示例#1
0
def app():
    st.markdown("""
        # Create Strategy

        Here you can create your strategy!

        You will need to create a function called `strategy` that takes in a
        dictionary named `bot_positions` (e.g. `{"Bot1": 1, "Bot2": 3}`) as argument
        and should return either *"walk"* or *"sabotage"*.

        See the ***Example page*** for examples.

        You can either:
        """)

    with st.beta_expander("Write Code Directly"):
        bot_name = st.text_input(label="Bot Name")
        strategy_code = st.text_area(
            label="Strategy Code: ",
            value=inspect.cleandoc("""
        import random
            
        def strategy(bot_positions):
            return random.choice(["walk", "sabotage"])
        """),
            height=320,
        )
        if st.button("Submit"):
            if bot_name:
                fp = util.save_code_to_file(code=strategy_code,
                                            filename=bot_name)
                util.validate_file(fp)
                st.success("File uploaded and validated successfully, "
                           "go to `Race Page` to run the Game")
            else:
                st.error("Please provide a name for the Bot")

    with st.beta_expander("Upload a file"):
        file_buffer = st.file_uploader(
            "Upload a strategy file (.py)",
            help="The filename will be used to name the Bot",
        )
        if file_buffer:
            fp = util.save_file(filename=file_buffer.name,
                                filebytes=file_buffer.getvalue())
            util.validate_file(fp)
            st.success("File uploaded and validated successfully, "
                       "go to `Race Page` to run the Game")

    st.markdown(f"## Current Competitors:")
    competitors = util.build_all_bots()
    if competitors:
        st.markdown("\n".join([f"\t- {c}" for c in competitors]))
    else:
        st.markdown("no competitors saved yet")

    if st.button("Add example bots"):
        util.add_example_bots()
        st.experimental_rerun()
示例#2
0
文件: menu.py 项目: cclauss/Task-List
 def delete_file(self, sender):
 	"""Delete a task file."""
     task_file = self.delete_dialog['textfield1'].text
     if not task_file == '':
     	task_file = util.validate_file(task_file)
     if task_file:
     	self.delete_dialog.close()
     	util.delete(task_file)
     else:
     	self.display_message(self.delete_dialog['textfield1'].text + ' is not a valid file!')
     	self.delete_dialog['textfield1'].text = ''
示例#3
0
    def delete_file(self, sender):
        """Delete a task file."""

        task_file = self.delete_dialog["txt_filename"].text
        if not task_file == "":
            task_file = util.validate_file(task_file)
        if task_file:
            self.delete_dialog.close()
            util.delete(task_file)
        else:
            self.display_message(self.delete_dialog["txt_filename"].text + " is not a valid file!")
            self.delete_dialog["txt_filename"].text = ""
示例#4
0
    def delete_file(self, sender):
        """Delete a task file."""

        task_file = self.delete_dialog['txt_filename'].text
        if not task_file == '':
            task_file = util.validate_file(task_file)
        if task_file:
            self.delete_dialog.close()
            util.delete(task_file)
        else:
            self.display_message(self.delete_dialog['txt_filename'].text + ' is not a valid file!')
            self.delete_dialog['txt_filename'].text = ''
示例#5
0
文件: menu.py 项目: cclauss/Task-List
    def load_tasks(self, sender):
        """Retrieve the contents of the task file."""

        task_file = self.load_dialog['textfield1'].text
        if not task_file == '':
        	task_file = util.validate_file(task_file)
        if task_file:
        	self.load_dialog.close()
	        self.tasklist.tasks = util.load(task_file)
	        self.current_task_file = task_file
	        Task.last_id = len(self.tasklist.tasks)
	        self.show_tasks(None)
        else:
        	self.display_message(self.load_dialog['textfield1'].text + ' is not a valid file')
        	self.load_dialog['textfield1'].text = ''
示例#6
0
    def load_tasks(self, sender):
        """Retrieve the contents of the task file."""

