Fixing #2171 - All certificate files are written with default perms

We were already writing all specific files with appropriate permissions; this change makes all of the files that are part of a group (which largely means files saved by puppetmasterd and puppetca) are also written using the correct permissions. Signed-off-by: Luke Kanies <luke@madstop.com>
author: Luke Kanies <luke@madstop.com> 2009-04-21 02:33:49 -0500
committer: James Turnbull <james@lovedthanlost.net> 2009-04-22 03:23:00 +1000
commit: c1be88742d143128ed8240316b6269b585c5084e (patch)
tree: f3021dcd05497a00a4ad1fdb49fcf6f2591bac29 /lib/puppet/indirector
parent: e2201d6e52b85ddbeaf107a41eb627994eb6973c (diff)
download: puppet-c1be88742d143128ed8240316b6269b585c5084e.tar.gz
puppet-c1be88742d143128ed8240316b6269b585c5084e.tar.xz
puppet-c1be88742d143128ed8240316b6269b585c5084e.zip
2 files changed, 7 insertions, 5 deletions
diff --git a/lib/puppet/indirector/key/file.rb b/lib/puppet/indirector/key/file.rb
index 4536f8aa7..a413ccf63 100644
--- a/lib/puppet/indirector/key/file.rb
+++ b/lib/puppet/indirector/key/file.rb
@@ -34,9 +34,9 @@ class Puppet::SSL::Key::File < Puppet::Indirector::SslFile
         super
 
         begin
-            File.open(public_key_path(request.key), "w") { |f| f.print request.instance.content.public_key.to_pem }
+            Puppet.settings.writesub(:publickeydir, public_key_path(request.key)) { |f| f.print request.instance.content.public_key.to_pem }
         rescue => detail
-            raise Puppet::Error, "Could not write %s: %s" % [key, detail]
+            raise Puppet::Error, "Could not write %s: %s" % [request.key, detail]
         end
     end
 end
diff --git a/lib/puppet/indirector/ssl_file.rb b/lib/puppet/indirector/ssl_file.rb
index 4119a656f..de7163700 100644
--- a/lib/puppet/indirector/ssl_file.rb
+++ b/lib/puppet/indirector/ssl_file.rb
@@ -156,12 +156,14 @@ class Puppet::Indirector::SslFile < Puppet::Indirector::Terminus
             Puppet.settings.write(self.class.ca_setting) { |f| yield f }
         elsif file_location
             Puppet.settings.write(self.class.file_setting) { |f| yield f }
-        else
+        elsif setting = self.class.directory_setting
             begin
-                File.open(path, "w") { |f| yield f }
+                Puppet.settings.writesub(setting, path) { |f| yield f }
             rescue => detail
-                raise Puppet::Error, "Could not write %s: %s" % [path, detail]
+                raise Puppet::Error, "Could not write %s to %s: %s" % [path, setting, detail]
             end
+        else
+            raise Puppet::DevError, "You must provide a setting to determine where the files are stored"
         end
     end
 end
author	Luke Kanies <luke@madstop.com>	2009-04-21 02:33:49 -0500
committer	James Turnbull <james@lovedthanlost.net>	2009-04-22 03:23:00 +1000
commit	c1be88742d143128ed8240316b6269b585c5084e (patch)
tree	f3021dcd05497a00a4ad1fdb49fcf6f2591bac29 /lib/puppet/indirector
parent	e2201d6e52b85ddbeaf107a41eb627994eb6973c (diff)
download	puppet-c1be88742d143128ed8240316b6269b585c5084e.tar.gz puppet-c1be88742d143128ed8240316b6269b585c5084e.tar.xz puppet-c1be88742d143128ed8240316b6269b585c5084e.zip