The PKI directory is mutable state, so it should be in /var, not in /usr.
This commit changes its location and, on systems upgraded from earlier
versions, moves the existing PKI and leaves behind a symlink.
CC: 661...@bugs.debian.org
Reported-by: Andreas Beckmann <deb...@abeckmann.de>
Signed-off-by: Ben Pfaff <b...@nicira.com>
---
AUTHORS | 1 +
debian/openvswitch-controller.postinst | 10 +++++++++-
debian/openvswitch-pki.dirs | 1 +
debian/openvswitch-pki.postinst | 10 +++++++++-
m4/openvswitch.m4 | 6 +++---
5 files changed, 23 insertions(+), 5 deletions(-)
create mode 100644 debian/openvswitch-pki.dirs
diff --git a/AUTHORS b/AUTHORS
index 84908a9..6a83514 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -68,6 +68,7 @@ Alan Shieh ash...@nicira.com
Alban Browaeys pra...@yahoo.com
Alex Yip a...@nicira.com
Alexey I. Froloff ra...@altlinux.org
+Andreas Beckmann deb...@abeckmann.de
Ben Basler bbas...@nicira.com
Bob Ball bob.b...@citrix.com
Brad Hall b...@nicira.com
diff --git a/debian/openvswitch-controller.postinst
b/debian/openvswitch-controller.postinst
index 51acfb1..3073dc0 100755
--- a/debian/openvswitch-controller.postinst
+++ b/debian/openvswitch-controller.postinst
@@ -21,8 +21,16 @@ set -e
case "$1" in
configure)
cd /etc/openvswitch-controller
+
+ # If cacert.pem is a symlink to the old location for cacert.pem,
+ # remove it so that we can symlink it to the new location.
+ if test -h cacert.pem && \
+ test X"`readlink cacert.pem`" =
X/usr/share/openvswitch/pki/switchca/cacert.pem; then
+ rm -f cacert.pem
+ fi
+
if ! test -e cacert.pem; then
- ln -s /usr/share/openvswitch/pki/switchca/cacert.pem cacert.pem
+ ln -s /var/lib/openvswitch/pki/switchca/cacert.pem cacert.pem
fi
if ! test -e privkey.pem || ! test -e cert.pem; then
oldumask=$(umask)
diff --git a/debian/openvswitch-pki.dirs b/debian/openvswitch-pki.dirs
new file mode 100644
index 0000000..84f7b37
--- /dev/null
+++ b/debian/openvswitch-pki.dirs
@@ -0,0 +1 @@
+/var/lib/openvswitch
diff --git a/debian/openvswitch-pki.postinst b/debian/openvswitch-pki.postinst
index ab25795..40fff04 100755
--- a/debian/openvswitch-pki.postinst
+++ b/debian/openvswitch-pki.postinst
@@ -19,8 +19,16 @@ set -e
case "$1" in
configure)
+ # Move the pki directory from its previous, non FHS-compliant location,
+ # to its new location, leaving behind a symlink for compatibility.
+ if test -d /usr/share/openvswitch/pki && \
+ test ! -e /var/lib/openvswitch/pki; then
+ mv /usr/share/openvswitch/pki /var/lib/openvswitch
+ ln -s /usr/share/openvswitch/pki /var/lib/openvswitch
+ fi
+
# Create certificate authorities.
- if test ! -d /usr/share/openvswitch/pki; then
+ if test ! -e /var/lib/openvswitch/pki; then
ovs-pki init
fi
;;
diff --git a/m4/openvswitch.m4 b/m4/openvswitch.m4
index c59d5d4..9b2a5ba 100644
--- a/m4/openvswitch.m4
+++ b/m4/openvswitch.m4
@@ -1,6 +1,6 @@
# -*- autoconf -*-
-# Copyright (c) 2008, 2009, 2010, 2011 Nicira Networks.
+# Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira Networks.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -106,9 +106,9 @@ AC_DEFUN([OVS_CHECK_PKIDIR],
[AC_ARG_WITH(
[pkidir],
AC_HELP_STRING([--with-pkidir=DIR],
- [PKI hierarchy directory [[DATADIR/openvswitch/pki]]]),
+ [PKI hierarchy directory
[[LOCALSTATEDIR/lib/openvswitch/pki]]]),
[PKIDIR=$withval],
- [PKIDIR='${pkgdatadir}/pki'])
+ [PKIDIR='${localstatedir}/lib/openvswitch/pki'])
AC_SUBST([PKIDIR])])
dnl Checks for the directory in which to store pidfiles.
--
1.7.2.5
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