        task_file = self.load_dialog["txt_load"].text
        if task_file:
            task_file = util.validate_file(task_file)
            if task_file:
                self.load_dialog.close()
                self.tasklist.tasks = util.load(task_file)
                self.current_task_file = task_file
                tasklist.Task.last_id = len(self.tasklist.tasks)
                self.show_tasks(None)
            else:
                self.display_message(self.load_dialog["txt_load"].text + " is not a valid file")
                self.load_dialog["txt_load"].text = ""
示例#7
0
    def load_tasks(self, sender):
        """Retrieve the contents of the task file."""

        task_file = self.load_dialog['txt_load'].text
        if task_file:
            task_file = util.validate_file(task_file)
            if task_file:
                self.load_dialog.close()
                self.tasklist.tasks = util.load(task_file)
                self.current_task_file = task_file
                tasklist.Task.last_id = len(self.tasklist.tasks)
                self.show_tasks(None)
            else:
                self.display_message(self.load_dialog['txt_load'].text + ' is not a valid file')
                self.load_dialog['txt_load'].text = ''
示例#8
0
def execute(args):
    """Perform verification and actions from cmdline"""
    try:
        head, absfile = util.validate_file(args.source, 'foidl')
        # Construct output file
        outhandler = None
        if not args.output:
            args.output = 'stdout'
            outhandler = sys.stdout
        else:
            outsplit = args.output.split('.')
            if len(outsplit) == 1:
                args.output = outsplit[0] + _tail_map[args.action]
            else:
                pass
            outhandler = open(args.output, "wt+")

        args.inc_paths.append(head)
        lvl = ParseLevel.LITE if args.action == 'hdr' else ParseLevel.FULL
        hdronly = True if args.action == 'hdr' else False
        state = preprocess_runtime(
            State(literal_dict(), SymbolTree(absfile),
                  util.absolutes_path_for(args.inc_paths), hdronly), args)

        state.mainsrc = absfile
        handler = Handler.handler_for(
            args.action,
            Bundle(util.absolutes_path_for(args.inc_paths), absfile,
                   util.parse_file(absfile, state, lvl), state, outhandler,
                   args.output, args.rt))

        handler.validate()
        handler.emit()
    except (errors.PFoidlError, IOError) as err:
        LOGGER.error("{}: {}".format(type(err).__name__, err))
        return
示例#9
0
def main():
    # http://docs.python.org/2/library/argparse.html
    global logger
    parser = argparse.ArgumentParser(description='Create a server certificate using the cacerts db.')
    parser.add_argument('--loglevel', help='Specify the default logging level (optional).', choices=['debug', 'info', 'warning', 'error', 'DEBUG', 'INFO', 'WARNING', 'ERROR'], default='info')
    parser.add_argument('--logfile', help='Specify logfile name.', default='/tmp/create_servercert.log')
    parser.add_argument('--cacerts_dir', help='alternate cacerts config dir.', default='../cacerts')
    parser.add_argument('--domain', help='The domain name.', default='forj.io')
    parser.add_argument('--site', help='The name of the site.', default='')
    parser.add_argument('--password', help='Specify a password (optional).', default='changeme')
    parser.add_argument('--subject', help='Specify the certificate subject info.', default='/C=US/ST=California/L=Roseville/O=HP/OU=PDE')
    parser.add_argument('--altnames', help='Specify alternative names like "/CN=server1/CN=server2"', default='')
    args = parser.parse_args()

    util.setup_logging(args.logfile, args.loglevel)
    util.banner_start()
    util.logger.debug("parsed arguments")
    util.logger.info("got folder " + args.cacerts_dir)
    cacerts_dir = os.path.abspath(args.cacerts_dir)

    util.validate_directory(cacerts_dir)
    cainter_dir = os.path.abspath(os.path.join(cacerts_dir, "ca2013"))
    util.validate_directory(cainter_dir)
    cakey_pem = os.path.abspath(os.path.join(cacerts_dir, "private/cakey.pem"))
    util.validate_file(cakey_pem)

    if not args.site:
        util.logger.error("found cakey_pem")
        sys.exit(1)

    source_dir = cainter_dir
    destin_dir = os.path.join(cainter_dir, 'certs')

