Ensure that the client cert database and server cert are readable by all.

author: Dave Brolley <brolley@redhat.com> 2009-01-13 11:35:14 -0500
committer: Dave Brolley <brolley@redhat.com> 2009-01-13 11:35:14 -0500
commit: a50cb7894f72eb3ac3301adde9950d12425594b7 (patch)
tree: 29d4207e6ce35678d501a9b171ff074470ee109e /stap-gen-server-cert
parent: a4de985a1a9d7f47858abb1e3037a90a2d50dbc4 (diff)
download: systemtap-steved-a50cb7894f72eb3ac3301adde9950d12425594b7.tar.gz
systemtap-steved-a50cb7894f72eb3ac3301adde9950d12425594b7.tar.xz
systemtap-steved-a50cb7894f72eb3ac3301adde9950d12425594b7.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/stap-gen-server-cert b/stap-gen-server-cert
index fe40db90..af3a5917 100755
--- a/stap-gen-server-cert
+++ b/stap-gen-server-cert
@@ -83,6 +83,11 @@ y
 EOF
 rm -fr $1/stap-server.req
 
+# Ensure that the certificate is readable by others.
+if ! chmod +r $serverdb/stap-server.cert; then
+    echo "Warning: unable to make the server's certificate $serverdb/stap-server.cert readable by others" >&2
+fi
+
 # Add the certificate to the server's certificate/key database as a trusted peer, ssl server and object signer
 certutil -A -n stap-server -t "PCu,,PCu" -i $serverdb/stap-server.cert -d $serverdb -f $serverdb/pw
author	Dave Brolley <brolley@redhat.com>	2009-01-13 11:35:14 -0500
committer	Dave Brolley <brolley@redhat.com>	2009-01-13 11:35:14 -0500
commit	a50cb7894f72eb3ac3301adde9950d12425594b7 (patch)
tree	29d4207e6ce35678d501a9b171ff074470ee109e /stap-gen-server-cert
parent	a4de985a1a9d7f47858abb1e3037a90a2d50dbc4 (diff)
download	systemtap-steved-a50cb7894f72eb3ac3301adde9950d12425594b7.tar.gz systemtap-steved-a50cb7894f72eb3ac3301adde9950d12425594b7.tar.xz systemtap-steved-a50cb7894f72eb3ac3301adde9950d12425594b7.zip