Issue #1361 has been updated by eric sorenson. Status changed from Tests Insufficient to Duplicate
Closing as a duplicate of #7244, which has a proposed generalized solution which supercedes this request; if you're a watcher interested in policy-driven certificate signing, please try the proposal there and add your feedback/use case to that bug. ---------------------------------------- Feature #1361: autosign only allows for hostname matching, rather than allow/deny blocks https://projects.puppetlabs.com/issues/1361#change-83564 Author: Jason Hansen Status: Duplicate Priority: Normal Assignee: Nigel Kersten Category: Target version: Affected Puppet version: 0.24.4 Keywords: Branch: Currently, autosign only allows hostname matching, rather than the more complete implementation of allow/deny available through the fileserver module. I've modified puppet/handler/ca.rb to process autosign.conf for hostnames as well as allow/deny configuration blocks. New behavior is to parse for allow/deny blocks, and then as a default, call auth.allow with the value of the line from autosign.conf. This should keep behavior backward compatible. As this is my first bit of ruby, as well as git patch, let me know if I need to do anything different. Jason -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
