Have salt-call use the new salt.utils.verify.check_parent_dirs()

2024-11-08 17:33:54 +00:00 · 2012-07-01 16:40:29 -07:00 · 2012-07-01 16:40:29 -07:00 · 90fb8a4a2f
commit 90fb8a4a2f
parent 4620ef375f
1 changed files with 6 additions and 34 deletions
--- a/salt/crypt.py
+++ b/salt/crypt.py
@ -14,15 +14,16 @@ import logging
 import tempfile

 # Import Cryptography libs
-from Crypto.Cipher import AES
 from M2Crypto import RSA
+from Crypto.Cipher import AES

 # Import zeromq libs
 import zmq

 # Import salt utils
-import salt.payload
 import salt.utils
+import salt.payload
+import salt.utils.verify
 from salt.exceptions import AuthenticationError, SaltClientError

 log = logging.getLogger(__name__)
@ -142,44 +143,15 @@ class Auth(object):
        else:
            self.mpub = 'minion_master.pub'

-    def _check_dir_access(self):
-        '''
-        Check that all parent directories of the minion key
-        are readable before trying to create a new minion
-        key and failing. This also gives a friendly error
-        message based on how the user configured and runs
-        salt-call
-        '''
-        if not self.rsa_path: return
-
-        dir_comps = self.rsa_path.split(os.path.sep)[1:-1]
-        # Loop over all parent directories of the minion key
-        # to properly test if salt has read access to  them.
-        for i,dirname in enumerate(dir_comps):
-            # Create the full path to the directory using a list slice
-            d = os.path.join(os.path.sep, *dir_comps[:i + 1])
-            msg ='Could not access directory {0}.'.format(d)
-            user = self.opts.get('user', 'root')
-            current_user = getpass.getuser()
-            # Make the error message more intelligent based on how
-            # the user invokes salt-call or whatever other script.
-            if user != current_user:
-                msg += ' Try running as user {0}.'.format(user)
-            else:
-                msg += ' Please give {0} read permissions.'.format(user, d)
-            if not os.access(d, os.R_OK):
-                # Propagate this exception up so there isn't a sys.exit()
-                # in the middle of code that could be imported elsewhere.
-                log.critical(msg)
-                raise SaltClientError(msg)
-
    def get_keys(self):
        '''
        Returns a key objects for the minion
        '''
        key = None
        # Make sure all key parent directories are accessible
-        self._check_dir_access()
+        user = self.opts.get('user', 'root')
+        salt.utils.verify.check_parent_dirs(self.rsa_path, user)
+
        if os.path.exists(self.rsa_path):
            try:
                key = RSA.load_key(self.rsa_path)