%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /lib/python3/dist-packages/cloudinit/config/__pycache__/
Upload File :
Create Path :
Current File : //lib/python3/dist-packages/cloudinit/config/__pycache__/cc_ca_certs.cpython-312.pyc

�

���f�"�
��UdZddlZddlZddlmZmZmZddlmZddl	m
Z
ddlmZddl
mZeje�Zddd	d
dgd�Zd
d
dddgd�dddddgd�dddddgd�dddddgd�dd
dddgd�d�ZdD]
Zedee<�dD]
Zedee<�gd�Zdeed d!gd"�Zeed#<d$�Zd%�Zd&�Zd'�Zd(�Zd)�Zd*ed+e
d,ed-ed.df
d/�Z y)0zCA Certs: Add ca certificates.�N)�	lifecycle�subp�util)�Cloud)�Config)�
MetaSchema)�PER_INSTANCEz!/usr/local/share/ca-certificates/z#cloud-init-ca-cert-{cert_index}.crtz/etc/ca-certificates.confzupdate-ca-certificates)�ca_cert_path�ca_cert_local_path�ca_cert_filename�ca_cert_config�ca_cert_update_cmdz/etc/ssl/certs/z#cloud-init-ca-cert-{cert_index}.pemz+/etc/ca-certificates/conf.d/cloud-init.confzupdate-ca-bundlez/etc/pki/ca-trust/z/usr/share/pki/ca-trust-source/z+anchors/cloud-init-ca-cert-{cert_index}.crtzupdate-ca-trustz/etc/pki/trust/z/usr/share/pki/trust/z/etc/pki/tls/certs/zrehash_ca_certificates.sh)�aosc�fedora�rhel�opensuse�photon)�opensuse-microos�opensuse-tumbleweed�
opensuse-leap�sle_hpc�	sle-micro�slesr)�	almalinux�
cloudlinuxr)rrr�alpine�debianrrrrrrrrr�ubuntur�cc_ca_certs�ca_certs�ca-certs)�id�distros�	frequency�activate_by_schema_keys�metac��tj|t�}tjj|d|d�|d<|S)z�Return a distro-specific ca_certs config dictionary

    @param distro_name: String providing the distro class name.
    @returns: Dict of distro configurations for ca_cert.
    rr�ca_cert_full_path)�DISTRO_OVERRIDES�get�DEFAULT_CONFIG�os�path�join)�distro_name�cfgs  �>/usr/lib/python3/dist-packages/cloudinit/config/cc_ca_certs.py�_distro_ca_certs_configsr2jsF���
�
�{�N�
;�C�!�w�w�|�|�� �!�3�'9�#:� �C����J�c�8�tj|dd��y)z�
    Updates the CA certificate cache on the current machine.

    @param distro_cfg: A hash providing _distro_ca_certs_configs function.
    rF)�captureN)r��
distro_cfgs r1�update_ca_certsr8ws��	�I�I�j�-�.��>r3c��|syt|d�D]=\}}t|�}|dj|��}tj||d���?y)a-
    Adds certificates to the system. To actually apply the new certificates
    you must also call the appropriate distro-specific utility such as
    L{update_ca_certs}.

    @param distro_cfg: A hash providing _distro_ca_certs_configs function.
    @param certs: A list of certificate strings.
    N�r()�
cert_indexi�)�mode)�	enumerate�str�formatr�
write_file)r7�certsr;�c�cert_file_contents�cert_file_names      r1�add_ca_certsrE�sb����"�5�!�,�H�
�
�A� ��V��#�$7�8�?�?�!�@�
��	
����(:��G�
Hr3c��|dvrt|�y|dvr*t|�|dvrd}tjd|��yyy)a.
    Disables all default trusted CA certificates. For Alpine, Debian and
    Ubuntu to actually apply the changes you must also call
    L{update_ca_certs}.

