diff options
| author | Mike Milner <mike.milner@canonical.com> | 2012-01-14 12:22:27 -0400 |
|---|---|---|
| committer | Mike Milner <mike.milner@canonical.com> | 2012-01-14 12:22:27 -0400 |
| commit | 667a3da2be1c6351496d3584ee658d58f479f4b0 (patch) | |
| tree | 972cf375a2e7ae7ec6629ea29527cb1edf880857 /cloudinit/CloudConfig/cc_ca_certs.py | |
| parent | 094e915e91186401ebc7c97564917334faade150 (diff) | |
| download | vyos-cloud-init-667a3da2be1c6351496d3584ee658d58f479f4b0.tar.gz vyos-cloud-init-667a3da2be1c6351496d3584ee658d58f479f4b0.zip | |
Handle config flag for removing default trusted CAs.
Diffstat (limited to 'cloudinit/CloudConfig/cc_ca_certs.py')
| -rw-r--r-- | cloudinit/CloudConfig/cc_ca_certs.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/cloudinit/CloudConfig/cc_ca_certs.py b/cloudinit/CloudConfig/cc_ca_certs.py index 07074e2f..a51dbe9f 100644 --- a/cloudinit/CloudConfig/cc_ca_certs.py +++ b/cloudinit/CloudConfig/cc_ca_certs.py @@ -56,6 +56,12 @@ def add_ca_certs(certs): cert_file_contents = "\n".join(certs) write_file(CERT_FILENAME, cert_file_contents, "root", "root", "644") +def remove_default_ca_certs(): + """ + Removes all default trusted CA certificates from the system. + """ + raise NotImplementedError() + def handle(name, cfg, cloud, log, args): """ Call to handle ca-cert sections in cloud-config file. @@ -71,6 +77,9 @@ def handle(name, cfg, cloud, log, args): return ca_cert_cfg = cfg['ca-certs'] + if ca_cert_cfg.get("remove-defaults", False): + remove_default_ca_certs() + # set the validation key based on the presence of either 'validation_key' # or 'validation_cert'. In the case where both exist, 'validation_key' # takes precedence |