Attachment #5791 for bug #34106

View | Details | Raw Unified | Return to bug 34106
Collapse All | Expand All

(-)a/branches/ucs-3.2/ucs-3.2-0/base/univention-system-setup/umc/python/setup/util.py (-1 / +7 lines)

Lines 358-365 def run_scripts( progressParser, restartServer = False ):	Link Here

358

	subprocess.call( CMD_DISABLE_EXEC, stdout = f, stderr = f )

358

	subprocess.call( CMD_DISABLE_EXEC, stdout = f, stderr = f )

359

360

	for scriptpath in sorted_files_in_subdirs( PATH_SETUP_SCRIPTS ):

360

	for scriptpath in sorted_files_in_subdirs( PATH_SETUP_SCRIPTS ):

361

		try:

361

			# launch script

362

			# launch script

362

			MODULE.info('Running script %s\n' % scriptpath)

363

			MODULE.info('Running script %s\n' % scriptpath)

364

			f.write('Running script %s\n' % (scriptpath,))

363

			p = subprocess.Popen( scriptpath, stdout = subprocess.PIPE, stderr = subprocess.STDOUT )

365

			p = subprocess.Popen( scriptpath, stdout = subprocess.PIPE, stderr = subprocess.STDOUT )

364

			while True:

366

			while True:

365

				line = p.stdout.readline()

367

				line = p.stdout.readline()

Lines 367-373 def run_scripts( progressParser, restartServer = False ):	Link Here

367

					break

369

					break

368

				progressParser.parse( line )

370

				progressParser.parse( line )

369

				f.write( line )

371

				f.write( line )

370

			p.wait()

372

			rv = p.wait()

373

			f.write('Finished script %s: %d\n' % (scriptpath, rv))

374

		except Exception as ex:

375

			f.write('Exception script %s: %s\n' % (scriptpath, ex))

376

			raise

371

377

372

	# enable execution of servers again

378

	# enable execution of servers again

373

	subprocess.call(CMD_ENABLE_EXEC, stdout=f, stderr=f)

379

	subprocess.call(CMD_ENABLE_EXEC, stdout=f, stderr=f)




# /usr/share/common-licenses/AGPL-3; if not, see
# <http://www.gnu.org/licenses/>.

recreate=false

while [ "$#" -gt 0 ]; do
	case "$1" in
		--force-recreate)
			recreate=true
			shift 1
			;;
		*)

	new="new_ssl_$var"

	if [ -n "${!new}" -a "${!old}" != "${!new}" ]; then
		recreate=true
		break
	fi
done

if "$recreate"
then
	# remove old backup
	if [ -d /etc/univention/ssl.orig ]; then
		rm -rf /etc/univention/ssl.orig


	# set UCR variables
	for var in "common" "locality" "organization" "country" "state" "organizationalunit" "email"; do
		old="ssl_$var"
		new="new_ssl_$var"
		if [ -n "${!new}" ]; then
			echo "ssl/$var=${!new}"
		fi
	done | xargs -r -d'\n' univention-config-registry set

	# create new CA und certificates
	. /usr/share/univention-ssl/make-certificates.sh
	init
	(
		cd /etc/univention/ssl.orig
		for fqdn in *.*
		do
			# just check directories for certificates
			[ -d "$fqdn" ] || continue
				continue
			fi
			# ignore ucsCA and directory not containing a dot
			if [ "$fqdn" = "ucsCA" ] || ! echo "$fqdn" | grep '\.' &>/dev/null; then
				continue
			fi
			# if there is no certificate, ignore it
			[ -e "$fqdn/cert.pem" ] || continue
			univention-certificate new -name "$fqdn"
			if [ "$fqdn" -ne "${fqdn%.$domainname}" ]
			then
				ln -sf "$fqdn" "/etc/univention/ssl/${fqdn%%.*}"
			fi
			# get the hostname
			host=$(echo $fqdn | sed 's/\([^.]*\)\..*/\1/')
			univention-certificate new -name $fqdn
			ln -sf /etc/univention/ssl/$host.$domainname /etc/univention/ssl/$host
		done
	)


	for file in cert.pem private.key; do
		if [ -e "/var/lib/cyrus/$file" ]
		then
			install -o cyrus -m 600 "/etc/univention/ssl/$hostname.$domainname/$file" "/var/lib/cyrus/$file"
			chown cyrus /var/lib/cyrus/$file
			chmod 600 /var/lib/cyrus/$file
		fi
	done

	# restart services
	for service in slapd apache2 cyrus postfix; do
		invoke-rc.d --quiet "$service" restart
	done
fi


(-)a/branches/ucs-3.2/ucs-3.2-0/base/univention-server/debian/univention-server-master.preinst (-1 / +1 lines)

