From a46272923e52e3d31c92eba3de97391219857a7d Mon Sep 17 00:00:00 2001
From: James Meyer <james.meyer@operamail.com>
Date: Wed, 7 Dec 2011 13:24:52 -0600
Subject: certmaster: first build Needed with for func. This should only run on
 the MBE

---
 abs/core/certmaster/PKGBUILD                  |  35 ++++++++++++++
 abs/core/certmaster/acl_fix_fstab.py          |  39 ++++++++++++++++
 abs/core/certmaster/certmaster-0.28.tar.gz    | Bin 0 -> 50409 bytes
 abs/core/certmaster/certmaster.conf           |  13 ++++++
 abs/core/certmaster/certmaster.install        |  65 ++++++++++++++++++++++++++
 abs/core/certmaster/logrotate-certmaster.conf |  19 ++++++++
 abs/core/certmaster/minion.conf               |   8 ++++
 7 files changed, 179 insertions(+)
 create mode 100644 abs/core/certmaster/PKGBUILD
 create mode 100644 abs/core/certmaster/acl_fix_fstab.py
 create mode 100644 abs/core/certmaster/certmaster-0.28.tar.gz
 create mode 100644 abs/core/certmaster/certmaster.conf
 create mode 100644 abs/core/certmaster/certmaster.install
 create mode 100644 abs/core/certmaster/logrotate-certmaster.conf
 create mode 100644 abs/core/certmaster/minion.conf

diff --git a/abs/core/certmaster/PKGBUILD b/abs/core/certmaster/PKGBUILD
new file mode 100644
index 0000000..3ce72f7
--- /dev/null
+++ b/abs/core/certmaster/PKGBUILD
@@ -0,0 +1,35 @@
+pkgname=certmaster
+pkgver=0.28
+pkgrel=1
+pkgdesc="certmaster"
+url="https://fedorahosted.org/certmaster/ "
+license="gpl"
+depends=(pyopenssl)
+makedepends=()
+conflicts=()
+replaces=()
+moddir="pkg/usr/lib/python2.6/site-packages/func/minion/modules/"
+backup=('etc/certmaster/certmaster.conf' 'etc/certmaster/minion.conf')
+
+install=certmaster.install
+source=($pkgname-$pkgver.tar.gz certmaster.conf minion.conf acl_fix_fstab.py logrotate-certmaster.conf)
+arch=('i686')
+
+build() {
+	cd $startdir/src/$pkgname-${pkgver}
+	python setup.py build
+	python setup.py install --prefix=$startdir/pkg/usr
+	cd $startdir/src
+	install -m755 -D minion.conf $startdir/pkg/etc/certmaster/minion.conf
+	install -m755 -D certmaster.conf $startdir/pkg/etc/certmaster/certmaster.conf
+	install -m755 -D logrotate-certmaster.conf $startdir/pkg/etc/logrotate.d/certmaster.conf
+	install -m755 -D acl_fix_fstab.py $startdir/pkg/usr/MythVantage/bin/acl_fix_fstab.py
+	mkdir -p  $startdir/pkg/var/log/certmaster
+        cd $startdir/pkg
+        find ./ -name "*.pyc" -print | xargs rm -f
+}
+md5sums=('f5acc9ff1efa34971296e26d794c5b35'
+         '953ff601e5381b457383e7a3c4928192'
+         'be7bd532ae103ab3c0048980314b4fd9'
+         '214e34c095f6f29277197a2a6666f8b2'
+         '6bc28ccd331a6c4c05e0a9c9755a848f')
diff --git a/abs/core/certmaster/acl_fix_fstab.py b/abs/core/certmaster/acl_fix_fstab.py
new file mode 100644
index 0000000..8e49a15
--- /dev/null
+++ b/abs/core/certmaster/acl_fix_fstab.py
@@ -0,0 +1,39 @@
+#!/usr/bin/python2
+import os
+import sys
+cmd="cp -f /etc/fstab /etc/fstab.backup.pre_acl"
+os.system(cmd)
+f = open('/etc/fstab', 'r')
+fstab=f.readlines()
+f.close()
+
+
+
+
+mp=['/' , '/myth', '/data']
+newfstab=[]
+for line in fstab:
+    new_line=line
+    split_line=line.split()
+    try:
+        if split_line[1] in mp:
+            #print split_line[3]
+            if "acl" in split_line[3]:
+                pass
+            else:
+                print "Adding ACL"
