This patch adds a few checks which ensure that all files necessary for proper SSL communication are in place before noded is started on the master node.
Signed-off-by: Helga Velroyen <[email protected]> --- lib/bootstrap.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/lib/bootstrap.py b/lib/bootstrap.py index 910ea63..3beefa0 100644 --- a/lib/bootstrap.py +++ b/lib/bootstrap.py @@ -236,6 +236,20 @@ def _InitGanetiServerSetup(master_name, cfg): cfg.Update(cfg.GetClusterInfo(), logging.error) ssconf.WriteSsconfFiles(cfg.GetSsconfValues()) + if not os.path.exists( + os.path.join(pathutils.DATA_DIR, + "%s%s" % (constants.SSCONF_FILEPREFIX, + constants.SS_MASTER_CANDIDATES_CERTS))): + raise errors.OpExecError("Ssconf file for master candidate certificates" + " was not written.") + + if not os.path.exists(pathutils.NODED_CERT_FILE): + raise errors.OpExecError("The server certficate was not created properly.") + + if not os.path.exists(pathutils.NODED_CLIENT_CERT_FILE): + raise errors.OpExecError("The client certificate was not created" + " properly.") + # set up the inter-node password and certificate result = utils.RunCmd([pathutils.DAEMON_UTIL, "start", constants.NODED]) if result.failed: -- 2.4.3.573.g4eafbef
