1
portability fixes to tools/virt-pki-validate.in
3
A few fixes will help make tools/virt-pki-validate.in useful on Debian and Ubuntu. And one fix should be useful to everyone (see #4).
5
1) note our gnutls-bin package (in addition to your gnutls-utils package) in the no-certtool error text
7
2) adjust the ORG-setting sed regular expressions to work with both Red Hat and Ubuntu style cacert.pem Issuer format
9
3) fix a bashism, == should be = in the case where /bin/sh is a symlink to dash
11
4) $(SYSCONFDIR) cannot evaluate; set a single shell SYSCONFDIR variable to the autoconf @SYSCONFDIR@ value, and use $SYSCONFDIR everywhere
13
This was tested against gnutls 2.8.5. And against both Red Hat and Ubuntu cacert.pem files. Credit Jamie Strandboge with the regular expression changes.
16
* https://bugs.edge.launchpad.net/ubuntu/+source/libvirt/+bug/562266
18
Signed-off-by: Dustin Kirkland <kirkland@canonical.com>
20
diff -uprN libvirt-0.7.5/tools/virt-pki-validate.in libvirt-0.7.5.new/tools/virt-pki-validate.in
21
--- libvirt-0.7.5/tools/virt-pki-validate.in 2009-12-22 03:37:57.000000000 -0600
22
+++ libvirt-0.7.5.new/tools/virt-pki-validate.in 2010-04-21 15:42:04.677879001 -0500
23
@@ -16,8 +16,8 @@ PORT=16514
24
CERTOOL=`which certtool 2>/dev/null`
27
- echo Could not locate the certtool program
28
- echo make sure the gnutls-utils package is installed
29
+ echo "Could not locate the certtool program"
30
+ echo "make sure the gnutls-utils (or gnutls-bin) package is installed"
34
@@ -25,7 +25,8 @@ echo Found $CERTOOL
36
# Check the directory structure
38
-PKI="$(SYSCONFDIR)/pki"
39
+SYSCONFDIR="@SYSCONFDIR@"
40
+PKI="$SYSCONFDIR/pki"
43
echo the $PKI directory is missing, it is usually
44
@@ -129,8 +130,8 @@ then
45
echo "as root do: chmod 644 $CA/cacert.pem"
48
-ORG=`$CERTOOL -i --infile $CA/cacert.pem | grep Issuer | sed 's+Issuer: CN=++'`
50
+ORG=`$CERTOOL -i --infile $CA/cacert.pem | grep Issuer | sed -e 's+\s*Issuer: .*CN=++' -e 's+,EMAIL=.*++'`
53
echo the CA certificate $CA/cacert.pem does not define the organization
54
echo it should probably regenerated
55
@@ -240,19 +241,19 @@ fi
57
if [ "$SERVER" = "1" ]
59
- if [ -r $(SYSCONFDIR)/sysconfig/libvirtd ]
60
+ if [ -r $SYSCONFDIR/sysconfig/libvirtd ]
62
- if [ "`grep '^LIBVIRTD_ARGS' $(SYSCONFDIR)/sysconfig/libvirtd | grep -- '--listen'`" = "" ]
63
+ if [ "`grep '^LIBVIRTD_ARGS' $SYSCONFDIR/sysconfig/libvirtd | grep -- '--listen'`" = "" ]
65
- echo Make sure $(SYSCONFDIR)/sysconfig/libvirtd is setup to listen to
66
+ echo Make sure $SYSCONFDIR/sysconfig/libvirtd is setup to listen to
67
echo TCP/IP connections and restart the libvirtd service
70
- if [ -r $(SYSCONFDIR)/sysconfig/iptables ]
71
+ if [ -r $SYSCONFDIR/sysconfig/iptables ]
73
- if [ "`grep $PORT $(SYSCONFDIR)/sysconfig/iptables`" = "" ]
74
+ if [ "`grep $PORT $SYSCONFDIR/sysconfig/iptables`" = "" ]
76
- echo Make sure $(SYSCONFDIR)/sysconfig/iptables is setup to allow
77
+ echo Make sure $SYSCONFDIR/sysconfig/iptables is setup to allow
78
echo incoming TCP/IP connections on port $PORT and
79
echo restart the iptables service
added
removed
debian/patches/9023-virt-pki-validate_fixes.patch
