diff options
| author | Kyungwook Tak <k.tak@samsung.com> | 2016-09-06 17:25:50 +0900 |
|---|---|---|
| committer | Kyungwook Tak <k.tak@samsung.com> | 2016-09-07 10:49:32 +0900 |
| commit | 26bece5034fef1a8fa827945fd882472cc0965cb (patch) | |
| tree | fe54a3459e8b4a00cc356bdc9b8cac04555a4eb6 /data | |
| parent | 21bd724b7992b260249da0929cf45efb754d1ba8 (diff) | |
| download | key-manager-26bece5034fef1a8fa827945fd882472cc0965cb.tar.gz key-manager-26bece5034fef1a8fa827945fd882472cc0965cb.tar.bz2 key-manager-26bece5034fef1a8fa827945fd882472cc0965cb.zip | |
Add migrate script for removed cert-svc store API
cert svc API in cert-service.h is removed and certificates saved by
those API could be used through key-manager API after certificates
migrated.
(related cert-svc commit:
project : platform/core/security/cert-svc
commitid : 3f2d8b2afcbefa5d2668a08bcd2a3acd25ffe067)
For now added script only moves certs directory from old cert-svc path
to key-manager data directory. Reading those resources and save to
key-manager db when service loaded is TODO
Change-Id: I54019a31d8b7549a770d8acf0da8df28be6f99a6
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
Diffstat (limited to 'data')
| -rwxr-xr-x | data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in | 36 | ||||
| -rw-r--r-- | data/scripts/CMakeLists.txt | 5 |
2 files changed, 41 insertions, 0 deletions
diff --git a/data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in b/data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in new file mode 100755 index 00000000..1126c707 --- /dev/null +++ b/data/scripts/234.key-manager-move-certsvc-migratable-data.patch.sh.in @@ -0,0 +1,36 @@ +#!/bin/bash +PATH=/bin:/usr/bin:/sbin:/usr/sbin + +# Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# @file 234.key-manager-move-certsvc-migratable-data.patch.sh.in +# @author Kyungwook Tak (k.tak@samsung.com) +# @brief Moves old cert-svc CAPI store to key-manager dir + +CERTSVC_STORE_PATH="/opt/share/cert-svc/certs" +MIGRATED_CERTSVC_PATH="@RW_DATA_DIR@/certsvc" + +mv $CERTSVC_STORE_PATH $MIGRATED_CERTSVC_PATH + +if [[ -d ${MIGRATED_CERTSVC_PATH}/ssl ]] && [[ -h ${MIGRATED_CERTSVC_PATH}/ssl ]]; then + rm ${MIGRATED_CERTSVC_PATH}/ssl +fi + +chsmack -a "@SMACK_DOMAIN_NAME@" $MIGRATED_CERTSVC_PATH -r +chown -R @USER_NAME@:@GROUP_NAME@ $MIGRATED_CERTSVC_PATH +chmod 770 $MIGRATED_CERTSVC_PATH + +# TODO: read migrated certsvc certs and store in key-manager system db if needed +rm -rf $MIGRATED_CERTSVC_PATH diff --git a/data/scripts/CMakeLists.txt b/data/scripts/CMakeLists.txt index 5c07257d..742ff21a 100644 --- a/data/scripts/CMakeLists.txt +++ b/data/scripts/CMakeLists.txt @@ -33,11 +33,16 @@ CONFIGURE_FILE(233.key-manager-move-ss-migratable-data.patch.sh.in 233.key-manager-move-ss-migratable-data.patch.sh @ONLY) +CONFIGURE_FILE(234.key-manager-move-certsvc-migratable-data.patch.sh.in + 234.key-manager-move-certsvc-migratable-data.patch.sh + @ONLY) + INSTALL(FILES 230.key-manager-change-data-dir.patch.sh 231.key-manager-migrate-dkek.patch.sh 232.key-manager-change-user.patch.sh 233.key-manager-move-ss-migratable-data.patch.sh + 234.key-manager-move-certsvc-migratable-data.patch.sh DESTINATION ${UPGRADE_SCRIPT_DIR} PERMISSIONS OWNER_READ |