|
version 1.2, 2005/03/26 09:03:19
|
version 1.9, 2006/01/30 16:16:25
|
|
|
|
| |
#//%2006//////////////////////////////////////////////////////////////////////// |
| # Create OpenSSL Configuration File (ssl.cnf) |
#// |
| |
#// Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development |
| |
#// Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. |
| |
#// Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; |
| |
#// IBM Corp.; EMC Corporation, The Open Group. |
| |
#// Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; |
| |
#// IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. |
| |
#// Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
| |
#// EMC Corporation; VERITAS Software Corporation; The Open Group. |
| |
#// Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; |
| |
#// EMC Corporation; Symantec Corporation; The Open Group. |
| |
#// |
| |
#// Permission is hereby granted, free of charge, to any person obtaining a copy |
| |
#// of this software and associated documentation files (the "Software"), to |
| |
#// deal in the Software without restriction, including without limitation the |
| |
#// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or |
| |
#// sell copies of the Software, and to permit persons to whom the Software is |
| |
#// furnished to do so, subject to the following conditions: |
| |
#// |
| |
#// THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN |
| |
#// ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED |
| |
#// "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT |
| |
#// LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR |
| |
#// PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT |
| |
#// HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN |
| |
#// ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION |
| |
#// WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. |
| |
#// |
| |
#//============================================================================== |
| |
# Start of section pegasus/rpm/tog-specfiles/tog-pegasus-post.spec |
| # | # |
| if [ -f %PEGASUS_CONFIG_DIR/ssl.cnf ] |
# install remove upgrade reinstall |
| then |
# %post 1 - 2 2 |
| echo "WARNING: %PEGASUS_CONFIG_DIR/ssl.cnf already exists." |
# |
| else |
export PEGASUS_ARCH_LIB=%PEGASUS_ARCH_LIB |
| echo " Generating SSL Certificate..." |
|
| echo "[ req ]" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "distinguished_name = req_distinguished_name" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "prompt = no" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "[ req_distinguished_name ]" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "C = UK" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "ST = Berkshire" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "L = Reading" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "O = The Open Group" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "OU = The OpenPegasus Project" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| echo "CN = `uname -n`" >> %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| chmod 400 %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| chown root %PEGASUS_CONFIG_DIR/ssl.cnf |
|
| fi |
|
| |
|
| %OPENSSL_BIN/openssl req -x509 -days 356 -newkey rsa:2048 \ |
|
| -nodes -config %PEGASUS_CONFIG_DIR/ssl.cnf \ |
|
| -keyout %PEGASUS_PEM_DIR/key.pem -out %PEGASUS_PEM_DIR/cert.pem \ |
|
| 2>>%PEGASUS_INSTALL_LOG |
|
| |
|
| cat %PEGASUS_PEM_DIR/key.pem > %PEGASUS_PEM_DIR/key-2048.pem |
|
| chmod 400 %PEGASUS_PEM_DIR/key-2048.pem |
|
| cat %PEGASUS_PEM_DIR/cert.pem > %PEGASUS_PEM_DIR/cert-2048.pem |
|
| chmod 400 %PEGASUS_PEM_DIR/cert-2048.pem |
|
| cat %PEGASUS_PEM_DIR/cert.pem > %PEGASUS_PEM_DIR/truststore-2048.pem |
|
| chmod 400 %PEGASUS_PEM_DIR/truststore-2048.pem |
|
| rm -f %PEGASUS_PEM_DIR/key.pem %PEGASUS_PEM_DIR/cert.pem |
|
| | |
| if [ -f %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE ] |
if [ -d %PEGASUS_PREV_REPOSITORY_DIR ]; then |
| then |
# Running Repository Upgrade utility |
| echo "WARNING: %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE SSL Certificate file already exists." |
%PEGASUS_SBIN_DIR/repupgrade %PEGASUS_PREV_REPOSITORY_DIR \ |
| else |
%PEGASUS_REPOSITORY_DIR 2>>%PEGASUS_INSTALL_LOG |
| cp %PEGASUS_PEM_DIR/cert-2048.pem %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE |
/bin/tar -C %PEGASUS_REPOSITORY_PARENT_DIR -cf \ |
| chmod 444 %PEGASUS_PEM_DIR/%PEGASUS_SSL_CERT_FILE |
%PEGASUS_PREV_REPOSITORY_DIR`date '+%Y-%m-%d-%s.%N'`.tar \ |
| cp %PEGASUS_PEM_DIR/key-2048.pem %PEGASUS_PEM_DIR/%PEGASUS_SSL_KEY_FILE |
%PEGASUS_PREV_REPOSITORY_DIR_NAME |
| chmod 400 %PEGASUS_PEM_DIR/%PEGASUS_SSL_KEY_FILE |
rm -rf %PEGASUS_PREV_REPOSITORY_DIR |
| fi | fi |
| |
if [ $1 -eq 1 ]; then |
| if [ -f %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE ] |
%if %{AUTOSTART} |
| then |
/sbin/chkconfig --add tog-pegasus |
| echo "WARNING: %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE SSL Certificate trust store already exists." |
%endif |
| else |
:; |
| cp %PEGASUS_PEM_DIR/truststore-2048.pem %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE |
elif [ $1 -gt 0 ]; then |
| chmod 444 %PEGASUS_PEM_DIR/%PEGASUS_SSL_TRUSTSTORE |
/etc/init.d/tog-pegasus condrestart |
| |
:; |
| fi | fi |
| |
# |
| echo " To start Pegasus manually:" |
# End of section pegasus/rpm/tog-specfiles/tog-pegasus-post.spec |
| echo " /etc/init.d/tog-pegasus start" |
|
| echo " Stop it:" |
|
| echo " /etc/init.d/tog-pegasus stop" |
|
| echo " To set up PATH and MANPATH in /etc/profile" |
|
| echo " run /opt/tog-pegasus/sbin/settogpath." |
|
Return to
tog-pegasus-post.spec
CVS log
Up to [Pegasus] / pegasus / rpm / tog-specfiles