diff options
| author | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-04-22 19:30:09 +0200 |
|---|---|---|
| committer | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-04-23 20:52:04 +0200 |
| commit | ec478da93a03d0a9c5cd7b782d86deea6d3b4a8b (patch) | |
| tree | 0254bffcb38ac7aa60c540497c57f86cb709174d /lib/puppet | |
| parent | e623f8a32a7363d98843fdb361c717b6198d32de (diff) | |
| download | puppet-ec478da93a03d0a9c5cd7b782d86deea6d3b4a8b.tar.gz puppet-ec478da93a03d0a9c5cd7b782d86deea6d3b4a8b.tar.xz puppet-ec478da93a03d0a9c5cd7b782d86deea6d3b4a8b.zip | |
Fix configurer to retrieve catalog with client certname
Rationale:
Before this change, the catalog was retrived with this uri:
/catalog/hostname
On the server side, the corresponding node was found by using the
request node, then finding if this node also match hostname
(which it does of course).
But it is not possible to have an ACL matching the hostname part
of the uri, because it:
* it would be compared to the node name (certname), which obviously
is not the same
* it is not possible to create a dynamic allow/deny rule on a non-fqdn
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
Diffstat (limited to 'lib/puppet')
| -rw-r--r-- | lib/puppet/configurer.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/puppet/configurer.rb b/lib/puppet/configurer.rb index b74456de4..d9f207143 100644 --- a/lib/puppet/configurer.rb +++ b/lib/puppet/configurer.rb @@ -79,7 +79,7 @@ class Puppet::Configurer # Get the remote catalog, yo. Returns nil if no catalog can be found. def retrieve_catalog - name = Facter.value("hostname") + name = Puppet[:certname] catalog_class = Puppet::Resource::Catalog # This is a bit complicated. We need the serialized and escaped facts, |