diff options
author | Davanum Srinivas <davanum@gmail.com> | 2015-06-14 21:21:03 -0400 |
---|---|---|
committer | Davanum Srinivas (dims) <davanum@gmail.com> | 2015-08-24 00:46:33 +0000 |
commit | b64cebe2eb71a6c2275f6af76839a0b36cf56cbd (patch) | |
tree | d65e57604500b50b4329f0d87b12326ca5a7c865 /nova/crypto.py | |
parent | 38f9906d4b38d6c04da78f55e11ec57ae4c5d38a (diff) | |
download | nova-b64cebe2eb71a6c2275f6af76839a0b36cf56cbd.tar.gz |
Specify current directory using new cwd param in processutils.execute
For example in:
Ie4e95999795d349a5897f7a180e34187485bd8f1
we added a try/finally to switch current directory to execute a command
and switch back to original directory. With the new cwd parameter
added in processutils.execute we can just use the cwd parameter and
not have to do the extra explicit steps to switch directories. This
cwd just delegates to subprocess.Popen's cwd param.
Related-Bug: 1414530
Change-Id: I808f51f8ac750b5c07a2988ff0ed2f40a68e1ee1
Diffstat (limited to 'nova/crypto.py')
-rw-r--r-- | nova/crypto.py | 32 |
1 files changed, 8 insertions, 24 deletions
diff --git a/nova/crypto.py b/nova/crypto.py index dfaafcfdad..0f1f58ed41 100644 --- a/nova/crypto.py +++ b/nova/crypto.py @@ -121,13 +121,8 @@ def ensure_ca_filesystem(): genrootca_sh_path = os.path.abspath( os.path.join(os.path.dirname(__file__), 'CA', 'genrootca.sh')) - start = os.getcwd() fileutils.ensure_tree(ca_dir) - os.chdir(ca_dir) - try: - utils.execute("sh", genrootca_sh_path) - finally: - os.chdir(start) + utils.execute("sh", genrootca_sh_path, cwd=ca_dir) def generate_fingerprint(public_key): @@ -220,21 +215,16 @@ def ssh_encrypt_text(ssh_public_key, text): def revoke_cert(project_id, file_name): """Revoke a cert by file name.""" - start = os.getcwd() - try: - os.chdir(ca_folder(project_id)) - except OSError: - raise exception.ProjectNotFound(project_id=project_id) try: # NOTE(vish): potential race condition here utils.execute('openssl', 'ca', '-config', './openssl.cnf', '-revoke', - file_name) + file_name, cwd=ca_folder(project_id)) utils.execute('openssl', 'ca', '-gencrl', '-config', './openssl.cnf', - '-out', CONF.crl_file) + '-out', CONF.crl_file, cwd=ca_folder(project_id)) + except OSError: + raise exception.ProjectNotFound(project_id=project_id) except processutils.ProcessExecutionError: raise exception.RevokeCertFailure(project_id=project_id) - finally: - os.chdir(start) def revoke_certs_by_user(user_id): @@ -342,11 +332,8 @@ def _ensure_project_folder(project_id): if not os.path.exists(ca_path(project_id)): geninter_sh_path = os.path.abspath( os.path.join(os.path.dirname(__file__), 'CA', 'geninter.sh')) - start = os.getcwd() - os.chdir(ca_folder()) utils.execute('sh', geninter_sh_path, project_id, - _project_cert_subject(project_id)) - os.chdir(start) + _project_cert_subject(project_id), cwd=ca_folder()) def generate_vpn_files(project_id): @@ -390,17 +377,14 @@ def _sign_csr(csr_text, ca_folder): LOG.exception(_LE('Failed to write inbound.csr')) LOG.debug('Flags path: %s', ca_folder) - start = os.getcwd() # Change working dir to CA fileutils.ensure_tree(ca_folder) - os.chdir(ca_folder) utils.execute('openssl', 'ca', '-batch', '-out', outbound, '-config', - './openssl.cnf', '-infiles', inbound) + './openssl.cnf', '-infiles', inbound, cwd=ca_folder) out, _err = utils.execute('openssl', 'x509', '-in', outbound, - '-serial', '-noout') + '-serial', '-noout', cwd=ca_folder) serial = out.rpartition('=')[2].strip() - os.chdir(start) with open(outbound, 'r') as crtfile: return (serial, crtfile.read()) |