From 20ab90b5217b3e294cef1f845bc9a794b365a983 Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Mon, 14 Sep 2009 15:46:34 -0400
Subject: Authorize new certificates created for servers started by root as
 authorized signers. Update NEWS with the latest usage infor for
 --unprivileged.

---
 stap-serverd | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'stap-serverd')

diff --git a/stap-serverd b/stap-serverd
index 4eee8c38..5b05a819 100755
--- a/stap-serverd
+++ b/stap-serverd
@@ -56,6 +56,11 @@ function initialization {
 		    -x `which ${stap_exec_prefix}stap-client`; then
 		${stap_exec_prefix}stap-authorize-server-cert $ssl_db/$stap_certfile
 	    fi
+	    # If we are root, then add the server's certificate as a trusted
+	    # signer.
+	    if test $EUID = 0; then
+		${stap_exec_prefix}stap-authorize-signing-cert $ssl_db/$stap_certfile
+	    fi
 	elif ! test -f $stap_ssl_db/client/cert8.db; then
 	    # If the client's database does not exist, then initialize it with our certificate.
 	    # Do this only if the client has been installed.
-- 
cgit