    # http://docs.python.org/2/library/subprocess.html#replacing-older-functions-with-the-subprocess-module
    util.openssl_cmd("test", args.site, cainter_dir, 'version')

    # pushd /cacerts/ca2013
    #
    # [ -f ~/.rnd ] && sudo rm -f ~/.rnd
    # openssl genrsa -passout pass:xxxxxxxx -des3 -out $_SITE.key 2048 -config ./openssl.cnf
    # openssl req -passin pass:xxxxxxxx -new -key $_SITE.key -out $_SITE.csr -subj "/C=US/ST=California/L=Roseville/O=HP/OU=PDE/CN=$_SITE.forj.io" -config ./openssl.cnf
    # openssl ca -passin pass:xxxxxxxx -batch -config openssl.cnf -policy policy_anything -out $_SITE.crt -infiles $_SITE.csr
    subject = args.subject + "/CN=" + args.site + "." + args.domain + args.altnames
    util.openssl_cmd("genrsa", args.site + '.' + args.domain, cainter_dir, "-passout pass:"******" -des3 2048 -config ./openssl.cnf")
    util.openssl_cmd("req", args.site + '.' + args.domain, cainter_dir, "-passin pass:"******" -new -subj " + subject + " -config ./openssl.cnf")
    # -keyfile and -cert makes the linkage to intermediate certificate
    util.openssl_cmd("ca", args.site + '.' + args.domain, cainter_dir, "-passin pass:"******" -batch -config ./openssl.cnf -policy policy_anything -keyfile ./private/cakey.pem -cert ./cacert.pem")

    # cd cainter_dir
    # mv $_SITE.key $_SITE.csr $_SITE.crt certs
    extensions = ['.key', '.csr', '.crt']

    for ext in extensions:
        util.logger.debug("relocating " + args.site + ext)
        os.rename(os.path.join(source_dir, args.site + '.' + args.domain + ext),
                  os.path.join(destin_dir, args.site + '.' + args.domain + ext))

    # this is an ssl cert, remove the ssl password on the key....
    #  openssl rsa -passin pass:xxxxxxxx -in $_SITE.key -out $_FQDN.key
    key_in = os.path.join(destin_dir, args.site + '.' + args.domain + '.key')
    key_out = os.path.join(destin_dir, args.site + '.' + args.domain + '.key2')
    util.openssl_cmd("rsa", args.site, cainter_dir, "-passin pass:"******" -in " + key_in + " -out " + key_out)
    util.logger.debug("unlink : " + key_in)
    os.unlink(key_in)
    util.logger.debug("rename : " + key_out + " -> " + key_in)
    os.rename(key_out, key_in)
示例#10
0
def main():
    # http://docs.python.org/2/library/argparse.html
    global logger
    parser = argparse.ArgumentParser(description='Create a server certificate using the cacerts db.')
    parser.add_argument('--loglevel', help='Specify the default logging level (optional).', choices=['debug', 'info', 'warning', 'error', 'DEBUG', 'INFO', 'WARNING', 'ERROR'], default='info')
    parser.add_argument('--logfile', help='Specify logfile name.', default='/tmp/create_servercert.log')
    parser.add_argument('--cacerts_dir', help='alternate cacerts config dir.', default='../cacerts')
    parser.add_argument('--domain', help='The domain name.', default='forj.io')
    parser.add_argument('--site', help='The name of the site.', default='')
    parser.add_argument('--password', help='Specify a password (optional).', default='changeme')
    parser.add_argument('--subject', help='Specify the certificate subject info.', default='/C=US/ST=California/L=Roseville/O=HP/OU=PDE')
    parser.add_argument('--altnames', help='Specify alternative names like "/CN=server1/CN=server2"', default='')
    args = parser.parse_args()

