File 0041-Bugfix-salt-key-crashes-if-tries-to-genera... of Package salt.2642

Overview Repositories Revisions Requests Users Attributes Meta

File 0041-Bugfix-salt-key-crashes-if-tries-to-generate-keys-to.patch of Package salt.2642

From 3643913116e913b828ead43a1294c4630913b5c5 Mon Sep 17 00:00:00 2001
From: Bo Maryniuk <bo@maryniuk.net>
Date: Wed, 13 Apr 2016 16:15:37 +0200
Subject: [PATCH 41/41] Bugfix: salt-key crashes if tries to generate keys to
 the directory w/o write access (#32436)

* Raise an exception if keys are tried to be written to the directory that has no write access permissions

* Show an reasonable error message instead of a traceback crash.

* Fix the unit tests
---
 salt/crypt.py            | 6 ++++++
 salt/scripts.py          | 2 ++
 tests/unit/crypt_test.py | 1 +
 3 files changed, 9 insertions(+)

diff --git a/salt/crypt.py b/salt/crypt.py
index eaf6d72..5a03712 100644
--- a/salt/crypt.py
+++ b/salt/crypt.py
@@ -15,6 +15,7 @@ import logging
 import traceback
 import binascii
 import weakref
+import getpass
 from salt.ext.six.moves import zip  # pylint: disable=import-error,redefined-builtin
 
 # Import third party libs
@@ -94,6 +95,11 @@ def gen_keys(keydir, keyname, keysize, user=None):
         # Between first checking and the generation another process has made
         # a key! Use the winner's key
         return priv
+
+    # Do not try writing anything, if directory has no permissions.
+    if not os.access(keydir, os.W_OK):
+        raise IOError('Write access denied to "{0}" for user "{1}".'.format(os.path.abspath(keydir), getpass.getuser()))
+
     cumask = os.umask(191)
     with salt.utils.fopen(priv, 'wb+') as f:
         f.write(gen.exportKey('PEM'))
diff --git a/salt/scripts.py b/salt/scripts.py
index 7da79bf..38b100d 100644
--- a/salt/scripts.py
+++ b/salt/scripts.py
@@ -297,6 +297,8 @@ def salt_key():
             SystemExit('\nExiting gracefully on Ctrl-c'),
             err,
             hardcrash, trace=trace)
+    except Exception as err:
+        sys.stderr.write("Error: {0}\n".format(err.message))
 
 
 def salt_cp():
diff --git a/tests/unit/crypt_test.py b/tests/unit/crypt_test.py
index 3ff3b09..f548820 100644
--- a/tests/unit/crypt_test.py
+++ b/tests/unit/crypt_test.py
@@ -86,6 +86,7 @@ class CryptTestCase(TestCase):
     @patch('os.umask', MagicMock())
     @patch('os.chmod', MagicMock())
     @patch('os.chown', MagicMock())
+    @patch('os.access', MagicMock(return_value=True))
     def test_gen_keys(self):
         with patch('salt.utils.fopen', mock_open()):
             open_priv_wb = call('/keydir/keyname.pem', 'wb+')
-- 
2.8.1

Places

File 0041-Bugfix-salt-key-crashes-if-tries-to-generate-keys-to.patch of Package salt.2642

Places