From 1a93c822667e6990b45f843e56d8976c51517671 Mon Sep 17 00:00:00 2001
From: luke <luke@980ebf18-57e1-0310-9a29-db15c13687c0>
Date: Thu, 2 Mar 2006 17:12:26 +0000
Subject: Fixing #68.  After tons and tons and tons of work, everything
 successfully configures itself, and the --genmanifest argument should
 actually work.  User and group creation will not necessarily work everywhere
 (in particular, Puppet uses dependencies to create the group first, but
 Fedora complains on user creation if the group already exists), but file and
 directory creation should.  The only downside is that there is a decent
 amount of extra information printed on daemon startup, as the daemon checks
 its config; this could maybe be seen as a bonus, though, I guess.

git-svn-id: https://reductivelabs.com/svn/puppet/trunk@966 980ebf18-57e1-0310-9a29-db15c13687c0
---
 lib/puppet/sslcertificates.rb | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'lib/puppet/sslcertificates.rb')

diff --git a/lib/puppet/sslcertificates.rb b/lib/puppet/sslcertificates.rb
index 88a9193d1..a56e64add 100755
--- a/lib/puppet/sslcertificates.rb
+++ b/lib/puppet/sslcertificates.rb
@@ -12,12 +12,19 @@ module Puppet::SSLCertificates
     Puppet.setdefaults("certificates",
         :certdir => ["$ssldir/certs", "The certificate directory."],
         :publickeydir => ["$ssldir/public_keys", "The public key directory."],
-        :privatekeydir => ["$ssldir/private_keys", "The private key directory."],
-        :privatedir => ["$ssldir/private",
-            "Where the client stores private certificate information."],
-        :passfile => ["$privatedir/password",
-            "Where puppetd stores the password for its private key.  Generally
-            unused."]
+        :privatekeydir => { :default => "$ssldir/private_keys",
+            :mode => 0750,
+            :desc => "The private key directory."
+        },
+        :privatedir => { :default => "$ssldir/private",
+            :mode => 0750,
+            :desc => "Where the client stores private certificate information."
+        },
+        :passfile => { :default => "$privatedir/password",
+            :mode => 0640,
+            :desc => "Where puppetd stores the password for its private key.
+                Generally unused."
+        }
     )
 
     #def self.mkcert(type, name, days, issuercert, issuername, serial, publickey)
-- 
cgit