    util.setup_logging(args.logfile, args.loglevel)
    cacerts_dir = os.path.abspath(args.cacerts_dir)
    ca2013_dir = os.path.abspath(os.path.join(cacerts_dir, "ca2013"))
    site_name = args.site + "." + args.domain
    subject = args.subject + "/CN="+site_name

    util.validate_directory(cacerts_dir)
    util.validate_directory(ca2013_dir)
    util.validate_directory(ca2013_dir+"/private")
    util.validate_directory(ca2013_dir+"/certs")
    util.validate_directory(ca2013_dir+"/crl")
    util.validate_directory(ca2013_dir+"/newcerts")

    util.validate_file(cacerts_dir+"/openssl.cnf")
    util.validate_file(cacerts_dir+"/serial")
    util.validate_file(ca2013_dir+"/serial")

    # Creating root cert
    # Running at cacerts_dir
    copyfile("/dev/null", cacerts_dir+"/index.txt")
    print "(1)"
    util.openssl_cmd("genrsa -passout pass:"******" -des3 -out private/cakey.key 4096", "", cacerts_dir, "")
    copyfile(cacerts_dir+"/private/cakey.key", cacerts_dir+"/private/cakey.pem")
    print "(2)"
    util.openssl_cmd("req -passin pass:"******" -subj " + subject + " -new -x509 -nodes -sha1 -days 1825 -key private/cakey.key -out cacert.pem -config ./openssl.cnf", "", cacerts_dir, "")

    # Creating intermediate cert
    # Running at cacerts_dir/ca2013
    copyfile("/dev/null", ca2013_dir+"/index.txt")
    copyfile(cacerts_dir+"/openssl.cnf", ca2013_dir+"/openssl.cnf")
    print "(3)"
    util.openssl_cmd("genrsa -passout pass:"******" -des3 -out private/cakey.pem 4096", "", ca2013_dir, "")
    print "(4)"
    util.openssl_cmd("req -passin pass:"******" -subj " + subject + " -new -sha1 -key private/cakey.pem -out ca2013.csr -config ./openssl.cnf", "", ca2013_dir, "")
    print "(5)"
    util.openssl_cmd("ca -batch -extensions v3_ca -days 365 -out cacert.pem -in ca2013.csr -config openssl.cnf -key "+args.password+" -keyfile ../private/cakey.key -cert ../cacert.pem", "", ca2013_dir, "")
    copyfile(ca2013_dir+"/cacert.pem", ca2013_dir+"/chain.crt")
    file2 = open(cacerts_dir+"/cacert.pem", "rb")
    with open(ca2013_dir+"/chain.crt", "a") as myfile:
        myfile.write(file2.read())

    # Root and Intermediate certificates
    copyfile(cacerts_dir+"/cacert.pem", cacerts_dir+"/root.cer")
    copyfile(ca2013_dir+"/cacert.pem", cacerts_dir+"/intermediate.cer")

    # Permissions
    os.chmod(cacerts_dir+"/cacert.pem", 0755)
    os.chmod(cacerts_dir+"/intermediate.cer", 0755)
    os.chmod(cacerts_dir+"/root.cer", 0755)
    os.chmod(cacerts_dir+"/private/cakey.pem", 0400)
    os.chmod(cacerts_dir+"/ca2013/private/cakey.pem", 0755)
    os.chmod(cacerts_dir+"/private/cakey.key", 0755)
    os.chmod(cacerts_dir+"/ca2013/ca2013.csr", 0755)
    os.chmod(cacerts_dir+"/ca2013/cacert.pem", 0755)
    os.chmod(cacerts_dir+"/ca2013/chain.crt", 0755)
    os.chmod(cacerts_dir+"/index.txt", 0765)
    os.chmod(cacerts_dir+"/ca2013/index.txt", 0765)

