Improve on fixes for bugs #636787, #636792, and #636801

Replace posttrans sysinit scriptlet with a triggerpostun one (#636787)
Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)
This commit is contained in:
Elio Maldonado 2010-09-29 15:15:00 -07:00
parent 6b07fe83cc
commit a3c32434c9
2 changed files with 41 additions and 17 deletions

View File

@ -6,7 +6,7 @@
Summary: Network Security Services
Name: nss
Version: 3.12.7
Release: 6%{?dist}
Release: 8%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@ -100,6 +100,7 @@ Header and Library files for doing development with Network Security Services.
%package pkcs11-devel
Summary: Development libraries for PKCS #11 (Cryptoki) using NSS
Group: Development/Libraries
Provides: nss-pkcs11-devel-static = %{version}-%{release}
Requires: nss-devel = %{version}-%{release}
%description pkcs11-devel
@ -371,11 +372,11 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%postun -p /sbin/ldconfig
%post sysinit
%{_bindir}/setup-nsssysinit.sh on
# Reverse unwanted disabling of sysinit by faulty preun sysinit scriplet
# from previous versions of nss.spec
%triggerpostun -n nss-sysinit -- nss-sysinit < 3.12.8-3
/usr/bin/setup-nsssysinit.sh on
%preun sysinit
%{_bindir}/setup-nsssysinit.sh off
%files
%defattr(-,root,root)
@ -489,6 +490,16 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%{_libdir}/libnssckfw.a
%changelog
* Wed Sep 29 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-8
- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787)
- Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)
* Tue Sep 28 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-7
- Prevent of nss-sysinit disabling on package upgrade (#636787)
- Create pkcs11.txt with correct permissions regardless of umask (#636792)
- Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801)
- Add provides nss-pkcs11-devel-static to comply with packaging guidelines (#609612)
* Sun Sep 12 2010 Elio Maldonado <emaldona@redhat.com> - 3.12.7-6
- Remove {nss_util|nss_softokn}_build_version, BuildRequires must match Requires

View File

@ -1,11 +1,10 @@
#!/bin/sh
#
# Turns on or off the nss-sysinit module db by editing the
# global PKCS #11 congiguration file.
# global PKCS #11 congiguration file. Displays the status.
#
# This script can be invoked by the user as super user.
# It is invoked at nss-sysinit post install time with argument on
# and at nss-sysinit pre uninstall with argument off.
# It is invoked at nss-sysinit post install time with argument on.
#
usage()
{
@ -13,12 +12,13 @@ usage()
Usage: setup-nsssysinit [on|off]
on - turns on nsssysinit
off - turns off nsssysinit
status - reports whether nsssysinit is turned on or off
EOF
exit $1
}
# validate
if test $# -eq 0; then
if [ $# -eq 0 ]; then
usage 1 1>&2
fi
@ -30,9 +30,18 @@ if [ ! -f $p11conf ]; then
exit 1
fi
on="1"
# check if nsssysinit is currently enabled or disabled
sysinit_enabled()
{
grep -q '^library=libnsssysinit' ${p11conf}
}
umask 022
case "$1" in
on | ON )
if sysinit_enabled; then
exit 0
fi
cat ${p11conf} | \
sed -e 's/^library=$/library=libnsssysinit.so/' \
-e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
@ -40,7 +49,7 @@ case "$1" in
mv ${p11conf}.on ${p11conf}
;;
off | OFF )
if [ ! `grep "^library=libnsssysinit" ${p11conf}` ]; then
if ! sysinit_enabled; then
exit 0
fi
cat ${p11conf} | \
@ -49,6 +58,10 @@ case "$1" in
${p11conf}.off
mv ${p11conf}.off ${p11conf}
;;
status )
echo -n 'NSS sysinit is '
sysinit_enabled && echo 'enabled' || echo 'disabled'
;;
* )
usage 1 1>&2
;;