diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2011-09-29 22:39:28 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2011-09-29 22:39:28 -0300 |
commit | cdb40786730aea6d5a51b8d59bac1d5df324723c (patch) | |
tree | d79d4bac815d8884dee40bd39343b3f046712aaf /share | |
parent | 6c3a96ada0f2bcabed31b92e771da7639c595065 (diff) | |
download | hydra-cdb40786730aea6d5a51b8d59bac1d5df324723c.tar.gz hydra-cdb40786730aea6d5a51b8d59bac1d5df324723c.tar.bz2 |
Adding puppet-finger
Diffstat (limited to 'share')
-rwxr-xr-x | share/hydractl/puppet-finger | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/share/hydractl/puppet-finger b/share/hydractl/puppet-finger new file mode 100755 index 0000000..ff935de --- /dev/null +++ b/share/hydractl/puppet-finger @@ -0,0 +1,47 @@ +#!/bin/bash +# +# Check puppet fingerprints, hydractl perspective. +# + +# Load +source $APP_BASE/lib/hydra/functions || exit 1 +hydra_config_load + +# Command line arguments +BASENAME="`basename $0`" + +# Execute openssl +function puppet_openssl { + if [ -z "$1" ]; then + return + fi + + openssl x509 -text -noout -fingerprint -in $1 | grep "^SHA1 Fingerprint=" +} + +# Master: +# +# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/ca/signed/fqdn.pem +# openssl x509 -text -noout -fingerprint -in /var/lib/puppetmaster/ssl/certs/ca.pem +# +if [ -d "/var/lib/puppetmaster/ssl/" ]; then + for file in `ls /var/lib/puppetmaster/ssl/ca/signed/*pem`; do + fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$file`" + echo "`basename $file .pem`: $fp" + done + + echo "ca: `puppet_openssl /var/lib/puppetmaster/ssl/certs/ca.pem`" +fi + +# Node: +# +# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/fqdn.pem +# openssl x509 -text -noout -fingerprint -in /var/lib/puppet/ssl/certs/ca.pem +# +if [ -d "/var/lib/puppet/ssl/" ]; then + fqdn="`facter fqdn`" + fp="`puppet_openssl /var/lib/puppetmaster/ssl/ca/signed/$fqdn.pem`" + echo "$fqdn: $fp" + + echo "ca: `puppet_openssl /var/lib/puppet/ssl/certs/ca.pem`" +fi |