diff options
Diffstat (limited to 'abs/core/runit-scripts/runitscripts/services/certmaster/run')
-rw-r--r-- | abs/core/runit-scripts/runitscripts/services/certmaster/run | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/abs/core/runit-scripts/runitscripts/services/certmaster/run b/abs/core/runit-scripts/runitscripts/services/certmaster/run new file mode 100644 index 0000000..0f5add7 --- /dev/null +++ b/abs/core/runit-scripts/runitscripts/services/certmaster/run @@ -0,0 +1,29 @@ +#!/bin/bash +if [ ! -e /etc/pki/certmaster/ca/certmaster.key ] +then + /usr/bin/certmaster daemon + while [ ! -e /etc/pki/certmaster/ca/certmaster.key ] + do + sleep 5 + done + killall -9 certmaster +fi + setfacl --remove-all /etc/pki/certmaster/ca/certmaster.key + + for i in nobody http + do + setfacl -d -R -m u:$i:rX /etc/pki/certmaster/ + setfacl -R -m u:$i:rX /etc/pki/certmaster/ + + setfacl -R -m mask:rwx /etc/pki/certmaster/ + setfacl -R -m u:$i:rX /etc/pki/certmaster/ca/certmaster.key + + setfacl -d -R -m u:$i:rX /var/lib/certmaster + setfacl -R -m u:$i:rX /var/lib/certmaster + setfacl -d -R -m u:$i:rX /var/lib/certmaster/certmaster + setfacl -R -m u:$i:rX /var/lib/certmaster/certmaster + setfacl -d -R -m u:$i:rX /var/lib/certmaster/certmaster/certs + setfacl -R -m u:$i:rX /var/lib/certmaster/certmaster/certs + done + +exec /usr/bin/certmaster |