summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Do not accept certificates that do not match our key.HEADmasterJohn Eckersberg2009-04-142-0/+22
| | | | | | | | | Usually this happens when a host is re-provisioned and you forget to run certmaster-ca --clean afterwards to remove the old cert on the certmaster. Instead of accepting the cert and throwing a key-mismatch exception, we log a useful hint to the log and to stderr.
* [certmaster] Documentation and cleanup for minion-to-minionJohn Eckersberg2009-03-185-1/+52
| | | | | | | | * Add man page for certmaster-sync * Symlink certmaster-sync into triggers for post-sign and post-clean (doesn't execute by default) * Add sync_certs setting to default certmaster.conf * Create the empty /var/lib/certmaster/peers directory
* Minion-to-minion support, certmaster half.John Eckersberg2009-03-135-2/+152
|
* add a monit configuration filePhil2009-03-051-0/+6
|
* change utils.get_hostname to just do the basic thing. Move the bitsAdrian Likins2009-03-031-29/+1
| | | | | that do all the config checking and route lookup and other madness to func.utils.get_hostname_by_route
* Merge branch 'master' of ssh://alikins@git.fedorahosted.org/git/certmasterAdrian Likins2009-02-211-1/+0
|\ | | | | | | | | Conflicts: Makefile
| * there was a trailing space on the versionAdrian Likins2009-02-201-2/+1
| |
* | rev to release 5 for rebuildAdrian Likins2009-02-192-3/+3
|/
* remove "version" file and updated spec/makefile/setup.py to not need itAdrian Likins2009-02-184-16/+9
|
* add a excepthook handler for uncaught exceptions, so they get written to the logAdrian Likins2009-02-121-1/+18
| | | | https://fedorahosted.org/func/ticket/70
* change old urls to new urlsAdrian Likins2009-01-222-3/+3
|
* make the python executable we use a makefile variableAdrian Likins2009-01-211-4/+5
|
* certmaster.spec: Try to simplify the support for rhel3+python2.3 a little bit.Adrian Likins2009-01-192-6/+42
| | | | | | | | We let distutils do the /usr/bin/python path munging for the files that need it (aka, everything in "scripts"). So we can get rid of the patch for this (we also cleaned up all the files that had a #! set that didn't need it) Some minor spec file formatting changes as well
* permissions cleanup on source filesAdrian Likins2009-01-198-0/+0
|
* fix up some docs bugs. Looks like they were introduced in the ↵Adrian Likins2009-01-135-7/+9
| | | | | | | certmaster/func split. fix https://fedorahosted.org/certmaster/ticket/5 (certmaster-request man page was getting created incorrectly)
* 0.24Adrian Likins2008-12-171-1/+1
|
* Patch from Tim Bielawa <timbielawa@gmail.com> to make init scripts workTim Bielawa2008-12-151-13/+29
| | | | on debian/ubuntu
* add missing dirs to spec file (trigger dirs)Adrian Likins2008-12-081-0/+6
| | | | fix for bugzilla #473633
* removed unneed line that reset the requesting_hostAdrian Likins2008-11-181-1/+0
|
* Make the port that certmaster listens on and funcd connects to configurable.Adrian Likins2008-11-125-3/+12
| | | | | | | | add listen_port to /etc/certmaster/certmaster.conf to configure which port certmaster runs on. add certmaster_port to /etc/certmaster/minion.conf so funcd knows which port to talk to certmaster on.
* change triggers so we pass in the name of the machine the ↵Adrian Likins2008-10-152-7/+9
| | | | | | | | | | request/sign/remove is for and pass it to the triggers This could potentially break some existing triggers if they dont expect and argument. However, it's documented that they should expect a name argument, they just weren't ever getting one until now.
