TheBigRed
27th July 2012, 08:17 AM
i am working on a bug review for a vdr plugin named vdr-live
https://bugzilla.redhat.com/show_bug.cgi?id=821233
mageia creates in his rpm spec file a ssl certificat with a rpm helper script with the name %_create_ssl_certificate
http://sophie.zarb.org/distrib/Mageia/cauldron/i586/by-pkgid/70fecff885d3afa0b5185b372e7c5f88/files/3
...
%install
rm -rf %{buildroot}
%vdr_plugin_install
install -d -m755 %{buildroot}%{_vdr_plugin_cfgdir}/%{plugin}
touch %{buildroot}%{_vdr_plugin_cfgdir}/%{plugin}/httpd.config
touch %{buildroot}%{_vdr_plugin_cfgdir}/%{plugin}/httpd.properties
install -d -m755 %{buildroot}%{_vdr_plugin_datadir}
cp -a live %{buildroot}%{_vdr_plugin_datadir}/
for dir in %plugin/*; do
ln -s %{_vdr_plugin_datadir}/$dir %{buildroot}%{_vdr_plugin_cfgdir}/$dir
done
%clean
rm -rf %{buildroot}
%post
%_create_ssl_certificate -g vdr -b vdr-%plugin
%files -f %plugin.vdr
%defattr(-,root,root)
%doc CONTRIBUTORS HISTORY README
%dir %attr(-,vdr,vdr) %{_vdr_plugin_cfgdir}/%{plugin} %ghost %{_vdr_plugin_cfgdir}/%{plugin}/httpd.config
%ghost %{_vdr_plugin_cfgdir}/%{plugin}/httpd.properties
%{_vdr_plugin_cfgdir}/%{plugin}/css
%{_vdr_plugin_cfgdir}/%{plugin}/img
%{_vdr_plugin_cfgdir}/%{plugin}/js
%{_vdr_plugin_cfgdir}/%{plugin}/themes
%{_vdr_plugin_datadir}/%{plugin}
...
is there a rpm helper script like the %_create_ssl_certificate in mageia for fedora ?
http://svnweb.mageia.org/soft/rpm/rpm-helper/trunk/create-ssl-certificate?view=markup&pathrev=2081
#!/bin/sh
# $Id: create-ssl-certificate 255059 2009-03-29 21:29:57Z guillomovitch $
# helper script for creating ssl certificates
while [ $# -gt 0 ]; do
case $1 in
-g) group=$2; shift 2;;
-b) bundle="true"; shift;;
*) args=( ${args[@]:-} $1 ); shift;;
esac
done
pkg=${args[0]} # name of the package
num=${args[1]} # number of packages installed
srv=${args[2]} # name of the service
if [ -z "$pkg" -o -z "$num" -o -z "$srv" ]; then
echo "usage: $0 [-g <group>] [-b] <pkg name> <num installed> <service>" 1>&2
exit 1
fi
if [ ! -f /etc/pki/tls/private/$srv.pem ]; then
# default values
host=$(hostname)
KEY_LENGTH=1024
CERT_DAYS=365
EMAIL_ADDRESS=root@$host
COMMON_NAME=$host
ORGANISATIONAL_UNIT_NAME="default $srv cert for $host"
# source configuration
if [ -f /etc/sysconfig/ssl ]; then
. /etc/sysconfig/ssl
fi
conffile=/tmp/$$
keyfile=/etc/pki/tls/private/$srv.pem
if [ "$bundle" == true ]; then
certfile=$keyfile
else
certfile=/etc/pki/tls/certs/$srv.pem
fi
# create a temporary configuration file
cat > $conffile <<EOF
default_bits = $KEY_LENGTH
encrypt_key = no
prompt = no
distinguished_name = req_dn
req_extensions = req_ext
[ req_dn ]
commonName = $COMMON_NAME
organizationalUnitName = $ORGANISATIONAL_UNIT_NAME
emailAddress = $EMAIL_ADDRESS
[ req_ext ]
basicConstraints = CA:FALSE
EOF
# generate certificates
openssl req -new -x509 -days $CERT_DAYS \
-config $conffile \
-keyout $keyfile \
-out $certfile >/dev/null
# enforce strict perms on key
if [ -n "$group" ]; then
chmod 640 $keyfile
chgrp $group $keyfile
else
chmod 600 $keyfile
fi
fi
may this can be helpful ?
https://fedoraproject.org/wiki/Archive:Docs/Drafts/AdministrationGuide/Servers/MailServer/OpenSSL
http://odysseus.x-tnd.be/fedora/prosody/prosody.spec
How do i create a ssl certificate in a rpm spec file for fedora ?
https://bugzilla.redhat.com/show_bug.cgi?id=821233
mageia creates in his rpm spec file a ssl certificat with a rpm helper script with the name %_create_ssl_certificate
http://sophie.zarb.org/distrib/Mageia/cauldron/i586/by-pkgid/70fecff885d3afa0b5185b372e7c5f88/files/3
...
