[Func-list] certmaster 0.24 patch

Thu, 26 Feb 2009 14:50:02 -0800 

Here is a patch for certmaster for optionally specifying the name that you wish 
to use as the minion identifier.  If you do nothing, then the original behavior 
will be preserved (the minion's name will be dynamically derived by the 
utils.get_hostname() function).  If you wish to override this default behavior 
(which may not be ideal if a server has multiple interfaces and/or aliases) 
simply add "minion_name = foo.bar" to /etc/certmaster/minion.conf.  When funcd 
is started, it will request a cert as "foo.bar". 

eg. if your minion requests a cert as "foo.example.com" and you'd prefer to 
have it recognized by func as "foo.bar" then edit /etc/certmaster/minion.conf 
accordingly:

[main]
certmaster = certmaster
...
minion_name = foo.bar


After func is restarted and the cert signed you can invoke func requests for 
"foo.bar", "*.bar", etc...  This of course assumes that foo.bar is a legitimate 
name for the server (eg. /etc/hosts, DNS, etc...).

Regards,

Phil


Patch follows:

===========================================================

*** orig/commonconfig.py        Thu Feb 26 13:51:36 2009
--- changes/commonconfig.py     Thu Feb 26 13:56:35 2009
***************
*** 32,35 ****
--- 32,36 ----
      certmaster = Option('certmaster')
      certmaster_port = IntOption(51235)
      cert_dir = Option('/etc/pki/certmaster')
+     minion_name = Option("")
  
diff -crB orig/utils.py changes/utils.py
*** orig/utils.py       Thu Feb 26 13:51:13 2009
--- changes/utils.py    Thu Feb 26 13:56:25 2009
***************
*** 110,115 ****
--- 110,122 ----
      #      support elsewhere either. It also hardcodes the port number
      #      for the certmaster for now
      hostname = None
+ 
+     config_file = '/etc/certmaster/minion.conf'
+     config = read_config(config_file, MinionConfig)
+ 
+     if config.minion_name:    
+         return config.minion_name      
+     
      hostname = socket.gethostname()
      # print "DEBUG: HOSTNAME TRY1: %s" % hostname
      try:
***************
*** 123,131 ****
          return hostname
  
      if talk_to_certmaster:
-         config_file = '/etc/certmaster/minion.conf'
-         config = read_config(config_file, MinionConfig)
- 
          server = config.certmaster
          port = config.certmaster_port
  
--- 130,135 ----

_______________________________________________
Func-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/func-list

Reply via email to