xCAT/confluent
2
0
Fork 0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-25 19:10:10 +00:00
Code Issues Projects Releases Wiki Activity

Fix permissions of SSH CA key

Browse Source 
It was creating CA as root, which
blocked confluent functionality.
This commit is contained in:
Jarrod Johnson 2020-05-27 08:58:10 -04:00
parent 987ac22b4e
commit 4480d0418e
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
confluent_server/confluent/sshutil.py
View File

@ -28,7 +28,9 @@ def initialize_ca():
os.seteuid(ouid)
myname = collective.get_myname()
caname = '{0} SSH CA'.format(myname)
subprocess.check_call(['ssh-keygen', '-C', caname, '-t', 'ed25519', '-f', '/etc/confluent/ssh/ca', '-N', ''])
subprocess.check_call(
['ssh-keygen', '-C', caname, '-t', 'ed25519', '-f',
'/etc/confluent/ssh/ca', '-N', ''], preexec_fn=normalize_uid)
try:
os.makedirs('/var/lib/confluent/public/site/ssh/', mode=0o755)
except OSError as e: