summaryrefslogtreecommitdiffstats
path: root/abs/core/runit-scripts/runitscripts/services/certmaster/run
blob: 0f5add7bb3fd0d010d1c6bffea88bdf683cc0b86 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
#!/bin/bash
if [ ! -e /etc/pki/certmaster/ca/certmaster.key ]
then
    /usr/bin/certmaster daemon
    while [ ! -e /etc/pki/certmaster/ca/certmaster.key ]
    do
	sleep 5
    done
    killall -9 certmaster
fi
    setfacl --remove-all /etc/pki/certmaster/ca/certmaster.key

    for i in nobody http
    do 
       setfacl -d -R -m u:$i:rX /etc/pki/certmaster/
       setfacl -R -m u:$i:rX /etc/pki/certmaster/

       setfacl -R -m  mask:rwx /etc/pki/certmaster/
       setfacl -R -m u:$i:rX /etc/pki/certmaster/ca/certmaster.key

       setfacl -d -R -m u:$i:rX /var/lib/certmaster
       setfacl -R -m u:$i:rX /var/lib/certmaster
       setfacl -d -R -m u:$i:rX /var/lib/certmaster/certmaster
       setfacl -R -m u:$i:rX /var/lib/certmaster/certmaster
       setfacl -d -R -m u:$i:rX /var/lib/certmaster/certmaster/certs
       setfacl -R -m u:$i:rX /var/lib/certmaster/certmaster/certs
   done 

exec  /usr/bin/certmaster