rpms/nss
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Improve on fixes for bugs #636787, #636792, and #636801

Browse Source 
Replace posttrans sysinit scriptlet with a triggerpostun one (#636787)
Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)
This commit is contained in:
Elio Maldonado 2010-09-29 15:15:00 -07:00
parent 6b07fe83cc
commit a3c32434c9
2 changed files with 41 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
nss.spec
View File

@ -6,7 +6,7 @@
Summary: Network Security Services Summary: Network Security Services
Name: nss Name: nss
Version: 3.12.7 Version: 3.12.7
Release: 6%{?dist} Release: 8%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+ License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/ URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries Group: System Environment/Libraries
@ -16,7 +16,7 @@ Requires: nss-softokn%{_isa} >= %{nss_softokn_version}
Requires: nss-system-init Requires: nss-system-init
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: nspr-devel >= %{nspr_version} BuildRequires: nspr-devel >= %{nspr_version}
BuildRequires: nss-softokn-devel >= %{nss_softokn_version} BuildRequires: nss-softokn-devel >= %{nss_softokn_version}
BuildRequires: nss-util-devel >= %{nss_util_version} BuildRequires: nss-util-devel >= %{nss_util_version}
BuildRequires: sqlite-devel BuildRequires: sqlite-devel
BuildRequires: zlib-devel BuildRequires: zlib-devel
@ -100,6 +100,7 @@ Header and Library files for doing development with Network Security Services.
%package pkcs11-devel %package pkcs11-devel
Summary: Development libraries for PKCS #11 (Cryptoki) using NSS Summary: Development libraries for PKCS #11 (Cryptoki) using NSS
Group: Development/Libraries Group: Development/Libraries
Provides: nss-pkcs11-devel-static = %{version}-%{release}
Requires: nss-devel = %{version}-%{release} Requires: nss-devel = %{version}-%{release}
%description pkcs11-devel %description pkcs11-devel
@ -371,11 +372,11 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%postun -p /sbin/ldconfig %postun -p /sbin/ldconfig
%post sysinit # Reverse unwanted disabling of sysinit by faulty preun sysinit scriplet
%{_bindir}/setup-nsssysinit.sh on # from previous versions of nss.spec
%triggerpostun -n nss-sysinit -- nss-sysinit < 3.12.8-3
/usr/bin/setup-nsssysinit.sh on
%preun sysinit
%{_bindir}/setup-nsssysinit.sh off
%files %files
%defattr(-,root,root) %defattr(-,root,root)
@ -489,6 +490,16 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%{_libdir}/libnssckfw.a %{_libdir}/libnssckfw.a
%changelog %changelog
* Wed Sep 29 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-8
- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787)
- Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)
* Tue Sep 28 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-7
- Prevent of nss-sysinit disabling on package upgrade (#636787)
- Create pkcs11.txt with correct permissions regardless of umask (#636792)
- Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801)
- Add provides nss-pkcs11-devel-static to comply with packaging guidelines (#609612)
* Sun Sep 12 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-6 * Sun Sep 12 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-6
- Remove {nss_util|nss_softokn}_build_version, BuildRequires must match Requires - Remove {nss_util|nss_softokn}_build_version, BuildRequires must match Requires

35
setup-nsssysinit.sh
View File

@ -1,24 +1,24 @@
#!/bin/sh #!/bin/sh
# #
# Turns on or off the nss-sysinit module db by editing the # Turns on or off the nss-sysinit module db by editing the
# global PKCS #11 congiguration file. # global PKCS #11 congiguration file. Displays the status.
# #
# This script can be invoked by the user as super user. # This script can be invoked by the user as super user.
# It is invoked at nss-sysinit post install time with argument on # It is invoked at nss-sysinit post install time with argument on.
# and at nss-sysinit pre uninstall with argument off.
# #
usage() usage()
{ {
cat <<EOF cat <<EOF
Usage: setup-nsssysinit [on|off] Usage: setup-nsssysinit [on|off]
on - turns on nsssysinit on - turns on nsssysinit
off - turns off nsssysinit off - turns off nsssysinit
status - reports whether nsssysinit is turned on or off
EOF EOF
exit $1 exit $1
} }
# validate # validate
if test $# -eq 0; then if [ $# -eq 0 ]; then
usage 1 1>&2 usage 1 1>&2
fi fi
@ -30,17 +30,26 @@ if [ ! -f $p11conf ]; then
exit 1 exit 1
fi fi
on="1" # check if nsssysinit is currently enabled or disabled
sysinit_enabled()
{
grep -q '^library=libnsssysinit' ${p11conf}
}
umask 022
case "$1" in case "$1" in
on | ON ) on | ON )
if sysinit_enabled; then
exit 0
fi
cat ${p11conf} | \ cat ${p11conf} | \
sed -e 's/^library=$/library=libnsssysinit.so/' \ sed -e 's/^library=$/library=libnsssysinit.so/' \
-e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \ -e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
${p11conf}.on ${p11conf}.on
mv ${p11conf}.on ${p11conf} mv ${p11conf}.on ${p11conf}
;; ;;
off | OFF ) off | OFF )
if [ ! `grep "^library=libnsssysinit" ${p11conf}` ]; then if ! sysinit_enabled; then
exit 0 exit 0
fi fi
cat ${p11conf} | \ cat ${p11conf} | \
@ -49,6 +58,10 @@ case "$1" in
${p11conf}.off ${p11conf}.off
mv ${p11conf}.off ${p11conf} mv ${p11conf}.off ${p11conf}
;; ;;
status )
echo -n 'NSS sysinit is '
sysinit_enabled && echo 'enabled' || echo 'disabled'
;;
* ) * )
usage 1 1>&2 usage 1 1>&2
;; ;;