    # TODO: create a recursive chown def
    uid = getpwnam('puppet').pw_uid
    gid = getpwnam('puppet').pw_gid
    os.chown(cacerts_dir+"/cacert.pem", uid, gid)
    os.chown(cacerts_dir+"/intermediate.cer", uid, gid)
    os.chown(cacerts_dir+"/root.cer", uid, gid)
    os.chown(cacerts_dir+"/private/cakey.pem", uid, gid)
    os.chown(cacerts_dir+"/ca2013/private/cakey.pem", uid, gid)
    os.chown(cacerts_dir+"/private/cakey.key", uid, gid)
    os.chown(cacerts_dir+"/ca2013/ca2013.csr", uid, gid)
    os.chown(cacerts_dir+"/ca2013/cacert.pem", uid, gid)
    os.chown(cacerts_dir+"/ca2013/chain.crt", uid, gid)
    os.chown(cacerts_dir+"/index.txt", uid, gid)
    os.chown(cacerts_dir+"/ca2013/index.txt", uid, gid)
示例#11
0
def main():
    # http://docs.python.org/2/library/argparse.html
    global logger
    parser = argparse.ArgumentParser(
        description='Create a server certificate using the cacerts db.')
    parser.add_argument('--loglevel',
                        help='Specify the default logging level (optional).',
                        choices=[
                            'debug', 'info', 'warning', 'error', 'DEBUG',
                            'INFO', 'WARNING', 'ERROR'
                        ],
                        default='info')
    parser.add_argument('--logfile',
                        help='Specify logfile name.',
                        default='/tmp/create_servercert.log')
    parser.add_argument('--cacerts_dir',
                        help='alternate cacerts config dir.',
                        default='../cacerts')
    parser.add_argument('--domain', help='The domain name.', default='forj.io')
    parser.add_argument('--site', help='The name of the site.', default='')
    parser.add_argument('--password',
                        help='Specify a password (optional).',
                        default='changeme')
    parser.add_argument('--subject',
                        help='Specify the certificate subject info.',
                        default='/C=US/ST=California/L=Roseville/O=HP/OU=PDE')
    parser.add_argument(
        '--altnames',
        help='Specify alternative names like "/CN=server1/CN=server2"',
        default='')
    args = parser.parse_args()

    util.setup_logging(args.logfile, args.loglevel)
    util.banner_start()
    util.logger.debug("parsed arguments")
    util.logger.info("got folder " + args.cacerts_dir)
    cacerts_dir = os.path.abspath(args.cacerts_dir)

    util.validate_directory(cacerts_dir)
    cainter_dir = os.path.abspath(os.path.join(cacerts_dir, "ca2013"))
    util.validate_directory(cainter_dir)
    cakey_pem = os.path.abspath(os.path.join(cacerts_dir, "private/cakey.pem"))
    util.validate_file(cakey_pem)

    if not args.site:
        util.logger.error("found cakey_pem")
        sys.exit(1)

    source_dir = cainter_dir
    destin_dir = os.path.join(cainter_dir, 'certs')

    # http://docs.python.org/2/library/subprocess.html#replacing-older-functions-with-the-subprocess-module
    util.openssl_cmd("test", args.site, cainter_dir, 'version')

