2009-09-26 17:19:43 +00:00
|
|
|
#!/bin/sh
|
|
|
|
|
#
|
|
|
|
|
# Turns on or off the nss-sysinit module db by editing the
|
|
|
|
|
# global PKCS #11 congiguration file.
|
|
|
|
|
#
|
|
|
|
|
# This script can be invoked by the user as super user.
|
|
|
|
|
# It is invoked at nss-sysinit post install time with argument on
|
|
|
|
|
# and at nss-sysinit pre uninstall with argument off.
|
|
|
|
|
#
|
|
|
|
|
usage()
|
|
|
|
|
{
|
|
|
|
|
cat <<EOF
|
|
|
|
|
Usage: setup-nsssysinit [on|off]
|
|
|
|
|
on - turns on nsssysinit
|
|
|
|
|
off - turns off nsssysinit
|
|
|
|
|
EOF
|
|
|
|
|
exit $1
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# validate
|
|
|
|
|
if test $# -eq 0; then
|
|
|
|
|
usage 1 1>&2
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
on="1"
|
|
|
|
|
case "$1" in
|
|
|
|
|
on | ON ) on="1";;
|
|
|
|
|
off | OFF ) on="";;
|
|
|
|
|
* ) usage 1 1>&2;;
|
|
|
|
|
esac
|
|
|
|
|
|
|
|
|
|
# the system-wide configuration file
|
|
|
|
|
p11conf="/etc/pki/nssdb/pkcs11.txt"
|
|
|
|
|
# must exist, otherwise report it and exit with failure
|
|
|
|
|
if [ ! -f $p11conf ]; then
|
|
|
|
|
echo "Could not find ${p11conf}"
|
|
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# turn on or off
|
|
|
|
|
if [ on = "1" ]; then
|
|
|
|
|
cat ${p11conf} | sed -e 's/^library=$/library=libnsssysinit.so/' \
|
|
|
|
|
-e 'g/^NSS/ s; Flags=internal,critical; Flags=internal,moduleDBOnly,critical;' > \
|
|
|
|
|
${p11conf}.on
|
|
|
|
|
mv ${p11conf}.on ${p11conf}
|
|
|
|
|
else
|
|
|
|
|
if [ `grep "^library=libnsssysinit" ${p11conf}` == ""]; then
|
|
|
|
|
exit 0
|
2009-09-27 19:08:11 +00:00
|
|
|
fi
|
2009-09-26 17:19:43 +00:00
|
|
|
cat ${p11conf} | sed -e 's/^library=libnsssysinit.so/library=/' \
|
|
|
|
|
-e 'g/^NSS/ s; Flags=internal,moduleDBOnly,critical; Flags=internal,critical;' > \
|
|
|
|
|
${p11conf}.off
|
|
|
|
|
mv ${p11conf}.off ${p11conf}
|
|
|
|
|
fi
|
|
|
|
|
|
