[nss/f13/master: 3/4] Improve on fixes for bugs #636787, #636792, and #636801
Elio Maldonado
emaldonado at fedoraproject.org
Wed Sep 29 22:53:50 UTC 2010
commit a3c32434c914c072d56d8ed7ab02cfbc7a3cbd6c
Author: Elio Maldonado <emaldona at redhat.com>
Date: Wed Sep 29 15:15:00 2010 -0700
Improve on fixes for bugs #636787, #636792, and #636801
Replace posttrans sysinit scriptlet with a triggerpostun one (#636787)
Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)
nss.spec | 23 +++++++++++++++++------
setup-nsssysinit.sh | 35 ++++++++++++++++++++++++-----------
2 files changed, 41 insertions(+), 17 deletions(-)
---
diff --git a/nss.spec b/nss.spec
index a9117c2..9bad215 100644
--- a/nss.spec
+++ b/nss.spec
@@ -6,7 +6,7 @@
Summary: Network Security Services
Name: nss
Version: 3.12.7
-Release: 6%{?dist}
+Release: 8%{?dist}
License: MPLv1.1 or GPLv2+ or LGPLv2+
URL: http://www.mozilla.org/projects/security/pki/nss/
Group: System Environment/Libraries
@@ -16,7 +16,7 @@ Requires: nss-softokn%{_isa} >= %{nss_softokn_version}
Requires: nss-system-init
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: nspr-devel >= %{nspr_version}
-BuildRequires: nss-softokn-devel >= %{nss_softokn_version}
+BuildRequires: nss-softokn-devel >= %{nss_softokn_version}
BuildRequires: nss-util-devel >= %{nss_util_version}
BuildRequires: sqlite-devel
BuildRequires: zlib-devel
@@ -100,6 +100,7 @@ Header and Library files for doing development with Network Security Services.
%package pkcs11-devel
Summary: Development libraries for PKCS #11 (Cryptoki) using NSS
Group: Development/Libraries
+Provides: nss-pkcs11-devel-static = %{version}-%{release}
Requires: nss-devel = %{version}-%{release}
%description pkcs11-devel
@@ -371,11 +372,11 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%postun -p /sbin/ldconfig
-%post sysinit
-%{_bindir}/setup-nsssysinit.sh on
+# Reverse unwanted disabling of sysinit by faulty preun sysinit scriplet
+# from previous versions of nss.spec
+%triggerpostun -n nss-sysinit -- nss-sysinit < 3.12.8-3
+/usr/bin/setup-nsssysinit.sh on
-%preun sysinit
-%{_bindir}/setup-nsssysinit.sh off
%files
%defattr(-,root,root)
@@ -489,6 +490,16 @@ rm -rf $RPM_BUILD_ROOT/%{_includedir}/nss3/nsslowhash.h
%{_libdir}/libnssckfw.a
%changelog
+* Wed Sep 29 2010 Elio Maldonado <emaldona at redhat.com> - 3.12.7-8
+- Replace posttrans sysinit scriptlet with a triggerpostun one (#636787)
+- Fix and cleanup the setup-nsssysinit.sh script (#636792, #636801)
+
+* Tue Sep 28 2010 Elio Maldonado <emaldona at redhat.com> - 3.12.7-7
+- Prevent of nss-sysinit disabling on package upgrade (#636787)
+- Create pkcs11.txt with correct permissions regardless of umask (#636792)
+- Setup-nsssysinit.sh reports whether nss-sysinit is turned on or off (#636801)
+- Add provides nss-pkcs11-devel-static to comply with packaging guidelines (#609612)
+
* Sun Sep 12 2010 Elio Maldonado <emaldona at redhat.com> - 3.12.7-6
- Remove {nss_util|nss_softokn}_build_version, BuildRequires must match Requires
diff --git a/setup-nsssysinit.sh b/setup-nsssysinit.sh
index 9c1727b..8e1f5f7 100755
--- a/setup-nsssysinit.sh
+++ b/setup-nsssysinit.sh
@@ -1,24 +1,24 @@
#!/bin/sh
#
# Turns on or off the nss-sysinit module db by editing the
-# global PKCS #11 congiguration file.
+# global PKCS #11 congiguration file. Displays the status.
#
# This script can be invoked by the user as super user.
-# It is invoked at nss-sysinit post install time with argument on
-# and at nss-sysinit pre uninstall with argument off.
+# It is invoked at nss-sysinit post install time with argument on.
#
usage()
{
cat <<EOF
Usage: setup-nsssysinit [on|off]
- on - turns on nsssysinit
- off - turns off nsssysinit
+ on - turns on nsssysinit
+ off - turns off nsssysinit
+ status - reports whether nsssysinit is turned on or off
EOF
exit $1
}
# validate
-if test $# -eq 0; then
+if [ $# -eq 0 ]; then
usage 1 1>&2
fi
@@ -30,17 +30,26 @@ if [ ! -f $p11conf ]; then
exit 1
fi
-on="1"
+# check if nsssysinit is currently enabled or disabled
+sysinit_enabled()
+{
+ grep -q '^library=libnsssysinit' ${p11conf}
+}
+
+umask 022
case "$1" in
on | ON )
+ if sysinit_enabled; then
+ exit 0
+ fi
cat ${p11conf} | \
- sed -e 's/^library=$/library=libnsssysinit.so/' \
- -e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
- ${p11conf}.on
+ sed -e 's/^library=$/library=libnsssysinit.so/' \
+ -e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \
+ ${p11conf}.on
mv ${p11conf}.on ${p11conf}
;;
off | OFF )
- if [ ! `grep "^library=libnsssysinit" ${p11conf}` ]; then
+ if ! sysinit_enabled; then
exit 0
fi
cat ${p11conf} | \
@@ -49,6 +58,10 @@ case "$1" in
${p11conf}.off
mv ${p11conf}.off ${p11conf}
;;
+ status )
+ echo -n 'NSS sysinit is '
+ sysinit_enabled && echo 'enabled' || echo 'disabled'
+ ;;
* )
usage 1 1>&2
;;
More information about the scm-commits
mailing list