The PKI directory is mutable state, so it should be in /var, not in /usr.
This commit changes its location and, on systems upgraded from earlier
versions, moves the existing PKI and leaves behind a symlink.
CC: 661090@bugs.debian.org
Reported-by: Andreas Beckmann <debian@abeckmann.de>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Alban Browaeys prahal@yahoo.com
Alex Yip alex@nicira.com
Alexey I. Froloff raorn@altlinux.org
+Andreas Beckmann debian@abeckmann.de
Ben Basler bbasler@nicira.com
Bob Ball bob.ball@citrix.com
Brad Hall brad@nicira.com
debian/openvswitch-ipsec.dirs \
debian/openvswitch-ipsec.init \
debian/openvswitch-ipsec.install \
+ debian/openvswitch-pki.dirs \
debian/openvswitch-pki.postinst \
debian/openvswitch-pki.postrm \
debian/openvswitch-switch.README.Debian \
case "$1" in
configure)
cd /etc/openvswitch-controller
+
+ # If cacert.pem is a symlink to the old location for cacert.pem,
+ # remove it so that we can symlink it to the new location.
+ if test -h cacert.pem && \
+ test X"`readlink cacert.pem`" = X/usr/share/openvswitch/pki/switchca/cacert.pem; then
+ rm -f cacert.pem
+ fi
+
if ! test -e cacert.pem; then
- ln -s /usr/share/openvswitch/pki/switchca/cacert.pem cacert.pem
+ ln -s /var/lib/openvswitch/pki/switchca/cacert.pem cacert.pem
fi
if ! test -e privkey.pem || ! test -e cert.pem; then
oldumask=$(umask)
--- /dev/null
+/var/lib/openvswitch
case "$1" in
configure)
+ # Move the pki directory from its previous, non FHS-compliant location,
+ # to its new location, leaving behind a symlink for compatibility.
+ if test -d /usr/share/openvswitch/pki && \
+ test ! -e /var/lib/openvswitch/pki; then
+ mv /usr/share/openvswitch/pki /var/lib/openvswitch
+ ln -s /var/lib/openvswitch/pki /usr/share/openvswitch/pki
+ fi
+
# Create certificate authorities.
- if test ! -d /usr/share/openvswitch/pki; then
+ if test ! -e /var/lib/openvswitch/pki; then
ovs-pki init
fi
;;
case "$1" in
purge)
rm -f /var/log/openvswitch/ovs-pki.log* || true
+
+ # Remove backward compatibility symlink, if present.
+ if test -h /usr/share/openvswitch/pki; then
+ rm -f /usr/share/openvswitch/pki
+ fi
;;
remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
# -*- autoconf -*-
-# Copyright (c) 2008, 2009, 2010, 2011 Nicira Networks.
+# Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira Networks.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
[AC_ARG_WITH(
[pkidir],
AC_HELP_STRING([--with-pkidir=DIR],
- [PKI hierarchy directory [[DATADIR/openvswitch/pki]]]),
+ [PKI hierarchy directory [[LOCALSTATEDIR/lib/openvswitch/pki]]]),
[PKIDIR=$withval],
- [PKIDIR='${pkgdatadir}/pki'])
+ [PKIDIR='${localstatedir}/lib/openvswitch/pki'])
AC_SUBST([PKIDIR])])
dnl Checks for the directory in which to store pidfiles.
projects / openvswitch / commitdiff