    # pushd /cacerts/ca2013
    #
    # [ -f ~/.rnd ] && sudo rm -f ~/.rnd
    # openssl genrsa -passout pass:xxxxxxxx -des3 -out $_SITE.key 2048 -config ./openssl.cnf
    # openssl req -passin pass:xxxxxxxx -new -key $_SITE.key -out $_SITE.csr -subj "/C=US/ST=California/L=Roseville/O=HP/OU=PDE/CN=$_SITE.forj.io" -config ./openssl.cnf
    # openssl ca -passin pass:xxxxxxxx -batch -config openssl.cnf -policy policy_anything -out $_SITE.crt -infiles $_SITE.csr
    subject = args.subject + "/CN=" + args.site + "." + args.domain + args.altnames
    util.openssl_cmd(
        "genrsa", args.site + '.' + args.domain, cainter_dir,
        "-passout pass:"******" -des3 2048 -config ./openssl.cnf")
    util.openssl_cmd(
        "req", args.site + '.' + args.domain, cainter_dir, "-passin pass:"******" -new -subj " + subject + " -config ./openssl.cnf")
    # -keyfile and -cert makes the linkage to intermediate certificate
    util.openssl_cmd(
        "ca", args.site + '.' + args.domain, cainter_dir,
        "-passin pass:"******" -batch -config ./openssl.cnf -policy policy_anything -keyfile ./private/cakey.pem -cert ./cacert.pem"
    )

    # cd cainter_dir
    # mv $_SITE.key $_SITE.csr $_SITE.crt certs
    extensions = ['.key', '.csr', '.crt']

    for ext in extensions:
        util.logger.debug("relocating " + args.site + ext)
        os.rename(
            os.path.join(source_dir, args.site + '.' + args.domain + ext),
            os.path.join(destin_dir, args.site + '.' + args.domain + ext))

    # this is an ssl cert, remove the ssl password on the key....
    #  openssl rsa -passin pass:xxxxxxxx -in $_SITE.key -out $_FQDN.key
    key_in = os.path.join(destin_dir, args.site + '.' + args.domain + '.key')
    key_out = os.path.join(destin_dir, args.site + '.' + args.domain + '.key2')
    util.openssl_cmd(
        "rsa", args.site, cainter_dir, "-passin pass:"******" -in " + key_in + " -out " + key_out)
    util.logger.debug("unlink : " + key_in)
    os.unlink(key_in)
    util.logger.debug("rename : " + key_out + " -> " + key_in)
    os.rename(key_out, key_in)
示例#12
0
def main():
    # http://docs.python.org/2/library/argparse.html
    global logger
    parser = argparse.ArgumentParser(description='Create a server certificate using the cacerts db.')
    parser.add_argument('--loglevel', help='Specify the default logging level (optional).', choices=['debug', 'info', 'warning', 'error', 'DEBUG', 'INFO', 'WARNING', 'ERROR'], default='info')
    parser.add_argument('--logfile', help='Specify logfile name.', default='/tmp/create_servercert.log')
    parser.add_argument('--cacerts_dir', help='alternate cacerts config dir.', default='../cacerts')
    parser.add_argument('--domain', help='The domain name.', default='forj.io')
    parser.add_argument('--site', help='The name of the site.', default='')
    parser.add_argument('--password', help='Specify a password (optional).', default='changeme')
    parser.add_argument('--subject', help='Specify the certificate subject info.', default='/C=US/ST=California/L=Roseville/O=HP/OU=PDE')
    parser.add_argument('--altnames', help='Specify alternative names like "/CN=server1/CN=server2"', default='')
    args = parser.parse_args()

    util.setup_logging(args.logfile, args.loglevel)
    cacerts_dir = os.path.abspath(args.cacerts_dir)
    ca2013_dir = os.path.abspath(os.path.join(cacerts_dir, "ca2013"))
    site_name = args.site + "." + args.domain
    subject = args.subject + "/CN=" + site_name

    util.validate_directory(cacerts_dir)
    util.validate_directory(ca2013_dir)
    util.validate_directory(ca2013_dir + "/private")
    util.validate_directory(ca2013_dir + "/certs")
    util.validate_directory(ca2013_dir + "/crl")
    util.validate_directory(ca2013_dir + "/newcerts")

    util.validate_file(cacerts_dir + "/openssl.cnf")
    util.validate_file(cacerts_dir + "/serial")
    util.validate_file(ca2013_dir + "/serial")

