On Wed, Apr 21, 2010 at 05:09:31PM -0600, Eric Blake wrote: > From: Dustin Kirkland <kirkland@xxxxxxxxxxxxx> > > A few fixes will help make tools/virt-pki-validate.in useful on Debian > and Ubuntu. And one fix should be useful to everyone (see #3). > > 1) note our gnutls-bin package (in addition to your gnutls-utils > package) in the no-certtool error text > > 2) fix a bashism, == should be = in the case where /bin/sh is a symlink > to dash > > 3) $(SYSCONFDIR) cannot evaluate; set a single shell SYSCONFDIR > variable to the autoconf @SYSCONFDIR@ value, and use $SYSCONFDIR > everywhere > > Bug report: > * https://bugs.edge.launchpad.net/ubuntu/+source/libvirt/+bug/562266 > > Signed-off-by: Dustin Kirkland <kirkland@xxxxxxxxxxxxx> > Signed-off-by: Eric Blake <eblake@xxxxxxxxxx> > --- > > The following is the uncontroversial parts (at least, IMO) of your > patch; leaving only the change for the regexp, which should be in a > separate patch anyways. > > tools/virt-pki-validate.in | 28 +++++++++++++++++----------- > 1 files changed, 17 insertions(+), 11 deletions(-) > > diff --git a/tools/virt-pki-validate.in b/tools/virt-pki-validate.in > index ee7b79d..64579b0 100755 > --- a/tools/virt-pki-validate.in > +++ b/tools/virt-pki-validate.in > @@ -16,8 +16,8 @@ PORT=16514 > CERTOOL=`which certtool 2>/dev/null` > if [ ! -x $CERTOOL ] > then > - echo Could not locate the certtool program > - echo make sure the gnutls-utils package is installed > + echo "Could not locate the certtool program" > + echo "make sure the gnutls-utils (or gnutls-bin) package is installed" > exit 1 > fi > echo Found $CERTOOL > @@ -25,7 +25,8 @@ echo Found $CERTOOL > # > # Check the directory structure > # > -PKI="@SYSCONFDIR@/pki" > +SYSCONFDIR="@SYSCONFDIR@" > +PKI="$SYSCONFDIR/pki" > if [ ! -d $PKI ] > then > echo the $PKI directory is missing, it is usually > @@ -129,8 +130,8 @@ then > echo "as root do: chmod 644 $CA/cacert.pem" > exit 1 > fi > -ORG=`$CERTOOL -i --infile $CA/cacert.pem | grep Issuer | sed 's+Issuer: CN=++'` > -if [ "$ORG" == "" ] > +ORG=`$CERTOOL -i --infile $CA/cacert.pem | sed -n '/Issuer/ s+Issuer: CN=++p'` > +if [ "$ORG" = "" ] > then > echo the CA certificate $CA/cacert.pem does not define the organization > echo it should probably regenerated > @@ -240,19 +241,24 @@ fi > > if [ "$SERVER" = "1" ] > then > - if [ -r $(SYSCONFDIR)/sysconfig/libvirtd ] > + if [ -r "$SYSCONFDIR"/sysconfig/libvirtd ] > then > - if [ "`grep '^LIBVIRTD_ARGS' $(SYSCONFDIR)/sysconfig/libvirtd | grep -- '--listen'`" = "" ] > + if grep "^LIBVIRTD_ARGS.*--listen" "$SYSCONFDIR"/sysconfig/libvirtd \ > + >/dev/null 2>&1 > then > - echo Make sure $(SYSCONFDIR)/sysconfig/libvirtd is setup to listen to > + : > + else > + echo Make sure "$SYSCONFDIR"/sysconfig/libvirtd is setup to listen to > echo TCP/IP connections and restart the libvirtd service > fi > fi > - if [ -r $(SYSCONFDIR)/sysconfig/iptables ] > + if [ -r "$SYSCONFDIR"/sysconfig/iptables ] > then > - if [ "`grep $PORT $(SYSCONFDIR)/sysconfig/iptables`" = "" ] > + if grep $PORT "$SYSCONFDIR"/sysconfig/iptables >/dev/null 2>&1 > then > - echo Make sure $(SYSCONFDIR)/sysconfig/iptables is setup to allow > + : > + else > + echo Make sure "$SYSCONFDIR"/sysconfig/iptables is setup to allow > echo incoming TCP/IP connections on port $PORT and > echo restart the iptables service > fi ACK, Daniel -- Daniel Veillard | libxml Gnome XML XSLT toolkit http://xmlsoft.org/ daniel@xxxxxxxxxxxx | Rpmfind RPM search engine http://rpmfind.net/ http://veillard.com/ | virtualization library http://libvirt.org/ -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list