arif/xcat-core
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

remove update of sensitive cred files to /install/postscripts directories

Browse Source 
git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@5873 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd
This commit is contained in:
lissav 2010-04-23 18:06:29 +00:00
parent 264325edec
commit d952bcdec0
1 changed files with 12 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
xCAT-server/sbin/xcatconfig
View File

@ -312,7 +312,7 @@ if ($::INITIALINSTALL || $::FORCE || $::UPDATEINSTALL)
#
# set up the certificates for xcatd, gen new ones if requested or do not exist
#
if ($::INITIALINSTALL || $::FORCE || $::genCredentials)
if ($::INITIALINSTALL || $::UPDATEINSTALL || $::FORCE || $::genCredentials)
{
&genCredentials;
}
@ -1267,34 +1267,33 @@ sub genCredentials
}
}
# copy to postscript directory
# copy to postscript directory just non-sensitive files
my $cmd = "/bin/rm -rf $::INSTALLDIR/postscripts/ca >/dev/null 2>&1";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/bin/mkdir -p $::INSTALLDIR/postscripts/ca/certs";
my $cmd = "/bin/mkdir -p $::INSTALLDIR/postscripts/ca";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create $::INSTALLDIR/postscripts/ca/certs directory.");
"Could not create $::INSTALLDIR/postscripts/ca directory.");
}
else
{
xCAT::MsgUtils->message('I',
"Created $::INSTALLDIR/postscripts/ca/certs directory.");
verbose("Created $::INSTALLDIR/postscripts/ca directory.");
}
my $cmd = "/bin/cp -r /etc/xcat/ca/* $::INSTALLDIR/postscripts/ca";
my $cmd = "/bin/cp -p /etc/xcat/ca/ca-cert.pem $::INSTALLDIR/postscripts/ca/ca-cert.pem";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy /etc/xcat/ca/* to $::INSTALLDIR/postscripts/ca directory."
"$cmd failed"
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied /etc/xcat/ca/* to $::INSTALLDIR/postscripts/ca directory.");
"$cmd succeeded.");
}
if ((!-d "/etc/xcat/cert") || $::FORCE || $::genCredentials)
@ -1323,34 +1322,9 @@ sub genCredentials
}
}
# copy to postscript directory
# copy to postscript directory, no longer use cert directory
my $cmd = "/bin/rm -rf $::INSTALLDIR/postscripts/cert >/dev/null 2>&1";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
my $cmd = "/bin/mkdir -p $::INSTALLDIR/postscripts/cert";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message('E',
"Could not create $::INSTALLDIR/postscripts/cert directory.");
}
else
{
verbose("Created $::INSTALLDIR/postscripts/cert directory.");
}
my $cmd = "/bin/cp -r /etc/xcat/cert/* $::INSTALLDIR/postscripts/cert";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy /etc/xcat/cert/* to $::INSTALLDIR/postscripts/cert directory."
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied /etc/xcat/cert/* to $::INSTALLDIR/postscripts/cert directory.");
}
if ((!-r "$::root/.xcat/client-key.pem") || $::FORCE || $::genCredentials)
{
@ -1384,35 +1358,19 @@ sub genCredentials
{
verbose("Created $::INSTALLDIR/postscripts/_xcat directory.");
}
my $cmd = "/bin/cp -r $::root/.xcat/* $::INSTALLDIR/postscripts/_xcat";
my $cmd = "/bin/cp -p $::root/.xcat/ca.pem $::INSTALLDIR/postscripts/_xcat/ca.pem";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy $::root/.xcat/* to $::INSTALLDIR/postscripts/_xcat directory."
"Could not copy $::root/.xcat/ca.pem to $::INSTALLDIR/postscripts/_xcat directory."
);
}
else
{
xCAT::MsgUtils->message('I',
"Copied $::root/.xcat/* to $::INSTALLDIR/postscripts/_xcat directory.");
}
my $cmd = "/bin/cp -r /etc/xcat/ca/certs/* $::INSTALLDIR/postscripts/ca/certs";
my $outref = xCAT::Utils->runcmd("$cmd", 0);
if ($::RUNCMD_RC != 0)
{
xCAT::MsgUtils->message(
'E',
"Could not copy /etc/xcat/ca/certs/* to $::INSTALLDIR/postscripts/ca/certs directory."
);
}
else
{
xCAT::MsgUtils->message(
'I',
"Copied /etc/xcat/ca/certs* to $::INSTALLDIR/postscripts/ca/certs directory."
);
"Copied $::root/.xcat/ca.pem to $::INSTALLDIR/postscripts/_xcat directory.");
}
}