diff options
| author | Ben Pfaff <blp@nicira.com> | 2012-03-01 16:38:27 -0800 |
|---|---|---|
| committer | Ben Pfaff <blp@nicira.com> | 2012-03-21 10:04:50 -0700 |
| commit | cef59043368836f9371cb745fc757955b4b8915f (patch) | |
| tree | dea8769eb504adb2443d9fa423996a7e0b1c906f /debian | |
| parent | 69ccab125a23c9d1d1ee523cedf7df9dca1dd700 (diff) | |
debian: Move PKI directory to FHS-compliant location.
The PKI directory is mutable state, so it should be in /var, not in /usr.
This commit changes its location and, on systems upgraded from earlier
versions, moves the existing PKI and leaves behind a symlink.
CC: 661090@bugs.debian.org
Reported-by: Andreas Beckmann <debian@abeckmann.de>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/automake.mk | 1 | ||||
| -rwxr-xr-x | debian/openvswitch-controller.postinst | 10 | ||||
| -rw-r--r-- | debian/openvswitch-pki.dirs | 1 | ||||
| -rwxr-xr-x | debian/openvswitch-pki.postinst | 10 | ||||
| -rwxr-xr-x | debian/openvswitch-pki.postrm | 5 |
5 files changed, 25 insertions, 2 deletions
diff --git a/debian/automake.mk b/debian/automake.mk index e18d47a2..4425750d 100644 --- a/debian/automake.mk +++ b/debian/automake.mk @@ -31,6 +31,7 @@ EXTRA_DIST += \ debian/openvswitch-ipsec.dirs \ debian/openvswitch-ipsec.init \ debian/openvswitch-ipsec.install \ + debian/openvswitch-pki.dirs \ debian/openvswitch-pki.postinst \ debian/openvswitch-pki.postrm \ debian/openvswitch-switch.README.Debian \ diff --git a/debian/openvswitch-controller.postinst b/debian/openvswitch-controller.postinst index 51acfb1a..3073dc04 100755 --- a/debian/openvswitch-controller.postinst +++ b/debian/openvswitch-controller.postinst @@ -21,8 +21,16 @@ set -e case "$1" in configure) cd /etc/openvswitch-controller + + # If cacert.pem is a symlink to the old location for cacert.pem, + # remove it so that we can symlink it to the new location. + if test -h cacert.pem && \ + test X"`readlink cacert.pem`" = X/usr/share/openvswitch/pki/switchca/cacert.pem; then + rm -f cacert.pem + fi + if ! test -e cacert.pem; then - ln -s /usr/share/openvswitch/pki/switchca/cacert.pem cacert.pem + ln -s /var/lib/openvswitch/pki/switchca/cacert.pem cacert.pem fi if ! test -e privkey.pem || ! test -e cert.pem; then oldumask=$(umask) diff --git a/debian/openvswitch-pki.dirs b/debian/openvswitch-pki.dirs new file mode 100644 index 00000000..84f7b370 --- /dev/null +++ b/debian/openvswitch-pki.dirs @@ -0,0 +1 @@ +/var/lib/openvswitch diff --git a/debian/openvswitch-pki.postinst b/debian/openvswitch-pki.postinst index ab25795f..f4705e94 100755 --- a/debian/openvswitch-pki.postinst +++ b/debian/openvswitch-pki.postinst @@ -19,8 +19,16 @@ set -e case "$1" in configure) + # Move the pki directory from its previous, non FHS-compliant location, + # to its new location, leaving behind a symlink for compatibility. + if test -d /usr/share/openvswitch/pki && \ + test ! -e /var/lib/openvswitch/pki; then + mv /usr/share/openvswitch/pki /var/lib/openvswitch + ln -s /var/lib/openvswitch/pki /usr/share/openvswitch/pki + fi + # Create certificate authorities. - if test ! -d /usr/share/openvswitch/pki; then + if test ! -e /var/lib/openvswitch/pki; then ovs-pki init fi ;; diff --git a/debian/openvswitch-pki.postrm b/debian/openvswitch-pki.postrm index 5db4d6be..bc91e13d 100755 --- a/debian/openvswitch-pki.postrm +++ b/debian/openvswitch-pki.postrm @@ -22,6 +22,11 @@ set -e case "$1" in purge) rm -f /var/log/openvswitch/ovs-pki.log* || true + + # Remove backward compatibility symlink, if present. + if test -h /usr/share/openvswitch/pki; then + rm -f /usr/share/openvswitch/pki + fi ;; remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) |