diff options
| author | Seth Vidal <skvidal@fedoraproject.org> | 2007-09-27 12:33:06 -0400 |
|---|---|---|
| committer | Seth Vidal <skvidal@fedoraproject.org> | 2007-09-27 12:33:06 -0400 |
| commit | f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea (patch) | |
| tree | 023eba9059a7e6f78e29a9bee4149e86cf103b92 | |
| parent | db29f4bf424b7b804617cb042ad796f2812c0ca0 (diff) | |
| download | third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.tar.gz third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.tar.xz third_party-func-f91fa04fe5c5813f2ce200fbc59b52e0a00d4bea.zip | |
- certs.py: write keys out as mode 600
- make sure we setup the config dict immediately in config_data
- clean up our config, pki and var dirs on removal
| -rw-r--r-- | func.spec | 2 | ||||
| -rw-r--r-- | func/certs.py | 6 | ||||
| -rwxr-xr-x | minion/config_data.py | 2 | ||||
| -rw-r--r-- | setup.py | 5 |
4 files changed, 10 insertions, 5 deletions
@@ -40,6 +40,8 @@ rm -fr $RPM_BUILD_ROOT %{_bindir}/certmaster-ca /etc/init.d/funcd /etc/init.d/certmaster +%dir %{_sysconfdir}/%{name} +%dir %{_sysconfdir}/pki/%{name} %config(noreplace) /etc/func/minion.conf %config(noreplace) /etc/func/certmaster.conf %dir %{python_sitelib}/func diff --git a/func/certs.py b/func/certs.py index bf624a2..6e3a025 100644 --- a/func/certs.py +++ b/func/certs.py @@ -29,9 +29,9 @@ def make_keypair(dest=None): pkey = crypto.PKey() pkey.generate_key(crypto.TYPE_RSA, 2048) if dest: - destfo = open(dest, 'w') - destfo.write(crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey)) - destfo.close() + destfd = os.open(dest, os.O_RDWR|os.O_CREAT, 0600) + os.write(destfd, (crypto.dump_privatekey(crypto.FILETYPE_PEM, pkey))) + os.close(destfd) return pkey diff --git a/minion/config_data.py b/minion/config_data.py index be4f164..daa366a 100755 --- a/minion/config_data.py +++ b/minion/config_data.py @@ -24,10 +24,10 @@ class Config: # this class is a Borg __shared_state = {} has_read = False + ds = {} def __init__(self): self.__dict__ = self.__shared_state - self.ds = {} if not self.has_read: self.read() Config.has_read = True @@ -17,6 +17,7 @@ if __name__ == "__main__": etcpath = "/etc/%s" % NAME initpath = "/etc/init.d/" logpath = "/var/log/%s/" % NAME + pkipath = "/etc/pki/%s" % NAME setup( name="%s" % NAME, version = VERSION, @@ -43,7 +44,9 @@ if __name__ == "__main__": (manpath, ["docs/func.1.gz"]), (manpath, ["docs/funcd.1.gz"]), (manpath, ["docs/certmaster.1.gz"]), - (logpath, []) + (logpath, []), + (etcpath, []), + (pkipath, []) ], description = SHORT_DESC, long_description = LONG_DESC |