%install
rm -rf %{buildroot}
%vdr_plugin_install
install -d -m755 %{buildroot}%{_vdr_plugin_cfgdir}/%{plugin}
touch %{buildroot}%{_vdr_plugin_cfgdir}/%{plugin}/httpd.config
touch %{buildroot}%{_vdr_plugin_cfgdir}/%{plugin}/httpd.properties
install -d -m755 %{buildroot}%{_vdr_plugin_datadir}
cp -a live %{buildroot}%{_vdr_plugin_datadir}/
for dir in %plugin/*; do
ln -s %{_vdr_plugin_datadir}/$dir %{buildroot}%{_vdr_plugin_cfgdir}/$dir
done
%clean
rm -rf %{buildroot}
%post
%_create_ssl_certificate -g vdr -b vdr-%plugin
%files -f %plugin.vdr
%defattr(-,root,root)
%doc CONTRIBUTORS HISTORY README
%dir %attr(-,vdr,vdr) %{_vdr_plugin_cfgdir}/%{plugin} %ghost %{_vdr_plugin_cfgdir}/%{plugin}/httpd.config
%ghost %{_vdr_plugin_cfgdir}/%{plugin}/httpd.properties
%{_vdr_plugin_cfgdir}/%{plugin}/css
%{_vdr_plugin_cfgdir}/%{plugin}/img
%{_vdr_plugin_cfgdir}/%{plugin}/js
%{_vdr_plugin_cfgdir}/%{plugin}/themes
%{_vdr_plugin_datadir}/%{plugin}
...
is there a rpm helper script like the %_create_ssl_certificate in mageia for fedora ?
http://svnweb.mageia.org/soft/rpm/rpm-helper/trunk/create-ssl-certificate?view=markup&pathrev=2081
#!/bin/sh
# $Id: create-ssl-certificate 255059 2009-03-29 21:29:57Z guillomovitch $
# helper script for creating ssl certificates
while [ $# -gt 0 ]; do
case $1 in
-g) group=$2; shift 2;;
-b) bundle="true"; shift;;
*) args=( ${args[@]:-} $1 ); shift;;
esac
done
pkg=${args[0]} # name of the package
num=${args[1]} # number of packages installed
srv=${args[2]} # name of the service
if [ -z "$pkg" -o -z "$num" -o -z "$srv" ]; then
echo "usage: $0 [-g <group>] [-b] <pkg name> <num installed> <service>" 1>&2
exit 1
fi
if [ ! -f /etc/pki/tls/private/$srv.pem ]; then
# default values
host=$(hostname)
KEY_LENGTH=1024
CERT_DAYS=365
EMAIL_ADDRESS=root@$host
COMMON_NAME=$host
ORGANISATIONAL_UNIT_NAME="default $srv cert for $host"
# source configuration
if [ -f /etc/sysconfig/ssl ]; then
. /etc/sysconfig/ssl
fi
conffile=/tmp/$$
keyfile=/etc/pki/tls/private/$srv.pem
if [ "$bundle" == true ]; then
certfile=$keyfile
else
certfile=/etc/pki/tls/certs/$srv.pem
fi
# create a temporary configuration file
cat > $conffile <<EOF
default_bits = $KEY_LENGTH
encrypt_key = no
prompt = no
distinguished_name = req_dn
req_extensions = req_ext
[ req_dn ]
commonName = $COMMON_NAME
organizationalUnitName = $ORGANISATIONAL_UNIT_NAME
emailAddress = $EMAIL_ADDRESS
[ req_ext ]
basicConstraints = CA:FALSE
EOF
# generate certificates
openssl req -new -x509 -days $CERT_DAYS \
-config $conffile \
-keyout $keyfile \
-out $certfile >/dev/null
# enforce strict perms on key
if [ -n "$group" ]; then
chmod 640 $keyfile
chgrp $group $keyfile
else
chmod 600 $keyfile
fi
fi
may this can be helpful ?
https://fedoraproject.org/wiki/Archive:Docs/Drafts/AdministrationGuide/Servers/MailServer/OpenSSL
http://odysseus.x-tnd.be/fedora/prosody/prosody.spec
How do i create a ssl certificate in a rpm spec file for fedora ?
