openvoxserver-ca 3.1.1 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/lib/puppetserver/ca/utils/file_system.rb +31 -48
- data/lib/puppetserver/ca/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c1a0e919d1680cad540d1736c820cdaf6cf9cd4b0f18ac3c61939b90bb3fed9f
|
|
4
|
+
data.tar.gz: 789c622f3bbd987a21759dec2d966389dab1062cb3fffee0ba1ae4f54a615fe2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9bc40b69c27b7b36c4f938bdd00e087739a6eb262a4f246eff5c3d305ad1a75aa1960ce9e8576be15090edfd520de776b7635b4c7957d74f44e5623a55785117
|
|
7
|
+
data.tar.gz: a63269d9619d665db71c22f9b8e63f6fbfea8dc970bd2e2f232c551b25ed4a95c9c6369a6e533e379dd5ff49eb3ed453d151e2758d2553b256dc2b7a6bf2fa24
|
data/CHANGELOG.md
CHANGED
|
@@ -2,6 +2,14 @@
|
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
|
|
5
|
+
## [3.2.0](https://github.com/openvoxproject/openvoxserver-ca/tree/3.2.0) (2026-04-23)
|
|
6
|
+
|
|
7
|
+
[Full Changelog](https://github.com/openvoxproject/openvoxserver-ca/compare/3.1.1...3.2.0)
|
|
8
|
+
|
|
9
|
+
**Implemented enhancements:**
|
|
10
|
+
|
|
11
|
+
- fix: skip chown in rootless containers via ensure\_ownership helper [\#33](https://github.com/OpenVoxProject/openvoxserver-ca/pull/33) ([dotconfig404](https://github.com/dotconfig404))
|
|
12
|
+
|
|
5
13
|
## [3.1.1](https://github.com/openvoxproject/openvoxserver-ca/tree/3.1.1) (2026-02-21)
|
|
6
14
|
|
|
7
15
|
[Full Changelog](https://github.com/openvoxproject/openvoxserver-ca/compare/3.1.0...3.1.1)
|
|
@@ -15,17 +15,26 @@ module Puppetserver
|
|
|
15
15
|
:signeddir => 0755
|
|
16
16
|
}
|
|
17
17
|
|
|
18
|
-
def self.
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
18
|
+
def self.write_file(path, one_or_more_objects, mode)
|
|
19
|
+
File.open(path, 'w', mode) do |f|
|
|
20
|
+
Array(one_or_more_objects).each do |object|
|
|
21
|
+
f.puts object.to_s
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
ensure_ownership(path)
|
|
24
25
|
end
|
|
25
26
|
|
|
26
27
|
def self.ensure_dirs(one_or_more_dirs)
|
|
27
28
|
Array(one_or_more_dirs).each do |directory|
|
|
28
|
-
|
|
29
|
+
ensure_dir(directory)
|
|
30
|
+
end
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
# Warning: directory mode should be specified in DIR_MODES above
|
|
34
|
+
def self.ensure_dir(directory)
|
|
35
|
+
if !File.exist?(directory)
|
|
36
|
+
FileUtils.mkdir_p(directory, mode: DIR_MODES[directory])
|
|
37
|
+
ensure_ownership(directory)
|
|
29
38
|
end
|
|
30
39
|
end
|
|
31
40
|
|
|
@@ -53,56 +62,30 @@ module Puppetserver
|
|
|
53
62
|
def self.forcibly_symlink(source, link_target)
|
|
54
63
|
FileUtils.remove_dir(link_target, true)
|
|
55
64
|
FileUtils.symlink(source, link_target)
|
|
56
|
-
|
|
57
|
-
# This requires using `FileUtils.chown` rather than `File.chown`, as
|
|
58
|
-
# the latter will update the ownership of the source rather than the
|
|
59
|
-
# link itself.
|
|
60
|
-
# Symlink permissions are ignored in favor of the source's permissions,
|
|
61
|
-
# so we don't have to change those.
|
|
62
|
-
source_info = File.stat(source)
|
|
63
|
-
FileUtils.chown(source_info.uid, source_info.gid, link_target)
|
|
64
|
-
end
|
|
65
|
-
|
|
66
|
-
def initialize
|
|
67
|
-
@user, @group = find_user_and_group
|
|
65
|
+
ensure_ownership(link_target)
|
|
68
66
|
end
|
|
69
67
|
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
68
|
+
# Chown the path to the puppet user when running as root.
|
|
69
|
+
# Skipped otherwise: a non-root process can only have created the path
|
|
70
|
+
# as itself, so ownership is already correct, and chowning to any other
|
|
71
|
+
# user would require CAP_CHOWN (unavailable in rootless containers).
|
|
72
|
+
#
|
|
73
|
+
# Uses `FileUtils.chown` rather than `File.chown` so that when `path`
|
|
74
|
+
# is a symlink it operates on the link itself rather than its target.
|
|
75
|
+
def self.ensure_ownership(path)
|
|
76
|
+
return unless running_as_root?
|
|
77
|
+
user = pe_puppet_exists? ? 'pe-puppet' : 'puppet'
|
|
78
|
+
group = pe_puppet_exists? ? 'pe-puppet' : 'puppet'
|
|
79
|
+
FileUtils.chown(user, group, path)
|
|
80
80
|
end
|
|
81
81
|
|
|
82
|
-
def running_as_root?
|
|
82
|
+
def self.running_as_root?
|
|
83
83
|
!Gem.win_platform? && Process.euid == 0
|
|
84
84
|
end
|
|
85
85
|
|
|
86
|
-
def pe_puppet_exists?
|
|
86
|
+
def self.pe_puppet_exists?
|
|
87
87
|
!!(Etc.getpwnam('pe-puppet') rescue nil)
|
|
88
88
|
end
|
|
89
|
-
|
|
90
|
-
def write_file(path, one_or_more_objects, mode)
|
|
91
|
-
File.open(path, 'w', mode) do |f|
|
|
92
|
-
Array(one_or_more_objects).each do |object|
|
|
93
|
-
f.puts object.to_s
|
|
94
|
-
end
|
|
95
|
-
end
|
|
96
|
-
FileUtils.chown(@user, @group, path)
|
|
97
|
-
end
|
|
98
|
-
|
|
99
|
-
# Warning: directory mode should be specified in DIR_MODES above
|
|
100
|
-
def ensure_dir(directory)
|
|
101
|
-
if !File.exist?(directory)
|
|
102
|
-
FileUtils.mkdir_p(directory, mode: DIR_MODES[directory])
|
|
103
|
-
FileUtils.chown(@user, @group, directory)
|
|
104
|
-
end
|
|
105
|
-
end
|
|
106
89
|
end
|
|
107
90
|
end
|
|
108
91
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: openvoxserver-ca
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.
|
|
4
|
+
version: 3.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- OpenVox Project
|
|
@@ -117,7 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
117
117
|
- !ruby/object:Gem::Version
|
|
118
118
|
version: '0'
|
|
119
119
|
requirements: []
|
|
120
|
-
rubygems_version: 4.0.
|
|
120
|
+
rubygems_version: 4.0.6
|
|
121
121
|
specification_version: 4
|
|
122
122
|
summary: A simple CLI tool for interacting with OpenVox Server's Certificate Authority
|
|
123
123
|
test_files: []
|