tools: make virt-pki-validate work with acls and xattrs

This patch makes virt-pki-validate work with certificates that have
acl or xattr set. Otherwise it failing due to wrong permissions.

diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
index 01825d1561858e1d2db586c84eca73a68dcb8f20..41647584cf4c6923a728856202957192d4221ad9 100755 (executable)
--- a/tools/virt-pki-validate.in
+++ b/tools/virt-pki-validate.in
@@ -170,7 +170,8 @@ then
         else
             echo Found client private key $LIBVIRTP/clientkey.pem
             OWN=`ls -l "$LIBVIRTP/clientkey.pem" | awk '{ print $3 }'`
-            MOD=`ls -l "$LIBVIRTP/clientkey.pem" | awk '{ print $1 }'`
+            # The substr($1, 1, 10) gets rid of acl and xattr markers
+            MOD=`ls -l "$LIBVIRTP/clientkey.pem" | awk '{ print substr($1, 1, 10) }'`
             if [ "$OWN" != "root" ]
             then
                 echo The client private key should be owned by root
@@ -222,7 +223,8 @@ then
         else
             echo Found server private key $LIBVIRTP/serverkey.pem
             OWN=`ls -l "$LIBVIRTP/serverkey.pem" | awk '{ print $3 }'`
-            MOD=`ls -l "$LIBVIRTP/serverkey.pem" | awk '{ print $1 }'`
+            # The substr($1, 1, 10) gets rid of acl and xattr markers
+            MOD=`ls -l "$LIBVIRTP/serverkey.pem" | awk '{ print substr($1, 1, 10) }'`
             if [ "$OWN" != "root" ]
             then
                 echo The server private key should be owned by root