diff options
| author | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-12-12 00:59:15 +0000 |
|---|---|---|
| committer | mharmsen <mharmsen@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2008-12-12 00:59:15 +0000 |
| commit | dca02910f6de3f9631589ee3c12c229fa58629c8 (patch) | |
| tree | 69efd1522a2d12b4b7c83b84db08528eac8e84c2 /pki/dogtag | |
| parent | 7c37c9388739c2528c74b23e123e273b7ef4d8c6 (diff) | |
| download | pki-dca02910f6de3f9631589ee3c12c229fa58629c8.tar.gz pki-dca02910f6de3f9631589ee3c12c229fa58629c8.tar.xz pki-dca02910f6de3f9631589ee3c12c229fa58629c8.zip | |
Bugzilla Bug #475895 - Parameterized the initial login shell.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@167 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/dogtag')
| -rw-r--r-- | pki/dogtag/ca/pki-ca.spec | 25 | ||||
| -rw-r--r-- | pki/dogtag/kra/pki-kra.spec | 25 | ||||
| -rw-r--r-- | pki/dogtag/ocsp/pki-ocsp.spec | 25 | ||||
| -rw-r--r-- | pki/dogtag/ra/pki-ra.spec | 25 | ||||
| -rw-r--r-- | pki/dogtag/tks/pki-tks.spec | 25 | ||||
| -rw-r--r-- | pki/dogtag/tps/pki-tps.spec | 25 |
6 files changed, 126 insertions, 24 deletions
diff --git a/pki/dogtag/ca/pki-ca.spec b/pki/dogtag/ca/pki-ca.spec index 491379ebd..fc4c7c947 100644 --- a/pki/dogtag/ca/pki-ca.spec +++ b/pki/dogtag/ca/pki-ca.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 17 +%define base_release 18 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -44,6 +44,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -69,6 +70,10 @@ %define pki_minor_version %(echo `echo %{pki_version} | awk -F. '{ print $2 }'`) %define pki_patch_version %(echo `echo %{pki_version} | awk -F. '{ print $3 }'`) +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -209,11 +214,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -225,7 +231,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -263,6 +278,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-18 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Fri Nov 28 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-17 - Bugzilla Bug #445402 - changed "linux"/"fedora" to "dogtag"; changed "pki-svn.fedora.redhat.com" to "pki.fedoraproject.org" diff --git a/pki/dogtag/kra/pki-kra.spec b/pki/dogtag/kra/pki-kra.spec index 88d907769..e588f055e 100644 --- a/pki/dogtag/kra/pki-kra.spec +++ b/pki/dogtag/kra/pki-kra.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 8 +%define base_release 9 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -44,6 +44,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -69,6 +70,10 @@ %define pki_minor_version %(echo `echo %{pki_version} | awk -F. '{ print $2 }'`) %define pki_patch_version %(echo `echo %{pki_version} | awk -F. '{ print $3 }'`) +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -218,11 +223,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -234,7 +240,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -270,6 +285,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-9 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Fri Nov 28 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-8 - Bugzilla Bug #445402 - changed "linux"/"fedora" to "dogtag"; changed "pki-svn.fedora.redhat.com" to "pki.fedoraproject.org" diff --git a/pki/dogtag/ocsp/pki-ocsp.spec b/pki/dogtag/ocsp/pki-ocsp.spec index 2cc26223b..a483fb429 100644 --- a/pki/dogtag/ocsp/pki-ocsp.spec +++ b/pki/dogtag/ocsp/pki-ocsp.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 7 +%define base_release 8 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -44,6 +44,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -69,6 +70,10 @@ %define pki_minor_version %(echo `echo %{pki_version} | awk -F. '{ print $2 }'`) %define pki_patch_version %(echo `echo %{pki_version} | awk -F. '{ print $3 }'`) +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -227,11 +232,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -243,7 +249,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -279,6 +294,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-8 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Fri Nov 28 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-7 - Bugzilla Bug #445402 - changed "linux"/"fedora" to "dogtag"; changed "pki-svn.fedora.redhat.com" to "pki.fedoraproject.org" diff --git a/pki/dogtag/ra/pki-ra.spec b/pki/dogtag/ra/pki-ra.spec index 7a4ffa794..fb61ba442 100644 --- a/pki/dogtag/ra/pki-ra.spec +++ b/pki/dogtag/ra/pki-ra.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 7 +%define base_release 8 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -44,6 +44,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -62,6 +63,10 @@ ## Linux Definitions ## ##===================## %ifos Linux +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -197,11 +202,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -213,7 +219,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -246,6 +261,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-8 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Fri Nov 28 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-7 - Bugzilla Bug #445402 - changed "linux"/"fedora" to "dogtag"; changed "pki-svn.fedora.redhat.com" to "pki.fedoraproject.org" diff --git a/pki/dogtag/tks/pki-tks.spec b/pki/dogtag/tks/pki-tks.spec index b93610c01..938079c19 100644 --- a/pki/dogtag/tks/pki-tks.spec +++ b/pki/dogtag/tks/pki-tks.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 7 +%define base_release 8 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -44,6 +44,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -69,6 +70,10 @@ %define pki_minor_version %(echo `echo %{pki_version} | awk -F. '{ print $2 }'`) %define pki_patch_version %(echo `echo %{pki_version} | awk -F. '{ print $3 }'`) +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -220,11 +225,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -236,7 +242,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -272,6 +287,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-8 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Fri Nov 28 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-7 - Bugzilla Bug #445402 - changed "linux"/"fedora" to "dogtag"; changed "pki-svn.fedora.redhat.com" to "pki.fedoraproject.org" diff --git a/pki/dogtag/tps/pki-tps.spec b/pki/dogtag/tps/pki-tps.spec index 909ddb0a3..d2aa713bb 100644 --- a/pki/dogtag/tps/pki-tps.spec +++ b/pki/dogtag/tps/pki-tps.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 11 +%define base_release 12 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license LGPLv2 with exceptions @@ -55,6 +55,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -85,6 +86,10 @@ %define configure_cmd ../configure --enable-64bit --libdir=%{base_install_dir}/lib64 %endif +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -238,11 +243,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -254,7 +260,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -293,6 +308,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-12 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Mon Dec 8 2008 Ade Lee <alee@edhat.com> 1.0.0-11 - Bugzilla Bug #453508 - Changes to acvcomodate new NSS, apache changes * Fri Dec 5 2008 Christina Fu <cfu@redhat.com> 1.0.0-10 |