Lines 47-53 if [ -n "$hostname" -a -n "$domainname" ]; then	Link Here

	if ! test -e /etc/univention/ssl/$hostname/cert.pem; then

	if ! test -e /etc/univention/ssl/$hostname/cert.pem; then

		. /usr/share/univention-ssl/make-certificates.sh

		. /usr/share/univention-ssl/make-certificates.sh

		gencert "$hostname.$domainname" "$hostname.$domainname"

		gencert "$hostname.$domainname" "$hostname.$domainname"

		ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

		ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

fi

fi

fi

fi

(-)a/branches/ucs-3.2/ucs-3.2-0/base/univention-ssl/debian/univention-ssl.postinst (-2 / +2 lines)

Lines 77-83 if [ "$server_role" = "domaincontroller_master" ] \|\| [ -z "$server_role" ] \|\| [	Link Here

		. /usr/share/univention-ssl/make-certificates.sh

		. /usr/share/univention-ssl/make-certificates.sh

		init

		init

		univention-certificate new -name "$hostname.$domainname"

		univention-certificate new -name "$hostname.$domainname"

		ln -sf "/etc/univention/ssl/$hostname.$domainname" "/etc/univention/ssl/$hostname"

		ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

	else

	else

		echo "skipped. SSL Certificate found in $CERTPATH"

		echo "skipped. SSL Certificate found in $CERTPATH"

fi

fi

Lines 91-97 if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 1.3; then	Link Here

fi

fi

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

	ln -sf "/etc/univention/ssl/$hostname.$domainname" "/etc/univention/ssl/$hostname"

	ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

fi

fi

# update to 3.1

# update to 3.1





		if [ -d /etc/cups/ssl ]; then
			rm -f /etc/cups/ssl/server.crt
			ln -s "/etc/univention/ssl/$new_hostname.$domainname/cert.pem" /etc/cups/ssl/server.crt
			rm -f /etc/cups/ssl/server.key
			ln -s "/etc/univention/ssl/$new_hostname.$domainname/private.key" /etc/cups/ssl/server.key
		fi
	fi


	echo `date` : "Create new host certificate"  >> /var/log/univention/setup.log

	rm -f /etc/univention/ssl/$new_hostname
	ln -sf "$new_hostname.$domainname" /etc/univention/ssl/$new_hostname


	if [ -d "/var/lib/cyrus/" ]; then

(-)a/branches/ucs-3.2/ucs-3.2-0/base/univention-system-setup/usr/lib/univention-system-setup/scripts/10_basis/12domainname (-2 / +2 lines)

Lines 207-213 if [ "$server_role" = "domaincontroller_master" ]; then # create the new certif	Link Here

207

	rm -rf /etc/univention/ssl/univention-directory-manager.$old_domainname

207

	rm -rf /etc/univention/ssl/univention-directory-manager.$old_domainname

208

	univention-certificate new -name "univention-directory-manager.$new_domainname"

208

	univention-certificate new -name "univention-directory-manager.$new_domainname"

209

	rm -f /etc/univention/ssl/univention-directory-manager

209

	rm -f /etc/univention/ssl/univention-directory-manager

210

	ln -sf /etc/univention/ssl/univention-directory-manager.$new_domainname /etc/univention/ssl/univention-directory-manager

210

	ln -sf "univention-directory-manager.$new_domainname" /etc/univention/ssl/univention-directory-manager

211

elif [ "$server_role" != "basesystem" ]; then # download certificate from master

211

elif [ "$server_role" != "basesystem" ]; then # download certificate from master

212

	if [ -x "/usr/sbin/univention-scp" ]; then

212

	if [ -x "/usr/sbin/univention-scp" ]; then

213

		echo `date` : "Download host certificate"  >> /var/log/univention/setup.log

213

		echo `date` : "Download host certificate"  >> /var/log/univention/setup.log

Lines 232-238 fi	Link Here

232

233

if [ "$server_role" != "basesystem" ]; then

233

if [ "$server_role" != "basesystem" ]; then

234

	rm -f /etc/univention/ssl/$hostname

234

	rm -f /etc/univention/ssl/$hostname

235

	ln -sf /etc/univention/ssl/$hostname.$new_domainname /etc/univention/ssl/$hostname

235

	ln -sf "$hostname.$new_domainname" "/etc/univention/ssl/$hostname"

236

237

	if [ -d "/etc/univention/ssl/$hostname.$new_domainname" ]; then

237

	if [ -d "/etc/univention/ssl/$hostname.$new_domainname" ]; then

238

		echo `date` : "Include new host certificate for Cyrus"  >> /var/log/univention/setup.log

