From 8acc3b45868096c27ed43b22f5fa1b2d9aec38f4 Mon Sep 17 00:00:00 2001 From: Chmouel Boudjnah Date: Tue, 17 Dec 2013 23:05:12 +0100 Subject: [PATCH] Rename instead of writing directly to revoked file Make the operation more atomic with multiple writers. Closes-Bug: 1261554 Change-Id: I990a2ba28d9a2a1d01300dcd33266956d059afa3 --- keystoneclient/middleware/auth_token.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/keystoneclient/middleware/auth_token.py b/keystoneclient/middleware/auth_token.py index 984a1190f..36c8fba66 100644 --- a/keystoneclient/middleware/auth_token.py +++ b/keystoneclient/middleware/auth_token.py @@ -1241,8 +1241,11 @@ class AuthProtocol(object): """ self._token_revocation_list = jsonutils.loads(value) self.token_revocation_list_fetched_time = timeutils.utcnow() - with open(self.revoked_file_name, 'w') as f: + + with tempfile.NamedTemporaryFile(dir=self.signing_dirname, + delete=False) as f: f.write(value) + os.rename(f.name, self.revoked_file_name) def fetch_revocation_list(self, retry=True): headers = {'X-Auth-Token': self.get_admin_token()}