET)
 from eventlet.green import socket, ssl
 
 from swift.common.utils import get_logger, drop_privileges, \
-    LoggerFileObject, NullLogger
+    validate_configuration, LoggerFileObject, NullLogger
 
 
 def monkey_patch_mimetools():
@@ -112,6 +112,7 @@ def run_wsgi(conf_file, app_section, *args, **kwargs):   # pragma: no cover
     sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 600)
     worker_count = int(conf.get('workers', '1'))
     drop_privileges(conf.get('user', 'swift'))
+    validate_configuration()
 
     def run_server():
         wsgi.HttpProtocol.default_request_version = "HTTP/1.0"