summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--abs/core/certmaster/PKGBUILD35
-rw-r--r--abs/core/certmaster/acl_fix_fstab.py39
-rw-r--r--abs/core/certmaster/certmaster-0.28.tar.gzbin0 -> 50409 bytes
-rw-r--r--abs/core/certmaster/certmaster.conf13
-rw-r--r--abs/core/certmaster/certmaster.install65
-rw-r--r--abs/core/certmaster/logrotate-certmaster.conf19
-rw-r--r--abs/core/certmaster/minion.conf8
7 files changed, 179 insertions, 0 deletions
diff --git a/abs/core/certmaster/PKGBUILD b/abs/core/certmaster/PKGBUILD
new file mode 100644
index 0000000..3ce72f7
--- /dev/null
+++ b/abs/core/certmaster/PKGBUILD
@@ -0,0 +1,35 @@
+pkgname=certmaster
+pkgver=0.28
+pkgrel=1
+pkgdesc="certmaster"
+url="https://fedorahosted.org/certmaster/ "
+license="gpl"
+depends=(pyopenssl)
+makedepends=()
+conflicts=()
+replaces=()
+moddir="pkg/usr/lib/python2.6/site-packages/func/minion/modules/"
+backup=('etc/certmaster/certmaster.conf' 'etc/certmaster/minion.conf')
+
+install=certmaster.install
+source=($pkgname-$pkgver.tar.gz certmaster.conf minion.conf acl_fix_fstab.py logrotate-certmaster.conf)
+arch=('i686')
+
+build() {
+ cd $startdir/src/$pkgname-${pkgver}
+ python setup.py build
+ python setup.py install --prefix=$startdir/pkg/usr
+ cd $startdir/src
+ install -m755 -D minion.conf $startdir/pkg/etc/certmaster/minion.conf
+ install -m755 -D certmaster.conf $startdir/pkg/etc/certmaster/certmaster.conf
+ install -m755 -D logrotate-certmaster.conf $startdir/pkg/etc/logrotate.d/certmaster.conf
+ install -m755 -D acl_fix_fstab.py $startdir/pkg/usr/MythVantage/bin/acl_fix_fstab.py
+ mkdir -p $startdir/pkg/var/log/certmaster
+ cd $startdir/pkg
+ find ./ -name "*.pyc" -print | xargs rm -f
+}
+md5sums=('f5acc9ff1efa34971296e26d794c5b35'
+ '953ff601e5381b457383e7a3c4928192'
+ 'be7bd532ae103ab3c0048980314b4fd9'
+ '214e34c095f6f29277197a2a6666f8b2'
+ '6bc28ccd331a6c4c05e0a9c9755a848f')
diff --git a/abs/core/certmaster/acl_fix_fstab.py b/abs/core/certmaster/acl_fix_fstab.py
new file mode 100644
index 0000000..8e49a15
--- /dev/null
+++ b/abs/core/certmaster/acl_fix_fstab.py
@@ -0,0 +1,39 @@
+#!/usr/bin/python2
+import os
+import sys
+cmd="cp -f /etc/fstab /etc/fstab.backup.pre_acl"
+os.system(cmd)
+f = open('/etc/fstab', 'r')
+fstab=f.readlines()
+f.close()
+
+
+
+
+mp=['/' , '/myth', '/data']
+newfstab=[]
+for line in fstab:
+ new_line=line
+ split_line=line.split()
+ try:
+ if split_line[1] in mp:
+ #print split_line[3]
+ if "acl" in split_line[3]:
+ pass
+ else:
+ print "Adding ACL"
+ new_acl=split_line[3]+",acl"
+ split_line[3]=new_acl
+ new_line='\t'.join(split_line)
+ except:
+ pass
+ newfstab.append(new_line)
+
+
+f = open('/etc/fstab', 'w')
+for i in newfstab:
+ f.write(i)
+ f.write("\n")
+
+f.close()
+
diff --git a/abs/core/certmaster/certmaster-0.28.tar.gz b/abs/core/certmaster/certmaster-0.28.tar.gz
