Merge branch 'testing' of ssh://cesman@linhes.org/mount/repository/linhes_pkgbuild into testing

1 files changed, 29 insertions, 0 deletions

diff --git a/abs/core/runit-scripts/runitscripts/services/certmaster/run b/abs/core/runit-scripts/runitscripts/services/certmaster/run
new file mode 100644
index 0000000..0f5add7
--- /dev/null
+++ b/abs/core/runit-scripts/runitscripts/services/certmaster/run
@@ -0,0 +1,29 @@
+#!/bin/bash
+if [ ! -e /etc/pki/certmaster/ca/certmaster.key ]
+then
+    /usr/bin/certmaster daemon
+    while [ ! -e /etc/pki/certmaster/ca/certmaster.key ]
+    do
+	sleep 5
+    done
+    killall -9 certmaster
+fi
+    setfacl --remove-all /etc/pki/certmaster/ca/certmaster.key
+
+    for i in nobody http
+    do 
+       setfacl -d -R -m u:$i:rX /etc/pki/certmaster/
+       setfacl -R -m u:$i:rX /etc/pki/certmaster/
+
+       setfacl -R -m  mask:rwx /etc/pki/certmaster/
+       setfacl -R -m u:$i:rX /etc/pki/certmaster/ca/certmaster.key
+
+       setfacl -d -R -m u:$i:rX /var/lib/certmaster
+       setfacl -R -m u:$i:rX /var/lib/certmaster
+       setfacl -d -R -m u:$i:rX /var/lib/certmaster/certmaster
+       setfacl -R -m u:$i:rX /var/lib/certmaster/certmaster
+       setfacl -d -R -m u:$i:rX /var/lib/certmaster/certmaster/certs
+       setfacl -R -m u:$i:rX /var/lib/certmaster/certmaster/certs
+   done 
+
+exec  /usr/bin/certmaster