Revision 77b076ca lib/bootstrap.py

b/lib/bootstrap.py
349 349 

  		





  350
  350
  
    
  noded_cert = utils.ReadFile(constants.SSL_CERT_FILE)


  		





  351
  351
  
    
  rapi_cert = utils.ReadFile(constants.RAPI_CERT_FILE)


  		





  
  352
  
    
  hmac_key = utils.ReadFile(constants.HMAC_CLUSTER_KEY)


  		





  352
  353
  
    

  		





  353
  354
  
    
  # in the base64 pem encoding, neither '!' nor '.' are valid chars,


  		





  354
  355
  
    
  # so we use this to detect an invalid certificate; as long as the


  		





  355
  356
  
    
  # cert doesn't contain this, the here-document will be correctly


  		





  356
  
  
    
  # parsed by the shell sequence below


  		





  357
  
  
    
  if (re.search('^!EOF\.', noded_cert, re.MULTILINE) or


  		





  358
  
  
    
      re.search('^!EOF\.', rapi_cert, re.MULTILINE)):


  		





  359
  
  
    
    raise errors.OpExecError("invalid PEM encoding in the SSL certificate")


  		





  
  357
  
    
  # parsed by the shell sequence below. HMAC keys are hexadecimal strings,


  		





  
  358
  
    
  # so the same restrictions apply.


  		





  
  359
  
    
  for content in (noded_cert, rapi_cert, hmac_key):


  		





  
  360
  
    
    if re.search('^!EOF\.', content, re.MULTILINE):


  		





  
  361
  
    
      raise errors.OpExecError("invalid SSL certificate or HMAC key")


  		





  360
  362
  
    

  		





  361
  363
  
    
  if not noded_cert.endswith("\n"):


  		





  362
  364
  
    
    noded_cert += "\n"


  		





  363
  365
  
    
  if not rapi_cert.endswith("\n"):


  		





  364
  366
  
    
    rapi_cert += "\n"


  		





  
  367
  
    
  if not hmac_key.endswith("\n"):


  		





  
  368
  
    
    hmac_key += "\n"


  		





  365
  369
  
    

  		





  366
  370
  
    
  # set up inter-node password and certificate and restarts the node daemon


  		





  367
  371
  
    
  # and then connect with ssh to set password and start ganeti-noded


  		





  ......




  372
  376
  
    
               "%s!EOF.\n"


  		





  373
  377
  
    
               "cat > '%s' << '!EOF.' && \n"


  		





  374
  378
  
    
               "%s!EOF.\n"


  		





  375
  
  
    
               "chmod 0400 %s %s && "


  		





  
  379
  
    
               "cat > '%s' << '!EOF.' && \n"


  		





  
  380
  
    
               "%s!EOF.\n"


  		





  
  381
  
    
               "chmod 0400 %s %s %s && "


  		





  376
  382
  
    
               "%s restart" %


  		





  377
  383
  
    
               (constants.SSL_CERT_FILE, noded_cert,


  		





  378
  384
  
    
                constants.RAPI_CERT_FILE, rapi_cert,


  		





  
  385
  
    
                constants.HMAC_CLUSTER_KEY, hmac_key,


  		





  379
  386
  
    
                constants.SSL_CERT_FILE, constants.RAPI_CERT_FILE,


  		





  
  387
  
    
                constants.HMAC_CLUSTER_KEY,


  		





  380
  388
  
    
                constants.NODE_INITD_SCRIPT))


  		





  381
  389
  
    

  		





  382
  390
  
    
  result = sshrunner.Run(node, 'root', mycommand, batch=False,


  		












Also available in:
  Unified diff