rpms/mod_nss/F-8 mod_nss.spec,1.8,1.9

Robert Crittenden (rcritten) fedora-extras-commits at redhat.com
Thu Jun 19 02:45:42 UTC 2008 

Author: rcritten

Update of /cvs/extras/rpms/mod_nss/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18871

Modified Files:
	mod_nss.spec 
Log Message:
Need to fix ownership and permissions of the NSS database as well so
init after fork will work.



Index: mod_nss.spec
===================================================================
RCS file: /cvs/extras/rpms/mod_nss/F-8/mod_nss.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- mod_nss.spec	18 Jun 2008 21:45:19 -0000	1.8
+++ mod_nss.spec	19 Jun 2008 02:44:51 -0000	1.9
@@ -1,6 +1,6 @@
 Name: mod_nss
 Version: 1.0.7
-Release: 3%{?dist}
+Release: 4%{?dist}
 Summary: SSL/TLS module for the Apache HTTP server
 Group: System Environment/Daemons
 License: Apache Software License
@@ -70,7 +70,7 @@
 install -m 755 .libs/libmodnss.so $RPM_BUILD_ROOT%{_libdir}/httpd/modules/
 install -m 755 nss_pcache $RPM_BUILD_ROOT%{_sbindir}/
 install -m 755 gencert $RPM_BUILD_ROOT%{_sbindir}/
-ln -s ../../..%{_libdir}/libnssckbi.so $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/
+ln -s ../../../%{_libdir}/libnssckbi.so $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/
 touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/secmod.db
 touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/cert8.db
 touch $RPM_BUILD_ROOT%{_sysconfdir}/httpd/alias/key3.db
@@ -91,6 +91,10 @@
         echo "%{name} certificate database generated."
         echo ""
     fi
+
+    # Make sure that the database ownership is setup properly.
+    find /etc/httpd/alias -user root -name "*.db" -exec /bin/chgrp apache {} \;
+    find /etc/httpd/alias -user root -name "*.db" -exec /bin/chmod g+r {} \;
 fi
 
 %files
@@ -99,15 +103,19 @@
 %config(noreplace) %{_sysconfdir}/httpd/conf.d/nss.conf
 %{_libdir}/httpd/modules/libmodnss.so
 %dir %{_sysconfdir}/httpd/alias/
-%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/secmod.db
-%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/cert8.db
-%ghost %config(noreplace) %{_sysconfdir}/httpd/alias/key3.db
+%ghost %attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/httpd/alias/secmod.db
+%ghost %attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/httpd/alias/cert8.db
+%ghost %attr(0640,root,apache) %config(noreplace) %{_sysconfdir}/httpd/alias/key3.db
 %ghost %config(noreplace) %{_sysconfdir}/httpd/alias/install.log
 %{_sysconfdir}/httpd/alias/libnssckbi.so
 %{_sbindir}/nss_pcache
 %{_sbindir}/gencert
 
 %changelog
+* Wed Jun 18 2008 Rob Crittenden <rcritten at redhat.com> 1.0.7-4
+- Need to fix ownership and permissions of the NSS database as well so
+  init after fork will work.
+
 * Wed Jun 18 2008 Rob Crittenden <rcritten at redhat.com> 1.0.7-3
 - Apply patch so that mod_nss calls NSS_Init() after Apache forks a child
   and not before. This is in response to a change in the NSS softtokn code

More information about the fedora-extras-commits mailing list