]>
Commit | Line | Data |
---|---|---|
137c9981 MT |
1 | #!/bin/sh |
2 | # | |
3 | # Turns on or off the nss-sysinit module db by editing the | |
4 | # global PKCS #11 congiguration file. Displays the status. | |
5 | # | |
6 | # This script can be invoked by the user as super user. | |
7 | # It is invoked at nss-sysinit post install time with argument on. | |
8 | # | |
9 | usage() | |
10 | { | |
11 | cat <<EOF | |
12 | Usage: setup-nsssysinit [on|off] | |
13 | on - turns on nsssysinit | |
14 | off - turns off nsssysinit | |
15 | status - reports whether nsssysinit is turned on or off | |
16 | EOF | |
17 | exit $1 | |
18 | } | |
19 | ||
20 | # validate | |
21 | if [ $# -eq 0 ]; then | |
22 | usage 1 1>&2 | |
23 | fi | |
24 | ||
25 | # the system-wide configuration file | |
26 | p11conf="/etc/pki/nssdb/pkcs11.txt" | |
27 | # must exist, otherwise report it and exit with failure | |
28 | if [ ! -f $p11conf ]; then | |
29 | echo "Could not find ${p11conf}" | |
30 | exit 1 | |
31 | fi | |
32 | ||
33 | # check if nsssysinit is currently enabled or disabled | |
34 | sysinit_enabled() | |
35 | { | |
36 | grep -q '^library=libnsssysinit' ${p11conf} | |
37 | } | |
38 | ||
39 | umask 022 | |
40 | case "$1" in | |
41 | on | ON ) | |
42 | if sysinit_enabled; then | |
43 | exit 0 | |
44 | fi | |
45 | cat ${p11conf} | \ | |
46 | sed -e 's/^library=$/library=libnsssysinit.so/' \ | |
47 | -e '/^NSS/s/\(Flags=internal\)\(,[^m]\)/\1,moduleDBOnly\2/' > \ | |
48 | ${p11conf}.on | |
49 | mv ${p11conf}.on ${p11conf} | |
50 | ;; | |
51 | off | OFF ) | |
52 | if ! sysinit_enabled; then | |
53 | exit 0 | |
54 | fi | |
55 | cat ${p11conf} | \ | |
56 | sed -e 's/^library=libnsssysinit.so/library=/' \ | |
57 | -e '/^NSS/s/Flags=internal,moduleDBOnly/Flags=internal/' > \ | |
58 | ${p11conf}.off | |
59 | mv ${p11conf}.off ${p11conf} | |
60 | ;; | |
61 | status ) | |
62 | echo -n 'NSS sysinit is ' | |
63 | sysinit_enabled && echo 'enabled' || echo 'disabled' | |
64 | ;; | |
65 | * ) | |
66 | usage 1 1>&2 | |
67 | ;; | |
68 | esac |