From 8c11f5612b607c85a1d38858074281b7065daff1 Mon Sep 17 00:00:00 2001
From: Eoghan Glynn <eglynn@redhat.com>
Date: Fri, 1 Mar 2013 12:09:01 +0000
Subject: [PATCH] Allow qpid to be selected as AMQP provider on precise

Fixes bug 1137667

Previously the auth/sasl config for qpidd was broken, and the
openstack services using RPC were not properly configured.

Now we ensure that:

- the admin qpid_username/password are configured for all services
  (as the qpidd ACL config denies all access to non-admin users)

- the PLAIN sasl mechanism is configured for qpidd (otherwise the
  qpid_password is not propogated)

- the qpidd process has read permission on the sasl DB (otherwise
  thw admin user/apss cannot be verified even if set)

Change-Id: Id6bd675841884451b78f257afe786f494a03c0f7
---
 lib/ceilometer  | 8 +-------
 lib/glance      | 3 +--
 lib/rpc_backend | 7 +++++++
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/lib/ceilometer b/lib/ceilometer
index e890ff9593..8772867d35 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -64,13 +64,7 @@ function configure_ceilometer() {
     [ ! -d $CEILOMETER_API_LOG_DIR ] &&  sudo mkdir -m 755 -p $CEILOMETER_API_LOG_DIR
     sudo chown $USER $CEILOMETER_API_LOG_DIR
 
-    if is_service_enabled rabbit ; then
-        iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_kombu'
-        iniset $CEILOMETER_CONF DEFAULT rabbit_host $RABBIT_HOST
-        iniset $CEILOMETER_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
-    elif is_service_enabled qpid ; then
-        iniset $CEILOMETER_CONF DEFAULT rpc_backend 'ceilometer.openstack.common.rpc.impl_qpid'
-    fi
+    iniset_rpc_backend ceilometer $CEILOMETER_CONF DEFAULT
 
     iniset $CEILOMETER_CONF DEFAULT notification_topics 'notifications,glance_notifications'
     iniset $CEILOMETER_CONF DEFAULT verbose True
diff --git a/lib/glance b/lib/glance
index 80d3902aab..87c160e8dc 100644
--- a/lib/glance
+++ b/lib/glance
@@ -114,9 +114,8 @@ function configure_glance() {
         iniset $GLANCE_API_CONF DEFAULT notifier_strategy qpid
     elif [ -n "$RABBIT_HOST" ] &&  [ -n "$RABBIT_PASSWORD" ]; then
         iniset $GLANCE_API_CONF DEFAULT notifier_strategy rabbit
-        iniset $GLANCE_API_CONF DEFAULT rabbit_host $RABBIT_HOST
-        iniset $GLANCE_API_CONF DEFAULT rabbit_password $RABBIT_PASSWORD
     fi
+    iniset_rpc_backend glance $GLANCE_API_CONF DEFAULT
     iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api
 
     cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI
diff --git a/lib/rpc_backend b/lib/rpc_backend
index f35f9dbd57..70acfb0155 100644
--- a/lib/rpc_backend
+++ b/lib/rpc_backend
@@ -58,6 +58,8 @@ function install_rpc_backend() {
             install_package qpid-cpp-server-daemon
         elif is_ubuntu; then
             install_package qpidd
+            sudo sed -i '/PLAIN/!s/mech_list: /mech_list: PLAIN /' /etc/sasl2/qpidd.conf
+            sudo chmod o+r /etc/qpid/qpidd.sasldb
         else
             exit_distro_not_supported "qpid installation"
         fi
@@ -100,6 +102,11 @@ function iniset_rpc_backend() {
         iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_zmq
     elif is_service_enabled qpid; then
         iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
+        if is_ubuntu; then
+            QPID_PASSWORD=`sudo strings /etc/qpid/qpidd.sasldb | grep -B1 admin | head -1`
+            iniset $file $section qpid_password $QPID_PASSWORD
+            iniset $file $section qpid_username admin
+        fi
     elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then
         iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu
         iniset $file $section rabbit_host $RABBIT_HOST