def pcsd_certkey(argv):
if len(argv) != 2:
usage.pcsd(["certkey"])
exit(1)
certfile = argv[0]
keyfile = argv[1]
try:
with open(certfile, 'r') as myfile:
cert = myfile.read()
with open(keyfile, 'r') as myfile:
key = myfile.read()
except IOError as e:
utils.err(e)
errors = utils.verify_cert_key_pair(cert, key)
if errors:
for err in errors:
utils.err(err, False)
sys.exit(1)
if "--force" not in utils.pcs_options and (
os.path.exists(settings.pcsd_cert_location)
or os.path.exists(settings.pcsd_key_location)):
utils.err(
"certificate and/or key already exists, your must use --force to overwrite"
)
try:
try:
os.chmod(settings.pcsd_cert_location, 0o700)
except OSError: # If the file doesn't exist, we don't care
pass
try:
os.chmod(settings.pcsd_key_location, 0o700)
except OSError: # If the file doesn't exist, we don't care
pass
with os.fdopen(
os.open(settings.pcsd_cert_location,
os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o700),
'w') as myfile:
myfile.write(cert)
with os.fdopen(
os.open(settings.pcsd_key_location,
os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o700),
'w') as myfile:
myfile.write(key)
except IOError as e:
utils.err(e)
print(
"Certificate and key updated, you may need to restart pcsd (service pcsd restart) for new settings to take effect"
)
def pcsd_certkey(argv):
if len(argv) != 2:
usage.pcsd(["certkey"])
exit(1)
certfile = argv[0]
keyfile = argv[1]
try:
with open(certfile, 'r') as myfile:
cert = myfile.read()
with open(keyfile, 'r') as myfile:
key = myfile.read()
except IOError as e:
utils.err(e)
errors = utils.verify_cert_key_pair(cert, key)
if errors:
for err in errors:
utils.err(err, False)
sys.exit(1)
if "--force" not in utils.pcs_options and (os.path.exists(settings.pcsd_cert_location) or os.path.exists(settings.pcsd_key_location)):
utils.err("certificate and/or key already exists, your must use --force to overwrite")
try:
try:
os.chmod(settings.pcsd_cert_location, 0o700)
except OSError: # If the file doesn't exist, we don't care
pass
try:
os.chmod(settings.pcsd_key_location, 0o700)
except OSError: # If the file doesn't exist, we don't care
pass
with os.fdopen(os.open(settings.pcsd_cert_location, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o700), 'w') as myfile:
myfile.write(cert)
with os.fdopen(os.open(settings.pcsd_key_location, os.O_WRONLY | os.O_CREAT | os.O_TRUNC, 0o700), 'w') as myfile:
myfile.write(key)
except IOError as e:
utils.err(e)
print("Certificate and key updated, you may need to restart pcsd (service pcsd restart) for new settings to take effect")
def pcsd_cmd(lib, argv, modifiers):
if len(argv) < 1:
usage.pcsd()
sys.exit(1)
sub_cmd, argv_next = argv[0], argv[1:]
try:
if sub_cmd == "help":
usage.pcsd(argv_next)
elif sub_cmd == "deauth":
pcsd_deauth(lib, argv_next, modifiers)
elif sub_cmd == "certkey":
pcsd_certkey(lib, argv_next, modifiers)
elif sub_cmd == "sync-certificates":
pcsd_sync_certs(lib, argv_next, modifiers)
else:
raise CmdLineInputError()
except LibraryError as e:
utils.process_library_reports(e.args)
except CmdLineInputError as e:
utils.exit_on_cmdline_input_errror(e, "pcsd", sub_cmd)
def pcsd_cmd(argv):
if len(argv) == 0:
usage.pcsd()
sys.exit(1)
sub_cmd = argv.pop(0)
if sub_cmd == "help":
usage.pcsd(argv)
elif sub_cmd == "certkey":
pcsd_certkey(argv)
elif sub_cmd == "sync-certificates":
pcsd_sync_certs(argv)
elif sub_cmd == "clear-auth":
pcsd_clear_auth(argv)
else:
usage.pcsd()
sys.exit(1)
def pcsd_cmd(argv):
if len(argv) == 0:
usage.pcsd()
sys.exit(1)
sub_cmd = argv.pop(0)
if sub_cmd == "help":
usage.pcsd(argv)
elif sub_cmd == "certkey":
pcsd_certkey(argv)
elif sub_cmd == "sync-certificates":
pcsd_sync_certs(argv)
elif sub_cmd == "clear-auth":
pcsd_clear_auth(argv)
else:
usage.pcsd()
sys.exit(1)
from pcs import (
pcsd,
usage,
)
from pcs.cli.common.errors import raise_command_replaced
from pcs.cli.common.routing import create_router
pcsd_cmd = create_router(
{
"help":
lambda lib, argv, modifiers: usage.pcsd(argv),
"accept_token":
pcsd.accept_token_cmd,
"deauth":
pcsd.pcsd_deauth,
"certkey":
pcsd.pcsd_certkey,
"sync-certificates":
pcsd.pcsd_sync_certs,
# removed commands
# These print error messages which point users to the changes section in
# pcs manpage.
# To be removed in the next significant version.
"clear-auth":
lambda lib, argv, modifiers: raise_command_replaced(
"pcs host deauth", "pcs pcsd deauth"),
},
["pcsd"],
)
from pcs import (
pcsd,
usage,
)
from pcs.cli.common.routing import create_router
pcsd_cmd = create_router(
{
"help": lambda lib, argv, modifiers: print(usage.pcsd(argv)),
"accept_token": pcsd.accept_token_cmd,
"deauth": pcsd.pcsd_deauth,
"certkey": pcsd.pcsd_certkey_cmd,
"status": pcsd.pcsd_status_cmd,
"sync-certificates": pcsd.pcsd_sync_certs,
},
["pcsd"],
)