func/overlord/client.py | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) New commits: commit bffb795c9263830f72d5335a18536553dc9f2875 Author: Seth Vidal <skvidal@xxxxxxxxxxxxxxxxx> Date: Mon Aug 2 17:07:59 2010 -0400 - apply patch from: S.Ã?aÄ?lar Onur <caglar@xxxxxxxxxxxxxxxx> to fix search/replace issue causing traceback when using delegation apply patch from me to: - use socket.gethostbyname_ex() to attempt to figure out the most valid name for an unqualified/partial hostname we're passed. this let's things like: func 'myhost' <do stuff> expand 'myhost' out to 'myhost.fqdn.org' properly. diff --git a/func/overlord/client.py b/func/overlord/client.py index d06bff8..ffb3ba9 100644 --- a/func/overlord/client.py +++ b/func/overlord/client.py @@ -22,6 +22,7 @@ import shlex import subprocess import re import fnmatch +import socket import func.yaml as yaml from certmaster.commonconfig import CMConfig @@ -159,7 +160,19 @@ class Minions(object): # if we can't match this gloob and the gloob is not REALLY a glob # let the gloob be the hostname we try to connect to. if not certs and not func_utils.re_glob(each_gloob): - tmp_hosts.add(each_gloob) + found_by_alias = False + (fqdn, aliases, ips) = socket.gethostbyname_ex(each_gloob) + + for name in [fqdn] + aliases: + actual_gloob = "%s/%s.%s" % (self.cm_config.certroot, name, self.cm_config.cert_extension) + certs += glob.glob(actual_gloob) + if self.cm_config.peering: + peer_gloob = "%s/%s.%s" % (self.cm_config.peerroot, name, self.cm_config.cert_extension) + certs += glob.glob(peer_gloob) + break + + if not certs: + tmp_hosts.add(each_gloob) for cert in certs: tmp_certs.add(cert) @@ -332,9 +345,21 @@ class PuppetMinions(Minions): tmp_hosts.add(hostname) # if we can't match this gloob and the gloob is not REALLY a glob - # let the gloob be the hostname we try to connect to. + # then toss this at gethostbyname_ex() and see if any of the cname + # or aliases matches _something_ we know about if not matched_gloob and not func_utils.re_glob(each_gloob): - tmp_hosts.add(each_gloob) + found_by_alias = False + (fqdn, aliases, ips) = socket.gethostbyname_ex(each_gloob) + for name in [fqdn] + aliases: + if name in self._host_inv and int(self._host_inv[name], 16) not in self._revoked_serials: + if os.path.exists(self.overlord_config.puppet_signed_certs_dir + '/' + name + '.pem'): + tmp_hosts.add(name) + found_by_alias = True + break + + if not found_by_alias: + tmp_hosts.add(each_gloob) + # don't return certs path - just hosts return tmp_hosts,tmp_certs @@ -830,7 +855,7 @@ class Overlord(object): spec = kwargs['suboverlord'] #the sub-overlord directly beneath this one minions_hosts = self.minions_class.get_hosts_for_spec(spec) use_delegate = True #signal to process_server to call delegate method - minionurls = minionobj.get_urls(hosts=minion_hosts) #the single-item url list to make async + minionurls = self.minions_class.get_urls(hosts=minion_hosts) #the single-item url list to make async #tools such as jobthing/forkbomb happy else: #we're directly calling minions, so treat everything normally spec = self.server_spec
_______________________________________________ Func-list mailing list Func-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/func-list