diff options
Diffstat (limited to 'pki/dogtag/tks/pki-tks.spec')
-rw-r--r-- | pki/dogtag/tks/pki-tks.spec | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/pki/dogtag/tks/pki-tks.spec b/pki/dogtag/tks/pki-tks.spec index b93610c01..938079c19 100644 --- a/pki/dogtag/tks/pki-tks.spec +++ b/pki/dogtag/tks/pki-tks.spec @@ -34,7 +34,7 @@ ## Package Header Definitions %define base_name %{base_prefix}-%{base_component} %define base_version 1.0.0 -%define base_release 7 +%define base_release 8 %define base_group System Environment/Daemons %define base_vendor Red Hat, Inc. %define base_license GPLv2 with exceptions @@ -44,6 +44,7 @@ ## Pre & Post Install/Uninstall Scripts Definitions %define base_user pkiuser +%define base_instance /var/lib/%{base_name} ## Helper Definitions %define pki_ca %{base_entity} Certificate Authority @@ -69,6 +70,10 @@ %define pki_minor_version %(echo `echo %{pki_version} | awk -F. '{ print $2 }'`) %define pki_patch_version %(echo `echo %{pki_version} | awk -F. '{ print $3 }'`) +## Disallow an initial login shell +## NOTE: SELinux policy requires a shell of /sbin/nologin +%define base_login_shell /sbin/nologin + ## A distribution model is required on certain Linux operating systems! ## ## check for a pre-defined distribution model @@ -220,11 +225,12 @@ rm -rf ${RPM_BUILD_ROOT} %pre if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then + echo "Adding default PKI group \"%{base_user}\" to /etc/group." groupadd %{base_user} fi if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then - # SELinux policy requires a shell of /sbin/nologin - useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} + echo "Adding default PKI user \"%{base_user}\" to /etc/passwd." + useradd -g %{base_user} -d %{_datadir}/%{base_prefix} -s %{base_login_shell} -c "%{base_pki}" -m %{base_user} fi @@ -236,7 +242,16 @@ echo "Install finished." %preun -if [ -x /etc/init.d/%{base_name} ] ; then +if [ -d %{base_instance} ] ; then + echo "WARNING: The default instance \"%{base_instance}\" was NOT removed!" + echo "" + echo "NOTE: This means that the data in the default instance called" + echo " \"%{base_instance}\" will NOT be overwritten once the" + echo " \"%{name}\" package is re-installed." + echo "" + echo "Shutting down the default instance \"%{base_instance}\"" + echo "PRIOR to uninstalling the \"%{name}\" package:" + echo "" /etc/init.d/%{base_name} stop fi @@ -272,6 +287,8 @@ fi ############################################################################### %changelog +* Wed Dec 10 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-8 +- Bugzilla Bug #475895 - Parameterize the initial login shell * Fri Nov 28 2008 Matthew Harmsen <mharmsen@redhat.com> 1.0.0-7 - Bugzilla Bug #445402 - changed "linux"/"fedora" to "dogtag"; changed "pki-svn.fedora.redhat.com" to "pki.fedoraproject.org" |