Make sure qemu CA has correct permissions

Make sure the qemu ca has correct permissiones 0644 to be bind mountend into the libvirt container. Related-Bug: #1900986 Related: https://bugzilla.redhat.com/show_bug.cgi?id=1888951 Change-Id: I9538b7e579d4921b14f6ef5eec0300e7e50628d4 (cherry picked from commit e3a3d3daf4)
2020-10-30 10:29:18 +01:00 · 2020-10-30 10:29:18 +01:00 · 8e3eac8ff7
parent e6885a4ee0
commit 8e3eac8ff7
1 changed files with 20 additions and 0 deletions
--- a/manifests/certmonger/qemu.pp
+++ b/manifests/certmonger/qemu.pp
@ -70,6 +70,26 @@ define tripleo::certmonger::qemu (
    require      => Class['::certmonger'],
  }

+  if $cacertfile {
+    # Sometimes certmonger returns before creating the cacert file. This has
+    # been reported in: https://bugzilla.redhat.com/show_bug.cgi?id=1759281
+    # Until this is fixed, add this workaround.
+    exec { $cacertfile :
+      require   => Certmonger_certificate[$name],
+      command   => "test -f ${cacertfile}",
+      unless    => "test -f ${cacertfile}",
+      tries     => 60,
+      try_sleep => 1,
+      timeout   => 60,
+      path      => '/usr/bin:/bin',
+    }
+
+    file { $cacertfile :
+      require => Exec[$cacertfile],
+      mode    => '0644'
+    }
+  }
+
  file { $service_certificate :
    require => Certmonger_certificate[$name],
    mode    => '0644'