[openvas-manager] fixed reporting of the missing certificates in the startscript
rebus
rebus at fedoraproject.org
Tue Jan 24 07:53:01 UTC 2012
commit 92315a6f1d3c8d94b5d7df50fbb225d00b059031
Author: Michal Ambroz <rebus at seznam.cz>
Date: Tue Jan 24 08:52:28 2012 +0100
fixed reporting of the missing certificates in the startscript
openvas-manager.initd | 41 ++++++++++++++++++++++++++++++++++++++---
openvas-manager.spec | 5 ++++-
2 files changed, 42 insertions(+), 4 deletions(-)
---
diff --git a/openvas-manager.initd b/openvas-manager.initd
index 9ac179f..ceeb305 100644
--- a/openvas-manager.initd
+++ b/openvas-manager.initd
@@ -27,6 +27,13 @@ progname="openvas-manager"
config=/etc/openvas/openvasmd_log.conf
lockfile=/var/lock/subsys/openvas-manager
+#Values hardcoded in openvasmd
+CACERT="/etc/pki/openvas/CA/cacert.pem"
+KEYFILE="/etc/pki/openvas/private/CA/serverkey.pem"
+CERTFILE="/etc/pki/openvas/CA/servercert.pem"
+CLCERT="/etc/pki/openvas/CA/clientcert.pem"
+CLKEY="/etc/pki/openvas/private/CA/clientkey.pem"
+
[ -e /etc/sysconfig/$progname ] && . /etc/sysconfig/$progname
@@ -54,16 +61,44 @@ start() {
esac
- if [ ! -f /etc/pki/openvas/private/CA/clientkey.pem ]; then
- logger --tag "$progname" "Missing client certificate to connect openvas-administrator to openvas-manager."
+
+ if [ ! -f "$CACERT" ]; then
+ logger --tag "$progname" "CA Certificate $CACERT specified in the configuration file not found."
+ logger --tag "$progname" "Try running: openvas-mkcert"
+ exit 1
+ fi
+
+ if [ ! -f "$KEYFILE" ]; then
+ logger --tag "$progname" "Private key $KEYFILE specified in the configuration file not found."
+ logger --tag "$progname" "Try running: openvas-mkcert"
+ exit 1
+ fi
+
+ if [ ! -f "$CERTFILE" ]; then
+ logger --tag "$progname" "Public Certificate $CERTFILE specified in the configuration file not found."
+ logger --tag "$progname" "Try running: openvas-mkcert"
+ exit 1
+ fi
+
+
+ if [ ! -f "$CLCERT" ]; then
+ logger --tag "$progname" "Missing client certificate $CLCERT to connect openvas-manager to openvas-scanner."
logger --tag "$progname" "Try running: openvas-mkcert-client -n om -i"
exit 1
fi
+ if [ ! -f "$CLKEY" ]; then
+ logger --tag "$progname" "Missing client private key $CLKEY to connect openvas-manager to openvas-scanner."
+ logger --tag "$progname" "Try running: openvas-mkcert-client -n om -i"
+ exit 1
+ fi
+
+
+
if [ ! -f /var/lib/openvas/mgr/tasks.db ]; then
logger --tag "$progname" "Missing local NVT cache database."
logger --tag "$progname" "Try running: openvasmd --rebuild"
- exit 2
+ exit 1
fi
echo "Starting $progname:"
diff --git a/openvas-manager.spec b/openvas-manager.spec
index 2cb82e3..d6e08ef 100644
--- a/openvas-manager.spec
+++ b/openvas-manager.spec
@@ -1,7 +1,7 @@
Name: openvas-manager
Summary: Manager Module for the Open Vulnerability Assessment System (OpenVAS)
Version: 2.0.4
-Release: 1%{?dist}
+Release: 2%{?dist}
URL: http://www.openvas.org
License: GPLv2+
Group: System Environment/Libraries
@@ -135,6 +135,9 @@ fi
%ghost %{_var}/log/openvas/openvasmd.log
%changelog
+* Mon Jan 23 2012 Michal Ambroz <rebus at, seznam.cz> - 2.0.4-2
+- fix checking for the existence of the certificates in initscript
+
* Mon Jan 09 2012 Michal Ambroz <rebus at, seznam.cz> - 2.0.4-1
- new upstream version 2.0.4
More information about the scm-commits
mailing list