mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
cli: spawn: Return error code when spawn fails
This commit is contained in:
parent
8b35102974
commit
49a79c9180
@ -74,6 +74,11 @@ def certidude_spawn(kill, no_interaction):
|
|||||||
"""
|
"""
|
||||||
Spawn processes for signers
|
Spawn processes for signers
|
||||||
"""
|
"""
|
||||||
|
# Check whether we have privileges
|
||||||
|
os.umask(0o027)
|
||||||
|
uid = os.getuid()
|
||||||
|
if uid != 0:
|
||||||
|
raise click.ClickException("Not running as root")
|
||||||
|
|
||||||
# Process directories
|
# Process directories
|
||||||
run_dir = "/run/certidude"
|
run_dir = "/run/certidude"
|
||||||
@ -85,10 +90,6 @@ def certidude_spawn(kill, no_interaction):
|
|||||||
click.echo("Creating: %s" % signer_dir)
|
click.echo("Creating: %s" % signer_dir)
|
||||||
os.makedirs(signer_dir)
|
os.makedirs(signer_dir)
|
||||||
|
|
||||||
os.umask(0o027)
|
|
||||||
uid = os.getuid()
|
|
||||||
assert uid == 0, "Not running as root"
|
|
||||||
|
|
||||||
# Preload charmap encoding for byte_string() function of pyOpenSSL
|
# Preload charmap encoding for byte_string() function of pyOpenSSL
|
||||||
# in order to enable chrooting
|
# in order to enable chrooting
|
||||||
"".encode("charmap")
|
"".encode("charmap")
|
||||||
@ -100,6 +101,7 @@ def certidude_spawn(kill, no_interaction):
|
|||||||
# TODO: use os.mknod instead
|
# TODO: use os.mknod instead
|
||||||
os.system("mknod -m 444 %s c 1 9" % os.path.join(chroot_dir, "dev", "urandom"))
|
os.system("mknod -m 444 %s c 1 9" % os.path.join(chroot_dir, "dev", "urandom"))
|
||||||
|
|
||||||
|
ca_loaded = False
|
||||||
for ca in config.all_authorities():
|
for ca in config.all_authorities():
|
||||||
socket_path = os.path.join(signer_dir, ca.slug + ".sock")
|
socket_path = os.path.join(signer_dir, ca.slug + ".sock")
|
||||||
pidfile_path = os.path.join(signer_dir, ca.slug + ".pid")
|
pidfile_path = os.path.join(signer_dir, ca.slug + ".pid")
|
||||||
@ -141,6 +143,10 @@ def certidude_spawn(kill, no_interaction):
|
|||||||
asyncore.loop()
|
asyncore.loop()
|
||||||
else:
|
else:
|
||||||
click.echo("Spawned certidude signer process with PID %d at %s" % (child_pid, socket_path))
|
click.echo("Spawned certidude signer process with PID %d at %s" % (child_pid, socket_path))
|
||||||
|
ca_loaded = True
|
||||||
|
|
||||||
|
if not ca_loaded:
|
||||||
|
raise click.ClickException("No CA sections defined in configuration: {}".format(config.path))
|
||||||
|
|
||||||
|
|
||||||
@click.command("client", help="Setup X.509 certificates for application")
|
@click.command("client", help="Setup X.509 certificates for application")
|
||||||
|
Loading…
Reference in New Issue
Block a user