diff --git a/xCAT-server/sbin/xcatconfig b/xCAT-server/sbin/xcatconfig index 8bbedee19..886352fe8 100644 --- a/xCAT-server/sbin/xcatconfig +++ b/xCAT-server/sbin/xcatconfig @@ -312,7 +312,7 @@ if ($::INITIALINSTALL || $::FORCE || $::UPDATEINSTALL) # # set up the certificates for xcatd, gen new ones if requested or do not exist # -if ($::INITIALINSTALL || $::FORCE || $::genCredentials) +if ($::INITIALINSTALL || $::UPDATEINSTALL || $::FORCE || $::genCredentials) { &genCredentials; } @@ -1267,34 +1267,33 @@ sub genCredentials } } - # copy to postscript directory + # copy to postscript directory just non-sensitive files my $cmd = "/bin/rm -rf $::INSTALLDIR/postscripts/ca >/dev/null 2>&1"; my $outref = xCAT::Utils->runcmd("$cmd", 0); - my $cmd = "/bin/mkdir -p $::INSTALLDIR/postscripts/ca/certs"; + my $cmd = "/bin/mkdir -p $::INSTALLDIR/postscripts/ca"; my $outref = xCAT::Utils->runcmd("$cmd", 0); if ($::RUNCMD_RC != 0) { xCAT::MsgUtils->message('E', - "Could not create $::INSTALLDIR/postscripts/ca/certs directory."); + "Could not create $::INSTALLDIR/postscripts/ca directory."); } else { - xCAT::MsgUtils->message('I', - "Created $::INSTALLDIR/postscripts/ca/certs directory."); + verbose("Created $::INSTALLDIR/postscripts/ca directory."); } - my $cmd = "/bin/cp -r /etc/xcat/ca/* $::INSTALLDIR/postscripts/ca"; + my $cmd = "/bin/cp -p /etc/xcat/ca/ca-cert.pem $::INSTALLDIR/postscripts/ca/ca-cert.pem"; my $outref = xCAT::Utils->runcmd("$cmd", 0); if ($::RUNCMD_RC != 0) { xCAT::MsgUtils->message( 'E', - "Could not copy /etc/xcat/ca/* to $::INSTALLDIR/postscripts/ca directory." + "$cmd failed" ); } else { xCAT::MsgUtils->message('I', - "Copied /etc/xcat/ca/* to $::INSTALLDIR/postscripts/ca directory."); + "$cmd succeeded."); } if ((!-d "/etc/xcat/cert") || $::FORCE || $::genCredentials) @@ -1323,34 +1322,9 @@ sub genCredentials } } - # copy to postscript directory + # copy to postscript directory, no longer use cert directory my $cmd = "/bin/rm -rf $::INSTALLDIR/postscripts/cert >/dev/null 2>&1"; my $outref = xCAT::Utils->runcmd("$cmd", 0); - my $cmd = "/bin/mkdir -p $::INSTALLDIR/postscripts/cert"; - my $outref = xCAT::Utils->runcmd("$cmd", 0); - if ($::RUNCMD_RC != 0) - { - xCAT::MsgUtils->message('E', - "Could not create $::INSTALLDIR/postscripts/cert directory."); - } - else - { - verbose("Created $::INSTALLDIR/postscripts/cert directory."); - } - my $cmd = "/bin/cp -r /etc/xcat/cert/* $::INSTALLDIR/postscripts/cert"; - my $outref = xCAT::Utils->runcmd("$cmd", 0); - if ($::RUNCMD_RC != 0) - { - xCAT::MsgUtils->message( - 'E', - "Could not copy /etc/xcat/cert/* to $::INSTALLDIR/postscripts/cert directory." - ); - } - else - { - xCAT::MsgUtils->message('I', - "Copied /etc/xcat/cert/* to $::INSTALLDIR/postscripts/cert directory."); - } if ((!-r "$::root/.xcat/client-key.pem") || $::FORCE || $::genCredentials) { @@ -1384,35 +1358,19 @@ sub genCredentials { verbose("Created $::INSTALLDIR/postscripts/_xcat directory."); } - my $cmd = "/bin/cp -r $::root/.xcat/* $::INSTALLDIR/postscripts/_xcat"; + my $cmd = "/bin/cp -p $::root/.xcat/ca.pem $::INSTALLDIR/postscripts/_xcat/ca.pem"; my $outref = xCAT::Utils->runcmd("$cmd", 0); if ($::RUNCMD_RC != 0) { xCAT::MsgUtils->message( 'E', - "Could not copy $::root/.xcat/* to $::INSTALLDIR/postscripts/_xcat directory." + "Could not copy $::root/.xcat/ca.pem to $::INSTALLDIR/postscripts/_xcat directory." ); } else { xCAT::MsgUtils->message('I', - "Copied $::root/.xcat/* to $::INSTALLDIR/postscripts/_xcat directory."); - } - my $cmd = "/bin/cp -r /etc/xcat/ca/certs/* $::INSTALLDIR/postscripts/ca/certs"; - my $outref = xCAT::Utils->runcmd("$cmd", 0); - if ($::RUNCMD_RC != 0) - { - xCAT::MsgUtils->message( - 'E', - "Could not copy /etc/xcat/ca/certs/* to $::INSTALLDIR/postscripts/ca/certs directory." - ); - } - else - { - xCAT::MsgUtils->message( - 'I', - "Copied /etc/xcat/ca/certs* to $::INSTALLDIR/postscripts/ca/certs directory." - ); + "Copied $::root/.xcat/ca.pem to $::INSTALLDIR/postscripts/_xcat directory."); } }