diff --git a/cert8.db.xml b/cert8.db.xml
new file mode 100644
index 0000000..e82948d
--- /dev/null
+++ b/cert8.db.xml
@@ -0,0 +1,59 @@
+
+
+
+]>
+
+
+
+
+ &date;
+ Network Security Services
+ nss
+ &version;
+
+
+
+ cert8.db
+ 5
+
+
+
+ cert8.db
+ Legacy NSS certificate database
+
+
+
+ Description
+ cert8.db is an NSS certificate database.
+ This certificate database is in the legacy database format. Consider migrating to cert9.db and key4.db which are the new sqlite-based shared database format with support for concurrent access.
+
+
+
+
+ Files
+ /etc/pki/nssdb/cert8.db
+
+
+
+ See also
+ cert9.db(5), key4.db(5), pkcs11.txt(5),
+
+
+
+ Authors
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ Authors: Elio Maldonado <emaldona@redhat.com>.
+
+
+
+
+ LICENSE
+ Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+
+
+
+
diff --git a/cert9.db.xml b/cert9.db.xml
new file mode 100644
index 0000000..6cff889
--- /dev/null
+++ b/cert9.db.xml
@@ -0,0 +1,59 @@
+
+
+
+]>
+
+
+
+
+ &date;
+ Network Security Services
+ nss
+ &version;
+
+
+
+ cert9.db
+ 5
+
+
+
+ cert9.db
+ Legacy NSS certificate database
+
+
+
+ Description
+ cert9.db is an NSS certificate database.
+ This certificate database is the sqlite-based shared databse with support for concurrent access.
+
+
+
+
+ Files
+ /etc/pki/nssdb/cert9.db
+
+
+
+ See also
+ pkcs11.txt(5)
+
+
+
+ Authors
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ Authors: Elio Maldonado <emaldona@redhat.com>.
+
+
+
+
+ LICENSE
+ Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+
+
+
+
diff --git a/key3.db.xml b/key3.db.xml
new file mode 100644
index 0000000..444d7aa
--- /dev/null
+++ b/key3.db.xml
@@ -0,0 +1,59 @@
+
+
+
+]>
+
+
+
+
+ &date;
+ Network Security Services
+ nss
+ &version;
+
+
+
+ key3.db
+ 5
+
+
+
+ key3.db
+ Legacy NSS certificate database
+
+
+
+ Description
+ key3.db is an NSS certificate database.
+ This is a key database in the legacy database format. Consider migrating to cert9.db and key4.db which which are the new sqlite-based shared database format with support for concurrent access.
+
+
+
+
+ Files
+ /etc/pki/nssdb/key3.db
+
+
+
+ See also
+ cert9.db(5), key4.db(5), pkcs11.txt(5),
+
+
+
+ Authors
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ Authors: Elio Maldonado <emaldona@redhat.com>.
+
+
+
+
+ LICENSE
+ Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+
+
+
+
diff --git a/key4.db.xml b/key4.db.xml
new file mode 100644
index 0000000..960752f
--- /dev/null
+++ b/key4.db.xml
@@ -0,0 +1,59 @@
+
+
+
+]>
+
+
+
+
+ &date;
+ Network Security Services
+ nss
+ &version;
+
+
+
+ key4.db
+ 5
+
+
+
+ key4.db
+ Legacy NSS certificate database
+
+
+
+ Description
+ key4.db is an NSS key database.
+ This key database is the sqlite-based shared database format with support for concurrent access.
+
+
+
+
+ Files
+ /etc/pki/nssdb/key4.db
+
+
+
+ See also
+ pkcs11.txt(5)
+
+
+
+ Authors
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ Authors: Elio Maldonado <emaldona@redhat.com>.
+
+
+
+
+ LICENSE
+ Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+
+
+
+
diff --git a/nss.spec b/nss.spec
index a5efea0..3db4d30 100644
--- a/nss.spec
+++ b/nss.spec
@@ -20,7 +20,7 @@
Summary: Network Security Services
Name: nss
Version: 3.15.1
-Release: 2%{?dist}
+Release: 3%{?dist}
License: MPLv2.0
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -77,6 +77,12 @@ Source18: TestUser50.cert
Source19: TestUser51.cert
Source20: nss-config.xml
Source21: setup-nsssysinit.xml
+Source22: pkcs11.txt.xml
+Source23: cert8.db.xml
+Source24: cert9.db.xml
+Source25: key3.db.xml
+Source26: key4.db.xml
+Source27: secmod.db.xml
Patch2: add-relro-linker-option.patch
Patch3: renegotiate-transitional.patch
@@ -360,13 +366,23 @@ chmod 755 ./dist/pkgconfig/setup-nsssysinit.sh
date +"%e %B %Y" | tr -d '\n' > date.xml
echo -n %{version} > version.xml
-for m in %{SOURCE20} %{SOURCE21}; do
+# configuration files and setup script
+for m in %{SOURCE20} %{SOURCE21} %{SOURCE22}; do
cp ${m} .
done
-for m in nss-config.xml setup-nsssysinit.xml; do
+for m in nss-config.xml setup-nsssysinit.xml pkcs11.txt.xml; do
xmlto man ${m}
done
+# nss databases considered to be configuration files
+for m in %{SOURCE23} %{SOURCE24} %{SOURCE25} %{SOURCE26} %{SOURCE27}; do
+ cp ${m} .