new file mode 100644
index 0000000..3108221
--- /dev/null
+++ b/abs/core/certmaster/certmaster-0.28.tar.gz
Binary files differ
diff --git a/abs/core/certmaster/certmaster.conf b/abs/core/certmaster/certmaster.conf
new file mode 100644
index 0000000..186e1b8
--- /dev/null
+++ b/abs/core/certmaster/certmaster.conf
@@ -0,0 +1,13 @@
+# configuration for certmasterd and certmaster-ca
+
+[main]
+autosign = yes
+listen_addr =
+listen_port = 51235
+cadir = /etc/pki/certmaster/ca
+cert_dir = /etc/pki/certmaster
+certroot = /var/lib/certmaster/certmaster/certs
+csrroot = /var/lib/certmaster/certmaster/csrs
+cert_extension = cert
+sync_certs = False
+
diff --git a/abs/core/certmaster/certmaster.install b/abs/core/certmaster/certmaster.install
new file mode 100644
index 0000000..e0dac8c
--- /dev/null
+++ b/abs/core/certmaster/certmaster.install
@@ -0,0 +1,65 @@
+# This is a default template for a post-install scriptlet. You can
+# remove any functions you don't need (and this header).
+
+# arg 1: the new package version
+pre_install() {
+ /bin/true
+ mkdir -p /var/log/certmaster
+}
+
+# arg 1: the new package version
+post_install() {
+ if [ ! -e /var/log/certmaster ]
+ then
+ mkdir -p /var/log/certmaster
+ fi
+ /usr/MythVantage/bin/acl_fix_fstab.py
+ mount -o remount /
+ if [ ! -e /etc/pki/certmaster/ca ]
+ then
+ mkdir -p /etc/pki/certmaster/ca
+ fi
+
+ setfacl -d -R -m 'u:nobody:rX' /etc/pki/certmaster
+ setfacl -R -m 'u:nobody:rX' /etc/pki/certmaster
+
+ setfacl -d -R -m 'u:http:rX' /etc/pki/certmaster
+ setfacl -R -m 'u:http:rX' /etc/pki/certmaster
+
+ setfacl -R -m mask:rwx /etc/pki/certmaster/
+ setfacl -d -R -m mask:rwx /etc/pki/certmaster/
+
+
+
+
+
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+pre_upgrade() {
+ /bin/true
+
+
+
+}
+
+# arg 1: the new package version
+# arg 2: the old package version
+post_upgrade() {
+ post_install
+}
+
+# arg 1: the old package version
+pre_remove() {
+ /bin/true
+}
+
+# arg 1: the old package version
+post_remove() {
+ /bin/true
+}
+
+op=$1
+shift
+$op $*
diff --git a/abs/core/certmaster/logrotate-certmaster.conf b/abs/core/certmaster/logrotate-certmaster.conf
new file mode 100644
index 0000000..39c3537
--- /dev/null
+++ b/abs/core/certmaster/logrotate-certmaster.conf
@@ -0,0 +1,19 @@
+/var/log/certmaster/audit.log {
+ missingok
+ notifempty
+ rotate 4
+ weekly
+ postrotate
+ if [ -f /service/certmaster ]; then
+ sv restart certmaster
+ fi
+ endscript
+}
+
+/var/log/certmaster/certmaster.log {
+ missingok
+ notifempty
+ rotate 4
+ weekly
+}
+
diff --git a/abs/core/certmaster/minion.conf b/abs/core/certmaster/minion.conf
new file mode 100644
index 0000000..47c6540
--- /dev/null
+++ b/abs/core/certmaster/minion.conf
@@ -0,0 +1,8 @@
+# configuration for minions
+
+[main]
+certmaster = certmaster
+certmaster_port = 51235
+log_level = DEBUG
+cert_dir = /etc/pki/certmaster
+