diff options
| author | Christian Breunig <christian@breunig.cc> | 2024-05-25 21:26:08 +0200 |
|---|---|---|
| committer | Christian Breunig <christian@breunig.cc> | 2024-05-25 21:26:42 +0200 |
| commit | 65fba1cd27af67c543e120effc12882bd0191f03 (patch) | |
| tree | b585d154ce7cc0c9ef67abc042c7556a34061f8b /op-mode-definitions | |
| parent | 609563d6acfeafbed46b1ac5e6bd497ce097e3bc (diff) | |
| download | vyos-1x-65fba1cd27af67c543e120effc12882bd0191f03.tar.gz vyos-1x-65fba1cd27af67c543e120effc12882bd0191f03.zip | |
op-mode: T6377: must call pki.py helper as root to work with ACME certificates
This fixes the error:
vyos@vyos:~$ show pki certificate
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/vyos/config.py", line 111, in config_dict_mangle_acme
tmp = read_file(f'{vyos_certbot_dir}/live/{name}/cert.pem')
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 44, in read_file
raise e
File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 38, in read_file
with open(fname, 'r') as f:
^^^^^^^^^^^^^^^^
PermissionError: [Errno 13] Permission denied: '/config/auth/letsencrypt/live/vyos/cert.pem'
Diffstat (limited to 'op-mode-definitions')
| -rw-r--r-- | op-mode-definitions/pki.xml.in | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/op-mode-definitions/pki.xml.in b/op-mode-definitions/pki.xml.in index a5e01bade..f76b4f4e1 100644 --- a/op-mode-definitions/pki.xml.in +++ b/op-mode-definitions/pki.xml.in @@ -495,7 +495,7 @@ <properties> <help>Show x509 CA certificates</help> </properties> - <command>${vyos_op_scripts_dir}/pki.py --action show --ca "all"</command> + <command>sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "all"</command> </leafNode> <tagNode name="ca"> <properties> @@ -504,13 +504,13 @@ <path>pki ca</path> </completionHelp> </properties> - <command>${vyos_op_scripts_dir}/pki.py --action show --ca "$4"</command> + <command>sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "$4"</command> <children> <leafNode name="pem"> <properties> <help>Show x509 CA certificate in PEM format</help> </properties> - <command>${vyos_op_scripts_dir}/pki.py --action show --ca "$4" --pem</command> + <command>sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "$4" --pem</command> </leafNode> </children> </tagNode> @@ -518,7 +518,7 @@ <properties> <help>Show x509 certificates</help> </properties> - <command>${vyos_op_scripts_dir}/pki.py --action show --certificate "all"</command> + <command>sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "all"</command> </leafNode> <tagNode name="certificate"> <properties> @@ -527,7 +527,7 @@ <path>pki certificate</path> </completionHelp> </properties> - <command>${vyos_op_scripts_dir}/pki.py --action show --certificate "$4"</command> + <command>sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "$4"</command> <children> <leafNode name="pem"> <properties> @@ -542,7 +542,7 @@ <list>sha256 sha384 sha512</list> </completionHelp> </properties> - <command>${vyos_op_scripts_dir}/pki.py --action show --certificate "$4" --fingerprint "$6"</command> + <command>sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "$4" --fingerprint "$6"</command> </tagNode> </children> </tagNode> |