certmaster 0.24 patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Here is a patch for certmaster for optionally specifying the name that you wish to use as the minion identifier.  If you do nothing, then the original behavior will be preserved (the minion's name will be dynamically derived by the utils.get_hostname() function).  If you wish to override this default behavior (which may not be ideal if a server has multiple interfaces and/or aliases) simply add "minion_name = foo.bar" to /etc/certmaster/minion.conf.  When funcd is started, it will request a cert as "foo.bar". 

eg. if your minion requests a cert as "foo.example.com" and you'd prefer to have it recognized by func as "foo.bar" then edit /etc/certmaster/minion.conf accordingly:

[main]
certmaster = certmaster
...
minion_name = foo.bar


After func is restarted and the cert signed you can invoke func requests for "foo.bar", "*.bar", etc...  This of course assumes that foo.bar is a legitimate name for the server (eg. /etc/hosts, DNS, etc...).

Regards,

Phil


Patch follows:

===========================================================

*** orig/commonconfig.py        Thu Feb 26 13:51:36 2009
--- changes/commonconfig.py     Thu Feb 26 13:56:35 2009
***************
*** 32,35 ****
--- 32,36 ----
      certmaster = Option('certmaster')
      certmaster_port = IntOption(51235)
      cert_dir = Option('/etc/pki/certmaster')
+     minion_name = Option("")
  
diff -crB orig/utils.py changes/utils.py
*** orig/utils.py       Thu Feb 26 13:51:13 2009
--- changes/utils.py    Thu Feb 26 13:56:25 2009
***************
*** 110,115 ****
--- 110,122 ----
      #      support elsewhere either. It also hardcodes the port number
      #      for the certmaster for now
      hostname = None
+ 
+     config_file = '/etc/certmaster/minion.conf'
+     config = read_config(config_file, MinionConfig)
+ 
+     if config.minion_name:    
+         return config.minion_name      
+     
      hostname = socket.gethostname()
      # print "DEBUG: HOSTNAME TRY1: %s" % hostname
      try:
***************
*** 123,131 ****
          return hostname
  
      if talk_to_certmaster:
-         config_file = '/etc/certmaster/minion.conf'
-         config = read_config(config_file, MinionConfig)
- 
          server = config.certmaster
          port = config.certmaster_port
  
--- 130,135 ----

_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux