From 9f02740f063b0b4a2a83551155202a02b6e4bad0 Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sat, 25 May 2024 21:26:08 +0200 Subject: op-mode: T6377: must call pki.py helper as root to work with ACME certificates This fixes the error: vyos@vyos:~$ show pki certificate Traceback (most recent call last): File "/usr/lib/python3/dist-packages/vyos/config.py", line 111, in config_dict_mangle_acme tmp = read_file(f'{vyos_certbot_dir}/live/{name}/cert.pem') ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 44, in read_file raise e File "/usr/lib/python3/dist-packages/vyos/utils/file.py", line 38, in read_file with open(fname, 'r') as f: ^^^^^^^^^^^^^^^^ PermissionError: [Errno 13] Permission denied: '/config/auth/letsencrypt/live/vyos/cert.pem' (cherry picked from commit 65fba1cd27af67c543e120effc12882bd0191f03) --- op-mode-definitions/pki.xml.in | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/op-mode-definitions/pki.xml.in b/op-mode-definitions/pki.xml.in index a5e01bade..f76b4f4e1 100644 --- a/op-mode-definitions/pki.xml.in +++ b/op-mode-definitions/pki.xml.in @@ -495,7 +495,7 @@ Show x509 CA certificates - ${vyos_op_scripts_dir}/pki.py --action show --ca "all" + sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "all" @@ -504,13 +504,13 @@ pki ca - ${vyos_op_scripts_dir}/pki.py --action show --ca "$4" + sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "$4" Show x509 CA certificate in PEM format - ${vyos_op_scripts_dir}/pki.py --action show --ca "$4" --pem + sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "$4" --pem @@ -518,7 +518,7 @@ Show x509 certificates - ${vyos_op_scripts_dir}/pki.py --action show --certificate "all" + sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "all" @@ -527,7 +527,7 @@ pki certificate - ${vyos_op_scripts_dir}/pki.py --action show --certificate "$4" + sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "$4" @@ -542,7 +542,7 @@ sha256 sha384 sha512 - ${vyos_op_scripts_dir}/pki.py --action show --certificate "$4" --fingerprint "$6" + sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "$4" --fingerprint "$6" -- cgit v1.2.3