    @param distro_name: String providing the distro class name.
    @param distro_cfg: A hash providing _distro_ca_certs_configs function.
    )rr)rrrr)rrz8ca-certificates ca-certificates/trust_new_crts select no)zdebconf-set-selections�-)�dataN)�remove_default_ca_certs�disable_system_ca_certsr)r/r7�debconf_sels   r1�disable_default_ca_certsrL�sR���(�(��
�+�	�>�	>��
�+��.�.�O�
�
�I�I�5�K�H�	/�
?r3c��|d}|rtjj|�syd}d}tj|�jr�tj|�}g}|j�D]b}||k(rd}|j|��|dk(s|ddvr|j|��:|s|j|�d}|jd	|z��dtj|d
j|�d
zd��yy)
z�
    For every entry in the CA_CERT_CONFIG file prefix the entry with a "!"
    in order to disable it.

    @param distro_cfg: A hash providing _distro_ca_certs_configs function.
    r
Nz;# Modified by cloud-init to deselect certs due to user-dataFT�r)�#�!rP�
�wb)�omode)r,r-�exists�stat�st_sizer�load_text_file�
splitlines�appendr@r.)r7�ca_cert_cfg_fn�header_comment�added_header�orig�	out_lines�lines       r1rJrJ�s��� � 0�1�N��������!?��	F���L�	�w�w�~��&�&��"�"�>�2���	��O�O�%�
	-�D��~�%�#��� � ��&����t�A�w�*�4�� � ��&�#��$�$�^�4�#'�L�� � ��t��,�
	-�	
����D�I�I�i�0�4�7�t�	
�'r3c��|d�ytjd�tj|d�tj|d�y)z�
    Removes all default trusted CA certificates from the system.

    @param distro_cfg: A hash providing _distro_ca_certs_configs function.
    r
NzDeleting system CA certificatesr)�LOG�debugr�delete_dir_contentsr6s r1rIrI�sF���.�!�)���I�I�/�0����Z��7�8����Z�(<�=�>r3�namer0�cloud�args�returnc���d|vrtjddd��nd|vrtjd|�yd|vrd|vrtj	d	�|jd|jd��}t
|jj�}d
|vrtjddd��|jd
|jd
d��r5tjd�t|jj|�d|vrCtj|d�}|r+tjdt|��t||�tjd�t|�y)au
    Call to handle ca_cert sections in cloud-config file.

    @param name: The module name "ca_cert" from cloud.cfg
    @param cfg: A nested dict containing the entire cloud config contents.
    @param cloud: The L{CloudInit} object in use.
    @param log: Pre-initialized Python logger object to use for logging.
    @param args: Any module arguments from cloud.cfg
    r!zKey 'ca-certs'z22.1zUse 'ca_certs' instead.)�
deprecated�deprecated_version�
extra_messager z<Skipping module named %s, no 'ca_certs' key in configurationNzMFound both ca-certs (deprecated) and ca_certs config keys. Ignoring ca-certs.zremove-defaultszKey 'remove-defaults'zUse 'remove_defaults' instead.�remove_defaultsFz'Disabling/removing default certificates�trustedzAdding %d certificateszUpdating certificates)r�	deprecaterarb�warningr*r2�distrordrLr�get_cfg_option_list�lenrEr8)rdr0rerf�ca_cert_cfgr7�
trusted_certss       r1�handleru�sJ���S�����'�%�3�	
�

�3�	��	�	�J��	
�	��S��Z�3�.����
"�	
��'�'�*�c�g�g�j�&9�:�K�)�%�,�,�*;�*;�<�J��K�'����.�%�:�	
�
����;�?�?�+<�e�D��	�	�	�;�<� ����!2�!2�J�?��K���0�0��i�H�
���I�I�.��M�0B�C���]�3��I�I�%�&��J�r3)!�__doc__�loggingr,�	cloudinitrrr�cloudinit.cloudr�cloudinit.configr�cloudinit.config.schemar�cloudinit.settingsr	�	getLogger�__name__rar+r)rpr#r&�__annotations__r2r8rErLrJrIr>�listru�r3r1�<module>r�s���
%��	�+�+�!�#�.�+��g����!���=�=�1�3�4���*�/�A�G�1�2�
�-�?�I��0�1��-�?�I��0�1�
�*�5�I��7�8��.�/�A��:�;��;$��L�<�F� 0�
�;��V��<��8�F� 0��7��V��	8���(��� *�J�7�	��j��
�?�H�*I�*$
�N?�6 ��6 �6�6 �%�6 �t�6 ��6 r3

Zerion Mini Shell 1.0