From a717e4f8b9210374edcc9053ca6ff980cb0cefff Mon Sep 17 00:00:00 2001 From: Mike Milner Date: Thu, 12 Jan 2012 19:28:09 +0100 Subject: Add ability to rebuild CA certificate file. --- cloudinit/CloudConfig/cc_ca_certs.py | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'cloudinit/CloudConfig/cc_ca_certs.py') diff --git a/cloudinit/CloudConfig/cc_ca_certs.py b/cloudinit/CloudConfig/cc_ca_certs.py index e2110890..81ed7237 100644 --- a/cloudinit/CloudConfig/cc_ca_certs.py +++ b/cloudinit/CloudConfig/cc_ca_certs.py @@ -16,7 +16,7 @@ import os import pwd import socket -import subprocess +from subprocess import check_call import json import StringIO import ConfigParser @@ -26,10 +26,29 @@ import cloudinit.util as util CERT_FILENAME = "/usr/share/ca-certificates/cloud-init-provided.crt" def write_file(filename, contents, owner, group, mode): - raise Exception() + """ + Write a file to disk with specified owner, group, and mode. If the file + exists already it will be overwritten. + + @param filename: Full path to the new file. + @param contents: The contents of the newly created file. + @param owner: The username who should own the file. + @param group: The group for the new file. + @param mode: The octal mode (as string) for the new file. + """ + raise NotImplementedError() + +def update_ca_certs(): + """ + Updates the CA certificate cache on the current machine. + """ + check_call(["dpkg-reconfigure", "ca-certificates"]) + check_call(["update-ca-certificates"]) def handle(name, cfg, cloud, log, args): """ + Call to handle ca-cert sections in cloud-config file. + @param name: The module name "ca-cert" from cloud.cfg @param cfg: A nested dict containing the entire cloud config contents. @param cloud: The L{CloudInit} object in use @@ -49,3 +68,5 @@ def handle(name, cfg, cloud, log, args): if trusted_certs: cert_file_contents = "\n".join(trusted_certs) write_file(CERT_FILENAME, cert_file_contents, "root", "root", "644") + + update_ca_certs() -- cgit v1.2.3