diff options
| author | Kim Hagen <kim.sidney@gmail.com> | 2019-01-23 13:20:25 +0100 |
|---|---|---|
| committer | Kim Hagen <kim.sidney@gmail.com> | 2019-01-23 13:20:25 +0100 |
| commit | c4da1a5cddacaa7c2a15df9170f21c3fce78fb15 (patch) | |
| tree | b6abeebd0789141fea8696e2df9aa3db5663ebf0 /cloudinit/cmd/query.py | |
| parent | b120f4f7a670674779a93f8c882c81f44a993888 (diff) | |
| parent | 45d731a61a07447521d56e8ce4f19ebfeba2aa78 (diff) | |
| download | vyos-cloud-init-c4da1a5cddacaa7c2a15df9170f21c3fce78fb15.tar.gz vyos-cloud-init-c4da1a5cddacaa7c2a15df9170f21c3fce78fb15.zip | |
Merge tag '18.5' into current
release 18.5
Bump the version on cloudinit/version.py to be 18.5 and update ChangeLog
LP: #1808380
Conflicts:
config/cloud.cfg.tmpl
Diffstat (limited to 'cloudinit/cmd/query.py')
| -rw-r--r-- | cloudinit/cmd/query.py | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/cloudinit/cmd/query.py b/cloudinit/cmd/query.py index 7d2d4fe4..1d888b9d 100644 --- a/cloudinit/cmd/query.py +++ b/cloudinit/cmd/query.py @@ -3,6 +3,7 @@ """Query standardized instance metadata from the command line.""" import argparse +from errno import EACCES import os import six import sys @@ -79,27 +80,38 @@ def handle_args(name, args): uid = os.getuid() if not all([args.instance_data, args.user_data, args.vendor_data]): paths = read_cfg_paths() - if not args.instance_data: + if args.instance_data: + instance_data_fn = args.instance_data + else: + redacted_data_fn = os.path.join(paths.run_dir, INSTANCE_JSON_FILE) if uid == 0: - default_json_fn = INSTANCE_JSON_SENSITIVE_FILE + sensitive_data_fn = os.path.join( + paths.run_dir, INSTANCE_JSON_SENSITIVE_FILE) + if os.path.exists(sensitive_data_fn): + instance_data_fn = sensitive_data_fn + else: + LOG.warning( + 'Missing root-readable %s. Using redacted %s instead.', + sensitive_data_fn, redacted_data_fn) + instance_data_fn = redacted_data_fn else: - default_json_fn = INSTANCE_JSON_FILE # World readable - instance_data_fn = os.path.join(paths.run_dir, default_json_fn) + instance_data_fn = redacted_data_fn + if args.user_data: + user_data_fn = args.user_data else: - instance_data_fn = args.instance_data - if not args.user_data: user_data_fn = os.path.join(paths.instance_link, 'user-data.txt') + if args.vendor_data: + vendor_data_fn = args.vendor_data else: - user_data_fn = args.user_data - if not args.vendor_data: vendor_data_fn = os.path.join(paths.instance_link, 'vendor-data.txt') - else: - vendor_data_fn = args.vendor_data try: instance_json = util.load_file(instance_data_fn) - except IOError: - LOG.error('Missing instance-data.json file: %s', instance_data_fn) + except (IOError, OSError) as e: + if e.errno == EACCES: + LOG.error("No read permission on '%s'. Try sudo", instance_data_fn) + else: + LOG.error('Missing instance-data file: %s', instance_data_fn) return 1 instance_data = util.load_json(instance_json) |