From: Martin Kletzander <mkletzan@redhat.com>
Date: Thu, 31 May 2012 09:00:06 +0000 (+0200)
Subject: tools: make virt-pki-validate work with acls and xattrs
X-Git-Tag: v0.9.13-rc1~161
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d4fb6694a4b7d5c613136e3bfc1bbf8d6b98ec74;p=thirdparty%2Flibvirt.git

tools: make virt-pki-validate work with acls and xattrs

This patch makes virt-pki-validate work with certificates that have
acl or xattr set. Otherwise it failing due to wrong permissions.
---

diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in
index 01825d1561..41647584cf 100755
--- a/tools/virt-pki-validate.in
+++ b/tools/virt-pki-validate.in
@@ -170,7 +170,8 @@ then
         else
             echo Found client private key $LIBVIRTP/clientkey.pem
             OWN=`ls -l "$LIBVIRTP/clientkey.pem" | awk '{ print $3 }'`
-            MOD=`ls -l "$LIBVIRTP/clientkey.pem" | awk '{ print $1 }'`
+            # The substr($1, 1, 10) gets rid of acl and xattr markers
+            MOD=`ls -l "$LIBVIRTP/clientkey.pem" | awk '{ print substr($1, 1, 10) }'`
             if [ "$OWN" != "root" ]
             then
                 echo The client private key should be owned by root
@@ -222,7 +223,8 @@ then
         else
             echo Found server private key $LIBVIRTP/serverkey.pem
             OWN=`ls -l "$LIBVIRTP/serverkey.pem" | awk '{ print $3 }'`
-            MOD=`ls -l "$LIBVIRTP/serverkey.pem" | awk '{ print $1 }'`
+            # The substr($1, 1, 10) gets rid of acl and xattr markers
+            MOD=`ls -l "$LIBVIRTP/serverkey.pem" | awk '{ print substr($1, 1, 10) }'`
             if [ "$OWN" != "root" ]
             then
                 echo The server private key should be owned by root