mirror of
https://github.com/xcat2/confluent.git
synced 2024-11-25 19:10:10 +00:00
Set certificate ownership properly
When creating certificate for collective, ensure that the certificate is usable by confluent when running as non-root.
This commit is contained in:
parent
a413f321fe
commit
9ee29aabe1
@ -40,6 +40,12 @@ def make_certificate():
|
||||
'/etc/confluent/srvcert.pem -subj /CN='
|
||||
'{0}'.format(socket.gethostname()).split(' ')):
|
||||
raise Exception('Error generating certificate')
|
||||
try:
|
||||
uid = pwd.getpwnam('confluent').pw_uid
|
||||
os.chown('/etc/confluent/privkey.pem', uid, -1)
|
||||
os.chown('/etc/confluent/srvcert.pem', uid, -1)
|
||||
except KeyError:
|
||||
pass
|
||||
print('Certificate generated successfully')
|
||||
os.umask(umask)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user