# Copyright 1999-2014 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 # $Header: $ EAPI="2" PYTHON_DEPEND="2" SUPPORT_PYTHON_ABIS="1" RESTRICT_PYTHON_ABIS="3.*" RPM_VER="1.1" OPSI="opsi40" SUSE="openSUSE_13.1" inherit distutils eutils rpm DESCRIPTION="opsi configuration service" HOMEPAGE="http://opsi.org" LICENSE="GPL-2" SRC_URI="http://download.opensuse.org/repositories/home:/uibmz:/opsi:/${OPSI}/${SUSE}/src/${P}-${RPM_VER}.src.rpm" IUSE="" KEYWORDS="~amd64 ~arm ~x86" # doing so because tools, python packages... overlap SLOT="0" RDEPEND="dev-python/python-opsi dev-python/twisted-web dev-python/dbus-python sys-process/psmisc net-analyzer/rrdtool[python] dev-libs/openssl sys-process/procps net-dns/avahi[python]" DEPEND="${RDEPEND} dev-python/setuptools" src_install() { distutils_src_install keepdir /var/log/opsi/opsiconfd keepdir /var/lib/opsiconfd/rrd keepdir /var/lib/opsi/config/depots newinitd "${FILESDIR}"/opsiconfd.initd opsiconfd newconfd "${FILESDIR}"/opsiconfd.confd opsiconfd } pkg_postinst() { distutils_pkg_postinst fileadmingroup=$(grep "fileadmingroup" /etc/opsi/opsi.conf | cut -d "=" -f 2 | sed 's/\s*//g') if [ -z "$fileadmingroup" ]; then fileadmingroup=pcpatch fi if [ $fileadmingroup != pcpatch -a -z "$(getent group $fileadmingroup)" ]; then groupmod -n $fileadmingroup pcpatch else if [ -z "$(getent group $fileadmingroup)" ]; then groupadd $fileadmingroup fi fi if [ -z "`getent passwd opsiconfd`" ]; then useradd -r -G pcpatch -d /var/lib/opsi -s /bin/bash opsiconfd fi if [ -z "`getent group opsiadmin`" ]; then groupadd opsiadmin fi groupmod -A opsiconfd shadow 1>/dev/null 2>/dev/null || true groupmod -A opsiconfd uucp 1>/dev/null 2>/dev/null || true groupmod -A opsiconfd opsiadmin 1>/dev/null 2>/dev/null || true if [ ! -e "/etc/opsi/opsiconfd.pem" ]; then umask 077 cert_country="DE" cert_state="RP" cert_locality="Mainz" cert_organization="uib GmbH" cert_commonname=`hostname -f` cert_email="root@$cert_commonname" echo "RANDFILE = /tmp/opsiconfd.rand" > /tmp/opsiconfd.cnf echo "" >> /tmp/opsiconfd.cnf echo "[ req ]" >> /tmp/opsiconfd.cnf echo "default_bits = 1024" >> /tmp/opsiconfd.cnf echo "encrypt_key = yes" >> /tmp/opsiconfd.cnf echo "distinguished_name = req_dn" >> /tmp/opsiconfd.cnf echo "x509_extensions = cert_type" >> /tmp/opsiconfd.cnf echo "prompt = no" >> /tmp/opsiconfd.cnf echo "" >> /tmp/opsiconfd.cnf echo "[ req_dn ]" >> /tmp/opsiconfd.cnf echo "C=$cert_country" >> /tmp/opsiconfd.cnf echo "ST=$cert_state" >> /tmp/opsiconfd.cnf echo "L=$cert_locality" >> /tmp/opsiconfd.cnf echo "O=$cert_organization" >> /tmp/opsiconfd.cnf #echo "OU=$cert_unit" >> /tmp/opsiconfd.cnf echo "CN=$cert_commonname" >> /tmp/opsiconfd.cnf echo "emailAddress=$cert_email" >> /tmp/opsiconfd.cnf echo "" >> /tmp/opsiconfd.cnf echo "[ cert_type ]" >> /tmp/opsiconfd.cnf echo "nsCertType = server" >> /tmp/opsiconfd.cnf dd if=/dev/urandom of=/tmp/opsiconfd.rand count=1 2>/dev/null openssl req -new -x509 -days 1000 -nodes \ -config /tmp/opsiconfd.cnf -out /etc/opsi/opsiconfd.pem -keyout /etc/opsi/opsiconfd.pem openssl gendh -rand /tmp/opsiconfd.rand 512 >>/etc/opsi/opsiconfd.pem openssl x509 -subject -dates -fingerprint -noout -in /etc/opsi/opsiconfd.pem rm -f /tmp/opsiconfd.rand /tmp/opsiconfd.cnf fi chmod 600 /etc/opsi/opsiconfd.pem chown opsiconfd:opsiadmin /etc/opsi/opsiconfd.pem || true chmod 750 /var/log/opsi/opsiconfd chown -R opsiconfd:$fileadmingroup /var/log/opsi/opsiconfd }