You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
87 lines
1.6 KiB
87 lines
1.6 KiB
#!/bin/sh |
|
|
|
#set -vx |
|
|
|
LCFILE=/etc/pki/ca-trust/ca-legacy.conf |
|
LLINK=/etc/pki/ca-trust/source/ca-bundle.legacy.crt |
|
LDEFAULT=/usr/share/pki/ca-trust-legacy/ca-bundle.legacy.default.crt |
|
LDISABLE=/usr/share/pki/ca-trust-legacy/ca-bundle.legacy.disable.crt |
|
|
|
# An absent value, or any unexpected value, is treated as "default". |
|
is_disabled() |
|
{ |
|
grep -i "^legacy *= *disable *$" $LCFILE >/dev/null 2>&1 |
|
} |
|
|
|
do_check() |
|
{ |
|
is_disabled |
|
if [ $? -eq 0 ]; then |
|
echo "Legacy CAs are set to DISABLED in file $LCFILE (affects install/upgrade)" |
|
LEXPECT=$LDISABLE |
|
else |
|
echo "Legacy CAs are set to DEFAULT in file $LCFILE (affects install/upgrade)" |
|
LEXPECT=$LDEFAULT |
|
fi |
|
echo "Status of symbolic link $LLINK:" |
|
readlink -v $LLINK |
|
} |
|
|
|
do_install() |
|
{ |
|
is_disabled |
|
if [ $? -eq 0 ]; then |
|
# found, legacy is disabled |
|
sln $LDISABLE $LLINK |
|
else |
|
# expression not found, legacy is set to default |
|
sln $LDEFAULT $LLINK |
|
fi |
|
} |
|
|
|
do_default() |
|
{ |
|
sed -i 's/^legacy *=.*$/legacy=default/' $LCFILE |
|
do_install |
|
/usr/bin/update-ca-trust |
|
} |
|
|
|
do_disable() |
|
{ |
|
sed -i 's/^legacy *=.*$/legacy=disable/' $LCFILE |
|
do_install |
|
/usr/bin/update-ca-trust |
|
} |
|
|
|
do_help() |
|
{ |
|
echo "usage: $0 [check | default | disable | install]" |
|
} |
|
|
|
if [[ $# -eq 0 ]]; then |
|
# no parameters |
|
do_help |
|
exit $? |
|
fi |
|
|
|
if [[ "$1" = "install" ]]; then |
|
do_install |
|
exit $? |
|
fi |
|
|
|
if [[ "$1" = "default" ]]; then |
|
do_default |
|
exit $? |
|
fi |
|
if [[ "$1" = "disable" ]]; then |
|
do_disable |
|
exit $? |
|
fi |
|
|
|
if [[ "$1" = "check" ]]; then |
|
do_check |
|
exit $? |
|
fi |
|
|
|
echo "$0: Unsupported command $1" |
|
do_help
|
|
|