diff options
| author | Dave Brolley <brolley@redhat.com> | 2009-12-14 16:12:56 -0500 |
|---|---|---|
| committer | Dave Brolley <brolley@redhat.com> | 2009-12-14 16:12:56 -0500 |
| commit | 829fc0c4d710bb6358137096ea957609c83d969e (patch) | |
| tree | 0957f9f42182659d39c63d0f66396ef219e4500c /systemtap.spec | |
| parent | 81790974ef070041f3fc7f710f30d06eca7d4e73 (diff) | |
| download | systemtap-steved-829fc0c4d710bb6358137096ea957609c83d969e.tar.gz systemtap-steved-829fc0c4d710bb6358137096ea957609c83d969e.tar.xz systemtap-steved-829fc0c4d710bb6358137096ea957609c83d969e.zip | |
PR 10905: Initscript improvements: Automatically authorize the initscript servers as trusted servers and signers.
Diffstat (limited to 'systemtap.spec')
| -rw-r--r-- | systemtap.spec | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/systemtap.spec b/systemtap.spec index 508f03ba..29ff7067 100644 --- a/systemtap.spec +++ b/systemtap.spec @@ -315,6 +315,13 @@ chgrp stap-server %{_localstatedir}/log/stap-server.log test -e /usr/share/systemtap/runtime/uprobes || mkdir -p /usr/share/systemtap/runtime/uprobes chgrp stap-server /usr/share/systemtap/runtime/uprobes chmod 775 /usr/share/systemtap/runtime/uprobes +# As stap-server, generate the certificate used for signing and for ssl. +runuser -s /bin/sh - stap-server -c %{_bindir}/stap-gen-cert +# Authorize the certificate as a trusted ssl peer and as a trusted signer +# local host. +%{_bindir}/stap-authorize-server-cert %{_localstatedir}/lib/stap-server/.systemtap/ssl/server/stap.cert +%{_bindir}/stap-authorize-signing-cert %{_localstatedir}/lib/stap-server/.systemtap/ssl/server/stap.cert + # Activate the service /sbin/chkconfig --add stap-server exit 0 |