use /etc/grid-security/host{key,cert}.pem if readable

author Aleš Křenek <ljocha@ics.muni.cz>

Mon, 22 Nov 2004 17:55:33 +0000 (17:55 +0000)

committer Aleš Křenek <ljocha@ics.muni.cz>

Mon, 22 Nov 2004 17:55:33 +0000 (17:55 +0000)
author Aleš Křenek <ljocha@ics.muni.cz>
Mon, 22 Nov 2004 17:55:33 +0000 (17:55 +0000)
committer Aleš Křenek <ljocha@ics.muni.cz>
Mon, 22 Nov 2004 17:55:33 +0000 (17:55 +0000)
diff --git a/org.glite.lb.server/config/startup b/org.glite.lb.server/config/startup

index 1b74a0f..4e0789b 100755 (executable)
--- a/org.glite.lb.server/config/startup
+++ b/org.glite.lb.server/config/startup
@@ -17,11 +17,23 @@ GLITE_LOCATION_VAR=${GLITE_LOCATION_VAR:-${GLITE_LOCATION}/var}
  
  unset creds port
  
+cred_copy=/var/tmp/glite-lb-server.pem
+
  start()
  {
         [ -n "$GLITE_HOST_CERT" -a -n "$GLITE_HOST_KEY" ] &&
                 creds="-c $GLITE_HOST_CERT -k $GLITE_HOST_KEY"
  
+       if test -z "$creds"; then
+               if su $GLITE_USER -c "test -r /etc/grid-security/hostkey.pem"; then
+                       echo "$0: WARNING: /etc/grid-security/hostkey.pem readable by $GLITE_USER"
+                       echo "$0:          creating $cred_copy from it"
+                       su $GLITE_USER -c "umask 077; cat /etc/grid-security/hostcert.pem /etc/grid-security/hostkey.pem >$cred_copy"
+                       creds="-c $cred_copy -k $cred_copy"
+               fi
+       fi
+
+
         [ -z "$creds" ] && echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2
  
         [ -n "$GLITE_LB_SERVER_PORT" ] && port="-p $GLITE_LB_SERVER_PORT"
@@ -52,6 +64,7 @@ stop()
                 echo $pidfile does not exist - glite-lb-bkserverd not running? >&2
                 return 1
         fi
+       rm -f $cred_copy
  }
  
  status()
author	Aleš Křenek <ljocha@ics.muni.cz>
	Mon, 22 Nov 2004 17:55:33 +0000 (17:55 +0000)
committer	Aleš Křenek <ljocha@ics.muni.cz>
	Mon, 22 Nov 2004 17:55:33 +0000 (17:55 +0000)