+done
+for m in cert8.db.xml cert9.db.xml key3.db.xml key4.db.xml secmod.db.xml; do
+ xmlto man ${m}
+done
+
+
%check
if [ $DISABLETEST -eq 1 ]; then
echo "testing disabled"
@@ -537,6 +553,14 @@ done
for f in "%{allTools}"; do
install -c -m 644 ${f}.1 $RPM_BUILD_ROOT%{_mandir}/man1/${f}.1
done
+# Copy the man pages for the configuration files
+for f in pkcs11.txt; do
+ install -c -m 644 ${f}.5 $RPM_BUILD_ROOT%{_mandir}/man5/${f}.5
+done
+# Copy the man pages for the nss databases
+for f in cert8.db cert9.db key3.db key4.db secmod.db; do
+ install -c -m 644 ${f}.5 $RPM_BUILD_ROOT%{_mandir}/man5/${f}.5
+done
%clean
%{__rm} -rf $RPM_BUILD_ROOT
@@ -607,6 +631,10 @@ fi
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert8.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key3.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/secmod.db
+%attr(0644,root,root) %doc /usr/share/man/man5/*
+%attr(0644,root,root) %doc /usr/share/man/man5/cert8.db.5.gz
+%attr(0644,root,root) %doc /usr/share/man/man5/key3.db.5.gz
+%attr(0644,root,root) %doc /usr/share/man/man5/secmod.db.5.gz
%files sysinit
%defattr(-,root,root)
@@ -614,6 +642,9 @@ fi
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/cert9.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/key4.db
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/pki/nssdb/pkcs11.txt
+%attr(0644,root,root) %doc /usr/share/man/man5/cert9.db.5.gz
+%attr(0644,root,root) %doc /usr/share/man/man5/key4.db.5.gz
+%attr(0644,root,root) %doc /usr/share/man/man5/pkcs11.txt.5.gz
%{_bindir}/setup-nsssysinit.sh
%attr(0644,root,root) %doc /usr/share/man/man1/setup-nsssysinit.1.gz
@@ -729,6 +760,10 @@ fi
%changelog
+* Fri Aug 02 2013 Elio Maldonado - 3.15.1-3
+- Add man page for pkcs11.txt configuration file and cert and key databases
+- Resolves: rhbz#985114 - Provide man pages for the nss configuration files
+
* Wed Jul 24 2013 Elio Maldonado - 3.15.1-2
- Fix errors in the man pages
- Resolves: rhbz#984106 - Add missing option descriptions to man pages for {cert|cms|crl}util
diff --git a/pkcs11.txt.xml b/pkcs11.txt.xml
new file mode 100644
index 0000000..d30e469
--- /dev/null
+++ b/pkcs11.txt.xml
@@ -0,0 +1,56 @@
+
+
+
+]>
+
+
+
+
+ &date;
+ Network Security Services
+ nss
+ &version;
+
+
+
+ pkcs11.txt
+ 5
+
+
+
+ pkcs11.txt
+ NSS PKCS #11 module configuration file
+
+
+
+ Description
+
+The pkcs11.txt file is used to configure initialization parameters for the nss security module and optionally other pkcs #11 modules.
+
+
+For full documentation visit PKCS #11 Module Specs.
+
+
+
+
+ Files
+ /etc/pki/nssdb/pkcs11.txt
+
+
+
+ Authors
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ Authors: Elio Maldonado <emaldona@redhat.com>.
+
+
+
+
+ LICENSE
+ Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+
+
+
diff --git a/secmod.db.xml b/secmod.db.xml
new file mode 100644
index 0000000..a3d2c1e
--- /dev/null
+++ b/secmod.db.xml
@@ -0,0 +1,59 @@
+
+
+
+]>
+
+
+
+
+ &date;
+ Network Security Services
+ nss
+ &version;
+
+
+
+ secmod.db
+ 5
+
+
+
+ secmod.db
+ Legacy NSS security modules database
+
+
+
+ Description
+ secmod.db is an NSS security modules database.
+ This is a BerkeyDB legacy database format. The recommende way of tracking security modules is the pkcs11.txt configuration file used in conjunction thew shared database format certificate and key dtabases.
+
+
+
+
+ Files
+ /etc/pki/nssdb/secmod.db
+
+
+
+ See also
+ cert9.db(5), key4.db(5), pkcs11.txt(5),
+
+
+
+ Authors
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ Authors: Elio Maldonado <emaldona@redhat.com>.
+
+
+
+
+ LICENSE
+ Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+
+
+
+
diff --git a/setup-nsssysinit.xml b/setup-nsssysinit.xml
index 4335d85..0560cc1 100644
--- a/setup-nsssysinit.xml
+++ b/setup-nsssysinit.xml
@@ -95,7 +95,7 @@
Authors
- The nss liraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
+ The nss libraries were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
Authors: Elio Maldonado <emaldona@redhat.com>.