lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2024-09-28 21:11:42 +00:00
Code Issues Activity

cli: spawn: Return error code when spawn fails

Browse Source
This commit is contained in:
Priit Laes 2015-08-27 11:52:40 +00:00
parent 8b35102974
commit 49a79c9180
1 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
certidude/cli.py
View File

@ -74,6 +74,11 @@ def certidude_spawn(kill, no_interaction):
""" """
Spawn processes for signers Spawn processes for signers
""" """
# Check whether we have privileges
os.umask(0o027)
uid = os.getuid()
if uid != 0:
raise click.ClickException("Not running as root")
# Process directories # Process directories
run_dir = "/run/certidude" run_dir = "/run/certidude"
@ -85,10 +90,6 @@ def certidude_spawn(kill, no_interaction):
click.echo("Creating: %s" % signer_dir) click.echo("Creating: %s" % signer_dir)
os.makedirs(signer_dir) os.makedirs(signer_dir)
os.umask(0o027)
uid = os.getuid()
assert uid == 0, "Not running as root"
# Preload charmap encoding for byte_string() function of pyOpenSSL # Preload charmap encoding for byte_string() function of pyOpenSSL
# in order to enable chrooting # in order to enable chrooting
"".encode("charmap") "".encode("charmap")
@ -100,6 +101,7 @@ def certidude_spawn(kill, no_interaction):
# TODO: use os.mknod instead # TODO: use os.mknod instead
os.system("mknod -m 444 %s c 1 9" % os.path.join(chroot_dir, "dev", "urandom")) os.system("mknod -m 444 %s c 1 9" % os.path.join(chroot_dir, "dev", "urandom"))
ca_loaded = False
for ca in config.all_authorities(): for ca in config.all_authorities():
socket_path = os.path.join(signer_dir, ca.slug + ".sock") socket_path = os.path.join(signer_dir, ca.slug + ".sock")
pidfile_path = os.path.join(signer_dir, ca.slug + ".pid") pidfile_path = os.path.join(signer_dir, ca.slug + ".pid")
@ -141,6 +143,10 @@ def certidude_spawn(kill, no_interaction):
asyncore.loop() asyncore.loop()
else: else:
click.echo("Spawned certidude signer process with PID %d at %s" % (child_pid, socket_path)) click.echo("Spawned certidude signer process with PID %d at %s" % (child_pid, socket_path))
ca_loaded = True
if not ca_loaded:
raise click.ClickException("No CA sections defined in configuration: {}".format(config.path))
@click.command("client", help="Setup X.509 certificates for application") @click.command("client", help="Setup X.509 certificates for application")