From 4fe40704bfb998588d6a96b4a2773ddc9bd692ac Mon Sep 17 00:00:00 2001
From: Chad Smith <chad.smith@canonical.com>
Date: Mon, 26 Mar 2018 21:03:39 -0400
Subject: cc_puppet: Revert regression of puppet creating ssl and ssl_cert dirs

Replace regressed cc_puppet functionality from a1f678f8.

The following content was inadvertently dropped:
 - chown /var/lib/puppet/ssl as puppet:root.
 - Automatic creation of /var/lib/puppet/ssl/certs
---
 cloudinit/config/cc_puppet.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cloudinit/config/cc_puppet.py b/cloudinit/config/cc_puppet.py
index 297e0721..4190a20b 100644
--- a/cloudinit/config/cc_puppet.py
+++ b/cloudinit/config/cc_puppet.py
@@ -140,6 +140,7 @@ def handle(name, cfg, cloud, log, _args):
         # (TODO(harlowja) is this really needed??)
         cleaned_lines = [i.lstrip() for i in contents.splitlines()]
         cleaned_contents = '\n'.join(cleaned_lines)
+        # Move to puppet_config.read_file when dropping py2.7
         puppet_config.readfp(   # pylint: disable=W1505
             StringIO(cleaned_contents),
             filename=p_constants.conf_path)
@@ -150,6 +151,8 @@ def handle(name, cfg, cloud, log, _args):
                 # Puppet ssl sub-directory isn't created yet
                 # Create it with the proper permissions and ownership
                 util.ensure_dir(p_constants.ssl_dir, 0o771)
+                util.chownbyname(p_constants.ssl_dir, 'puppet', 'root')
+                util.ensure_dir(p_constants.ssl_cert_dir)
 
                 util.chownbyname(p_constants.ssl_cert_dir, 'puppet', 'root')
                 util.write_file(p_constants.ssl_cert_path, cfg)
-- 
cgit v1.2.3