238

		echo `date` : "Include new host certificate for Cyrus"  >> /var/log/univention/setup.log

(-)a/branches/ucs-3.2/ucs-3.2-0/base/univention-system-setup/usr/lib/univention-system-setup/scripts/setup-join.sh (-1 / +1 lines)

Lines 151-157 if [ "$server_role" = "domaincontroller_master" ]; then	Link Here

151

fi

151

fi

152

153

univention-certificate new -name "$hostname.$domainname"

153

univention-certificate new -name "$hostname.$domainname"

154

ln -sf "/etc/univention/ssl/$hostname.$domainname" "/etc/univention/ssl/$hostname"

154

ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

155

156

run-parts /usr/lib/univention-system-setup/scripts/45_modules/

156

run-parts /usr/lib/univention-system-setup/scripts/45_modules/

157




		# Bug #13549
		rdate time.fu-berlin.de || rdate 130.133.1.10 || true

		. /usr/share/univention-ssl/make-certificates.sh
		init
		univention-certificate new -name $hostname.$domainname
		ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"
	else
		echo "skipped. SSL Certificate found in $CERTPATH "
	fi
fi


fi

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then
	ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"
fi

if [ "$1" = "$configure" -a -z "$2" ]; then

(-)a/branches/ucs-3.2/ucs-3.2-0/packaging/ucslint/testframework/0011-2-3-4-5-6-7-8/debian/postinst (-2 / +2 lines)

Lines 78-84 if [ "$server_role" = "domaincontroller_master" ] \|\| [ -z "$server_role" ] \|\| [	Link Here

		. /usr/share/univention-ssl/make-certificates.sh;

		. /usr/share/univention-ssl/make-certificates.sh;

		init;

		init;

		univention-certificate new -name $hostname.$domainname

		univention-certificate new -name $hostname.$domainname

		ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

		ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

	else

	else

		echo "skipped. SSL Certificate found in $CERTPATH ";

		echo "skipped. SSL Certificate found in $CERTPATH ";

fi

fi

Lines 92-98 if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 1.3; then	Link Here

fi

fi

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

	ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

	ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

fi

fi

if [ "$1" = "$configure" -a -z "$2" ]; then

if [ "$1" = "$configure" -a -z "$2" ]; then

(-)a/branches/ucs-3.2/ucs-3.2-0/packaging/ucslint/testframework/0013-2/debian/postinst (-2 / +2 lines)

Lines 78-84 if [ "$server_role" = "domaincontroller_master" ] \|\| [ -z "$server_role" ] \|\| [	Link Here

		. /usr/share/univention-ssl/make-certificates.sh;

		. /usr/share/univention-ssl/make-certificates.sh;

		init;

		init;

		univention-certificate new -name $hostname.$domainname

		univention-certificate new -name $hostname.$domainname

		ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

		ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

	else

	else

		echo "skipped. SSL Certificate found in $CERTPATH ";

		echo "skipped. SSL Certificate found in $CERTPATH ";

fi

fi

Lines 92-98 if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 1.3; then	Link Here

fi

fi

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

	ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

	ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

fi

fi

if [ "$1" = "$configure" -a -z "$2" ]; then

if [ "$1" = "$configure" -a -z "$2" ]; then

(-)a/branches/ucs-3.2/ucs-3.2-0/packaging/ucslint/testframework/0015-2/debian/postinst (-2 / +2 lines)

Lines 78-84 if [ "$server_role" = "domaincontroller_master" ] \|\| [ -z "$server_role" ] \|\| [	Link Here

		. /usr/share/univention-ssl/make-certificates.sh;

		. /usr/share/univention-ssl/make-certificates.sh;

		init;

		init;

		univention-certificate new -name $hostname.$domainname

		univention-certificate new -name $hostname.$domainname

		ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

		ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

	else

	else

		echo "skipped. SSL Certificate found in $CERTPATH ";

		echo "skipped. SSL Certificate found in $CERTPATH ";

fi

fi

Lines 92-98 if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 1.3; then	Link Here

fi

fi

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

if [ "$1" = configure -a -n "$2" ] && dpkg --compare-versions "$2" lt 3.0.3-1; then

	ln -sf /etc/univention/ssl/$hostname.$domainname /etc/univention/ssl/$hostname

	ln -sf "$hostname.$domainname" "/etc/univention/ssl/$hostname"

fi

fi

if [ "$1" = "$configure" -a -z "$2" ]; then

if [ "$1" = "$configure" -a -z "$2" ]; then

Return to bug 34106