* fix for utils.daemonize() as reported in https://fedorahosted.org/func/ticket/58Adrian Likins2008-09-191-6/+21
| | | | | | | | | by goozbach Couple of things wrong, fd's were getting closed in wrong place, the call to os.cwd('/') was supposed to be os.chdir('/') Also try duping the fd's just in case
* Merge branch 'master' of ↵Adrian Likins2008-09-051-1/+1
|\ | | | | | | ssh://alikins@git.fedoraproject.org/git/hosted/certmaster
| * rev to 0.23-1Adrian Likins2008-09-051-1/+1
| |
* | credit for patch for Jonathan Barber <j.barber@dundee.ac.uk>Adrian Likins2008-09-051-0/+1
| |
* | close stdin/stdout/stderr on daemonizeJonathan Barber2008-09-051-0/+4
| | | | | | | | patch from Jonathan Barber <j.barber@dundee.ac.uk>
* | add #*# files correctly to .gitignoreAdrian Likins2008-07-241-1/+1
| |
* | add more stuff to shut up gitAdrian Likins2008-07-241-0/+3
| |
* | add .gitignoreAdrian Likins2008-07-241-0/+2
| |
* | merge with the code from funcAdrian Likins2008-07-241-5/+8
|/ | | | remove a spurious debug line
* /s/June/Jun (incorrect changelog entry)Adrian Likins2008-06-301-1/+1
|
* fix fedora bug #441283 - typo in postinstall scriptletAdrian Likins2008-06-302-2/+6
| | | | | | (the init.d symlinks for runlevels 1 and 6 were created wrong) rev releae
* Updating AUTHORSMichael DeHaan2008-06-301-1/+4
|
* Bump version for release, clean up wrong versions in changelog.Michael DeHaan2008-06-302-5/+9
|
* Remove stray printMichael DeHaan2008-06-301-1/+1
|
* Add default value of 'cert_extension' in certmaster.confTANABE Ken-ichi2008-06-281-0/+1
|
* Add cert_extension optionTANABE Ken-ichi2008-06-281-0/+1
|
* add two new options to "certmaster-ca"Adrian Likins2008-04-302-1/+71
| | | | | | | | | -list-signed shows a list of certs the certmaster has already signed --list-cert-hashes returns the list of signed certs in the CN-hash format that the acls files expects. Should make it a little easier to use the acls. Both options take optional hostnames or hostname globs
* apply triggers patch from Steve Salevan <ssalevan@redhat.com>Adrian Likins2008-04-221-0/+1221
| | | | | | | | Steves comments: Adding in triggering functionality, changed specfile and MANIFEST.in to reflect changes. Added sub_process.py file to facilitate the subprocesses necessary for triggering to work. Modified certmaster.py to add trigger points.
* apply triggers patch from Steve Salevan <ssalevan@redhat.com>Adrian Likins2008-04-225-8/+78
| | | | | | | | Steves comments: Adding in triggering functionality, changed specfile and MANIFEST.in to reflect changes. Added sub_process.py file to facilitate the subprocesses necessary for triggering to work. Modified certmaster.py to add trigger points.
* more logging info. log info for sign_this_csr()Adrian Likins2008-03-181-2/+9
|
* be a bit more verbose in the logging here, add file location info to logsAdrian Likins2008-03-181-1/+1
|
* fix a bug where certmaster was writing out the client csr file over and over ↵Adrian Likins2008-03-181-15/+4
| | | | | | | | if it had been created, but not signed. Also, add some debug logging.
* certmaster logging cleanupsAdrian Likins2008-03-173-8/+22
| | | | | - use unique name for the certmaster logs - some not quite working code for passing down client info so we can log
* remove unused certmaster/minion/ and certmaster/overlord/ dirsAdrian Likins2008-03-1720-3027/+3
| | | | update spec and setup accordingly
* add some basic logging output to certmasterAdrian Likins2008-03-172-2/+24
|
* Do not move versions backwardMichael DeHaan2008-03-061-1/+1
|
* lame build fix. Messages/gettext stuff needs to be sorted out. We doneAdrian Likins2008-03-051-0/+1
| | | | | seem to find any messages to translate,so po/messages.pot isnt created. So for now, create it with a touch.
* remove references to certmasterdAdrian Likins2008-02-251-6/+3
|
* Config file tweaksMichael DeHaan2008-02-253-4/+23
|
generated by cgit (git 2.34.1) at 2024-04-18 22:55:22 +0000