+                new_acl=split_line[3]+",acl"
+                split_line[3]=new_acl
+                new_line='\t'.join(split_line)
+    except:
+        pass
+    newfstab.append(new_line)
+
+
+f = open('/etc/fstab', 'w')
+for i in newfstab:
+    f.write(i)
+    f.write("\n")
+
+f.close()
+
diff --git a/abs/core/certmaster/certmaster-0.28.tar.gz b/abs/core/certmaster/certmaster-0.28.tar.gz
new file mode 100644
index 0000000..3108221
Binary files /dev/null and b/abs/core/certmaster/certmaster-0.28.tar.gz differ
diff --git a/abs/core/certmaster/certmaster.conf b/abs/core/certmaster/certmaster.conf
new file mode 100644
index 0000000..186e1b8
--- /dev/null
+++ b/abs/core/certmaster/certmaster.conf
@@ -0,0 +1,13 @@
+# configuration for certmasterd and certmaster-ca
+
+[main]
+autosign = yes
+listen_addr = 
+listen_port = 51235
+cadir = /etc/pki/certmaster/ca
+cert_dir = /etc/pki/certmaster
+certroot = /var/lib/certmaster/certmaster/certs
+csrroot = /var/lib/certmaster/certmaster/csrs
+cert_extension = cert
+sync_certs = False
+
diff --git a/abs/core/certmaster/certmaster.install b/abs/core/certmaster/certmaster.install
new file mode 100644
index 0000000..e0dac8c
--- /dev/null
+++ b/abs/core/certmaster/certmaster.install
@@ -0,0 +1,65 @@
+# This is a default template for a post-install scriptlet.  You can
+# remove any functions you don't need (and this header).
+
+# arg 1:  the new package version
+pre_install() {
+   /bin/true
+   mkdir -p /var/log/certmaster
+}
+
+# arg 1:  the new package version
+post_install() {
+	if [ ! -e /var/log/certmaster ]
+	then
+		mkdir -p /var/log/certmaster
+	fi
+	/usr/MythVantage/bin/acl_fix_fstab.py
+	mount -o remount /
+	if [ ! -e /etc/pki/certmaster/ca ]
+	then
+		mkdir -p /etc/pki/certmaster/ca
+	fi
+	
+	setfacl -d -R -m 'u:nobody:rX' /etc/pki/certmaster
+	setfacl -R -m 'u:nobody:rX' /etc/pki/certmaster
+
+	setfacl -d -R -m 'u:http:rX' /etc/pki/certmaster
+	setfacl -R -m 'u:http:rX' /etc/pki/certmaster
+
+        setfacl -R -m  mask:rwx /etc/pki/certmaster/
+        setfacl -d -R -m  mask:rwx /etc/pki/certmaster/
+
+
+
+
+
+}
+
+# arg 1:  the new package version
+# arg 2:  the old package version
+pre_upgrade() {
+  /bin/true
+
+
+
+}
+
+# arg 1:  the new package version
+# arg 2:  the old package version
+post_upgrade() {
+	post_install
+}
+
+# arg 1:  the old package version
+pre_remove() {
+  /bin/true
+}
+
+# arg 1:  the old package version
+post_remove() {
+  /bin/true
+}
+
+op=$1
+shift
+$op $*
diff --git a/abs/core/certmaster/logrotate-certmaster.conf b/abs/core/certmaster/logrotate-certmaster.conf
new file mode 100644
index 0000000..39c3537
--- /dev/null
+++ b/abs/core/certmaster/logrotate-certmaster.conf
@@ -0,0 +1,19 @@
+/var/log/certmaster/audit.log {
+   missingok
+   notifempty
+   rotate 4
+   weekly
+   postrotate
+      if [ -f /service/certmaster ]; then
+         sv restart certmaster
+      fi
+   endscript
+}
+
+/var/log/certmaster/certmaster.log {
+   missingok
+   notifempty
+   rotate 4
+   weekly
+}
+
diff --git a/abs/core/certmaster/minion.conf b/abs/core/certmaster/minion.conf
new file mode 100644
index 0000000..47c6540
--- /dev/null
+++ b/abs/core/certmaster/minion.conf
@@ -0,0 +1,8 @@
+# configuration for minions
+
+[main]
+certmaster = certmaster
+certmaster_port = 51235
+log_level = DEBUG
+cert_dir = /etc/pki/certmaster
+
-- 
cgit v0.12