Use /etc/chef for bootstrapping instead of CONF_DIRmp/CHEF-9224

CONF_DIR is resolved based on the host system running chef-client/knife. When we use it in bootstrap template/context, we need a value based on the target system that is being bootstrapped so that the paths are correct (so that we don't try to create C:\chef on a linux system). Fixes #9224 Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
author: Marc A. Paradise <marc.paradise@gmail.com> 2020-01-16 15:00:43 -0500
committer: Marc A. Paradise <marc.paradise@gmail.com> 2020-01-16 15:23:47 -0500
commit: 169e79234345d68a539874f384cd512c2f55af02 (patch)
tree: 20c57bb230de1973ccce1a55d6ed6b89a342b89a /lib/chef/knife
parent: 4bc193401a089719fa9017a653dd0e8357efb484 (diff)
download: chef-169e79234345d68a539874f384cd512c2f55af02.tar.gz
2 files changed, 15 insertions, 15 deletions
diff --git a/lib/chef/knife/bootstrap/templates/chef-full.erb b/lib/chef/knife/bootstrap/templates/chef-full.erb
index febc414b13..7743142332 100644
--- a/lib/chef/knife/bootstrap/templates/chef-full.erb
+++ b/lib/chef/knife/bootstrap/templates/chef-full.erb
@@ -185,55 +185,55 @@ if test "x$tmp_dir" != "x"; then
   rm -r "$tmp_dir"
 fi
 
-mkdir -p <%= Chef::Dist::CONF_DIR %>
+mkdir -p /etc/chef
 
 <% if client_pem -%>
-(umask 077 && (cat > <%= Chef::Dist::CONF_DIR %>/client.pem <<'EOP'
+(umask 077 && (cat > /etc/chef/client.pem <<'EOP'
 <%= ::File.read(::File.expand_path(client_pem)) %>
 EOP
 )) || exit 1
 <% end -%>
 
 <% if validation_key -%>
-(umask 077 && (cat > <%= Chef::Dist::CONF_DIR %>/validation.pem <<'EOP'
+(umask 077 && (cat > /etc/chef/validation.pem <<'EOP'
 <%= validation_key %>
 EOP
 )) || exit 1
 <% end -%>
 
 <% if encrypted_data_bag_secret -%>
-(umask 077 && (cat > <%= Chef::Dist::CONF_DIR %>/encrypted_data_bag_secret <<'EOP'
+(umask 077 && (cat > /etc/chef/encrypted_data_bag_secret <<'EOP'
 <%= encrypted_data_bag_secret %>
 EOP
 )) || exit 1
 <% end -%>
 
 <% unless trusted_certs.empty? -%>
-mkdir -p <%= Chef::Dist::CONF_DIR %>/trusted_certs
+mkdir -p /etc/chef/trusted_certs
 <%= trusted_certs %>
 <% end -%>
 
 <%# Generate Ohai Hints -%>
 <% unless @chef_config[:knife][:hints].nil? || @chef_config[:knife][:hints].empty? -%>
-mkdir -p <%= Chef::Dist::CONF_DIR %>/ohai/hints
+mkdir -p /etc/chef/ohai/hints
 
 <% @chef_config[:knife][:hints].each do |name, hash| -%>
-cat > <%= Chef::Dist::CONF_DIR %>/ohai/hints/<%= name %>.json <<'EOP'
+cat > /etc/chef/ohai/hints/<%= name %>.json <<'EOP'
 <%= Chef::JSONCompat.to_json(hash) %>
 EOP
 <% end -%>
 <% end -%>
 
-cat > <%= Chef::Dist::CONF_DIR %>/client.rb <<'EOP'
+cat > /etc/chef/client.rb <<'EOP'
 <%= config_content %>
 EOP
 
-cat > <%= Chef::Dist::CONF_DIR %>/first-boot.json <<'EOP'
+cat > /etc/chef/first-boot.json <<'EOP'
 <%= Chef::JSONCompat.to_json(first_boot) %>
 EOP
 
 <% unless client_d.empty? -%>
-mkdir -p <%= Chef::Dist::CONF_DIR %>/client.d
+mkdir -p /etc/chef/client.d
 <%= client_d %>
 <% end -%>
 
diff --git a/lib/chef/knife/core/bootstrap_context.rb b/lib/chef/knife/core/bootstrap_context.rb
index 49f0069ba6..2b5887a7cf 100644
--- a/lib/chef/knife/core/bootstrap_context.rb
+++ b/lib/chef/knife/core/bootstrap_context.rb
@@ -158,11 +158,11 @@ class Chef
           end
 
           if encrypted_data_bag_secret
-            client_rb << %Q{encrypted_data_bag_secret "#{Chef::Dist::CONF_DIR}/encrypted_data_bag_secret"\n}
+            client_rb << %Q{encrypted_data_bag_secret "/etc/chef/encrypted_data_bag_secret"\n}
           end
 
           unless trusted_certs.empty?
-            client_rb << %Q{trusted_certs_dir "#{Chef::Dist::CONF_DIR}/trusted_certs"\n}
+            client_rb << %Q{trusted_certs_dir "/etc/chef/trusted_certs"\n}
           end
 
           if Chef::Config[:fips]
@@ -175,7 +175,7 @@ class Chef
         def start_chef
           # If the user doesn't have a client path configure, let bash use the PATH for what it was designed for
           client_path = @chef_config[:chef_client_path] || "#{Chef::Dist::CLIENT}"
-          s = "#{client_path} -j #{Chef::Dist::CONF_DIR}/first-boot.json"
+          s = "#{client_path} -j /etc/chef/first-boot.json"
           if @config[:verbosity] && @config[:verbosity] >= 3
             s << " -l trace"
           elsif @config[:verbosity] && @config[:verbosity] >= 2
@@ -226,7 +226,7 @@ class Chef
           content = ""
           if @chef_config[:trusted_certs_dir]
             Dir.glob(File.join(Chef::Util::PathHelper.escape_glob_dir(@chef_config[:trusted_certs_dir]), "*.{crt,pem}")).each do |cert|
-              content << "cat > #{Chef::Dist::CONF_DIR}/trusted_certs/#{File.basename(cert)} <<'EOP'\n" +
+              content << "cat > /etc/chef/trusted_certs/#{File.basename(cert)} <<'EOP'\n" +
                 IO.read(File.expand_path(cert)) + "\nEOP\n"
             end
           end
@@ -240,7 +240,7 @@ class Chef
             root.find do |f|
               relative = f.relative_path_from(root)
               if f != root
-                file_on_node = "#{Chef::Dist::CONF_DIR}/client.d/#{relative}"
+                file_on_node = "/etc/chef/client.d/#{relative}"
                 if f.directory?
                   content << "mkdir #{file_on_node}\n"
                 else
author	Marc A. Paradise <marc.paradise@gmail.com>	2020-01-16 15:00:43 -0500
committer	Marc A. Paradise <marc.paradise@gmail.com>	2020-01-16 15:23:47 -0500
commit	169e79234345d68a539874f384cd512c2f55af02 (patch)
tree	20c57bb230de1973ccce1a55d6ed6b89a342b89a /lib/chef/knife
parent	4bc193401a089719fa9017a653dd0e8357efb484 (diff)
download	chef-169e79234345d68a539874f384cd512c2f55af02.tar.gz