def RemoveEtcHostsEntry(file_name, hostname):
"""Removes a hostname from /etc/hosts.
IP addresses without names are removed from the file.
@type file_name: str
@param file_name: path to the file to modify (usually C{/etc/hosts})
@type hostname: str
@param hostname: the hostname to be removed
"""
out = StringIO()
for line in io.ReadFile(file_name).splitlines(True):
fields = line.split()
if len(fields) > 1 and not fields[0].startswith("#"):
names = fields[1:]
if hostname in names:
while hostname in names:
names.remove(hostname)
if names:
out.write("%s %s\n" % (fields[0], " ".join(names)))
continue
out.write(line)
io.WriteFile(file_name, data=out.getvalue(), uid=0, gid=0, mode=0644,
keep_perms=io.KP_IF_EXISTS)
def GenerateSelfSignedSslCert(filename,
serial_no,
common_name=constants.X509_CERT_CN,
validity=constants.X509_CERT_DEFAULT_VALIDITY,
uid=-1,
gid=-1):
"""Legacy function to generate self-signed X509 certificate.
@type filename: str
@param filename: path to write certificate to
@type common_name: string
@param common_name: commonName value
@type validity: int
@param validity: validity of certificate in number of days
@type uid: int
@param uid: the user ID of the user who will be owner of the certificate file
@type gid: int
@param gid: the group ID of the group who will own the certificate file
@return: a tuple of strings containing the PEM-encoded private key and
certificate
"""
# TODO: Investigate using the cluster name instead of X505_CERT_CN for
# common_name, as cluster-renames are very seldom, and it'd be nice if RAPI
# and node daemon certificates have the proper Subject/Issuer.
(key_pem, cert_pem) = GenerateSelfSignedX509Cert(common_name,
validity * 24 * 60 * 60,
serial_no)
utils_io.WriteFile(filename,
mode=0440,
data=key_pem + cert_pem,
uid=uid,
gid=gid)
return (key_pem, cert_pem)
def SetEtcHostsEntry(file_name, ip, hostname, aliases):
"""Sets the name of an IP address and hostname in /etc/hosts.
@type file_name: str
@param file_name: path to the file to modify (usually C{/etc/hosts})
@type ip: str
@param ip: the IP address
@type hostname: str
@param hostname: the hostname to be added
@type aliases: list
@param aliases: the list of aliases to add for the hostname
"""
# Ensure aliases are unique
names = algo.UniqueSequence([hostname] + aliases)
out = StringIO()
def _write_entry(written):
if not written:
out.write("%s\t%s\n" % (ip, " ".join(names)))
return True
written = False
for line in io.ReadFile(file_name).splitlines(True):
fields = line.split()
if fields and not fields[0].startswith("#") and ip == fields[0]:
written = _write_entry(written)
else:
out.write(line)
_write_entry(written)
io.WriteFile(file_name, data=out.getvalue(), uid=0, gid=0, mode=0644,
keep_perms=io.KP_IF_EXISTS)
def GenerateSignedSslCert(filename_cert, serial_no,
filename_signing_cert,
common_name=constants.X509_CERT_CN,
validity=constants.X509_CERT_DEFAULT_VALIDITY,
uid=-1, gid=-1):
signing_cert_pem = utils_io.ReadFile(filename_signing_cert)
(key_pem, cert_pem) = GenerateSignedX509Cert(
common_name, validity * 24 * 60 * 60, serial_no, signing_cert_pem)
utils_io.WriteFile(filename_cert, mode=0o440, data=key_pem + cert_pem,
uid=uid, gid=gid, backup=True)
return (key_pem, cert_pem)