From c7758e32fffabef9cd09697b5c2737ce160c6170 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Ale=C5=A1=20K=C5=99enek?= Date: Mon, 22 Nov 2004 17:55:33 +0000 Subject: [PATCH] use /etc/grid-security/host{key,cert}.pem if readable --- org.glite.lb.server/config/startup | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/org.glite.lb.server/config/startup b/org.glite.lb.server/config/startup index 1b74a0f..4e0789b 100755 --- a/org.glite.lb.server/config/startup +++ b/org.glite.lb.server/config/startup @@ -17,11 +17,23 @@ GLITE_LOCATION_VAR=${GLITE_LOCATION_VAR:-${GLITE_LOCATION}/var} unset creds port +cred_copy=/var/tmp/glite-lb-server.pem + start() { [ -n "$GLITE_HOST_CERT" -a -n "$GLITE_HOST_KEY" ] && creds="-c $GLITE_HOST_CERT -k $GLITE_HOST_KEY" + if test -z "$creds"; then + if su $GLITE_USER -c "test -r /etc/grid-security/hostkey.pem"; then + echo "$0: WARNING: /etc/grid-security/hostkey.pem readable by $GLITE_USER" + echo "$0: creating $cred_copy from it" + su $GLITE_USER -c "umask 077; cat /etc/grid-security/hostcert.pem /etc/grid-security/hostkey.pem >$cred_copy" + creds="-c $cred_copy -k $cred_copy" + fi + fi + + [ -z "$creds" ] && echo $0: WARNING: No credentials specified. Using default lookup which is dangerous. >&2 [ -n "$GLITE_LB_SERVER_PORT" ] && port="-p $GLITE_LB_SERVER_PORT" @@ -52,6 +64,7 @@ stop() echo $pidfile does not exist - glite-lb-bkserverd not running? >&2 return 1 fi + rm -f $cred_copy } status() -- 1.8.2.3