    # Creating root cert
    # Running at cacerts_dir
    copyfile("/dev/null", cacerts_dir + "/index.txt")
    print "(1)"
    util.openssl_cmd("genrsa -passout pass:"******" -des3 -out private/cakey.key 4096", "", cacerts_dir, "")
    copyfile(cacerts_dir + "/private/cakey.key", cacerts_dir + "/private/cakey.pem")
    print "(2)"
    util.openssl_cmd("req -passin pass:"******" -subj " + subject + " -new -x509 -nodes -sha1 -days 1825 -key private/cakey.key -out cacert.pem -config ./openssl.cnf", "", cacerts_dir, "")

    # Creating intermediate cert
    # Running at cacerts_dir/ca2013
    copyfile("/dev/null", ca2013_dir + "/index.txt")
    copyfile(cacerts_dir + "/openssl.cnf", ca2013_dir + "/openssl.cnf")
    print "(3)"
    util.openssl_cmd("genrsa -passout pass:"******" -des3 -out private/cakey.pem 4096", "", ca2013_dir, "")
    print "(4)"
    util.openssl_cmd("req -passin pass:"******" -subj " + subject + " -new -sha1 -key private/cakey.pem -out ca2013.csr -config ./openssl.cnf", "", ca2013_dir, "")
    print "(5)"
    util.openssl_cmd("ca -batch -extensions v3_ca -days 365 -out cacert.pem -in ca2013.csr -config openssl.cnf -key " + args.password + " -keyfile ../private/cakey.key -cert ../cacert.pem", "", ca2013_dir, "")
    copyfile(ca2013_dir + "/cacert.pem", ca2013_dir + "/chain.crt")
    file2 = open(cacerts_dir + "/cacert.pem", "rb")
    with open(ca2013_dir + "/chain.crt", "a") as myfile:
        myfile.write(file2.read())

    # Root and Intermediate certificates
    copyfile(cacerts_dir + "/cacert.pem", cacerts_dir + "/root.cer")
    copyfile(ca2013_dir + "/cacert.pem", cacerts_dir + "/intermediate.cer")

    # Permissions
    os.chmod(cacerts_dir + "/cacert.pem", 0755)
    os.chmod(cacerts_dir + "/intermediate.cer", 0755)
    os.chmod(cacerts_dir + "/root.cer", 0755)
    os.chmod(cacerts_dir + "/private/cakey.pem", 0400)
    os.chmod(cacerts_dir + "/ca2013/private/cakey.pem", 0755)
    os.chmod(cacerts_dir + "/private/cakey.key", 0755)
    os.chmod(cacerts_dir + "/ca2013/ca2013.csr", 0755)
    os.chmod(cacerts_dir + "/ca2013/cacert.pem", 0755)
    os.chmod(cacerts_dir + "/ca2013/chain.crt", 0755)
    os.chmod(cacerts_dir + "/index.txt", 0765)
    os.chmod(cacerts_dir + "/ca2013/index.txt", 0765)

    # TODO: create a recursive chown def
    uid = getpwnam('puppet').pw_uid
    gid = getpwnam('puppet').pw_gid
    os.chown(cacerts_dir + "/cacert.pem", uid, gid)
    os.chown(cacerts_dir + "/intermediate.cer", uid, gid)
    os.chown(cacerts_dir + "/root.cer", uid, gid)
    os.chown(cacerts_dir + "/private/cakey.pem", uid, gid)
    os.chown(cacerts_dir + "/ca2013/private/cakey.pem", uid, gid)
    os.chown(cacerts_dir + "/private/cakey.key", uid, gid)
    os.chown(cacerts_dir + "/ca2013/ca2013.csr", uid, gid)
    os.chown(cacerts_dir + "/ca2013/cacert.pem", uid, gid)
    os.chown(cacerts_dir + "/ca2013/chain.crt", uid, gid)
    os.chown(cacerts_dir + "/index.txt", uid, gid)
    os.chown(cacerts_dir + "/ca2013/index.txt", uid, gid)