[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, master, updated. debian/2.6.1.rc3-1-41-g7bd836a

Mathias Gug mathias.gug at canonical.com
Mon Sep 20 18:32:34 UTC 2010 

The following commit has been merged in the master branch:
commit 9f21593db81736cb082d13c9eb8e120791ef5f90
Author: Mathias Gug <mathias.gug at canonical.com>
Date:   Fri Sep 17 15:32:17 2010 -0400

    debian/puppetmaster-passenger.postinst: Use cacrl instead of hostcrl to set the location of the CRL in apache2 configuration. Fix apache2  configuration on upgrade as well (LP: #641001).

diff --git a/debian/changelog b/debian/changelog
index 6aa5926..ec4cb06 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ puppet (2.6.1-1) UNRELEASED; urgency=low
     - Fix "Puppet standalone broken" (Closes: #594575)
   * test/lib/puppettest/fakes.rb: Fix puppettest to use puppet system 
     library.
+  * debian/puppetmaster-passenger.postinst: Use cacrl instead of hostcrl to
+    set the location of the CRL in apache2 configuration. Fix apache2 
+    configuration on upgrade as well (LP: #641001).
 
   [ Stig Sandbeck Mathisen ]
   * Fix "require" path for puppet queue.
diff --git a/debian/puppetmaster-passenger.postinst b/debian/puppetmaster-passenger.postinst
index 537b9fd..f2bdf78 100644
--- a/debian/puppetmaster-passenger.postinst
+++ b/debian/puppetmaster-passenger.postinst
@@ -29,7 +29,7 @@ if [ "$1" = "configure" ]; then
             sed -r -i "s|(SSLCertificateKeyFile\s+).+$|\1$(puppetca --configprint hostprivkey)|" "${APACHE2_SITE_FILE}"
             sed -r -i "s|(SSLCACertificateFile\s+).+$|\1$(puppetca --configprint localcacert)|" "${APACHE2_SITE_FILE}"
             sed -r -i "s|(SSLCertificateChainFile\s+).+$|\1$(puppetca --configprint localcacert)|" "${APACHE2_SITE_FILE}"
-            sed -r -i "s|(SSLCARevocationFile\s+).+$|\1$(puppetca --configprint hostcrl)|" "${APACHE2_SITE_FILE}"
+            sed -r -i "s|(SSLCARevocationFile\s+).+$|\1$(puppetca --configprint cacrl)|" "${APACHE2_SITE_FILE}"
         fi
         a2enmod ssl
         a2ensite puppetmaster
@@ -42,6 +42,20 @@ if [ "$1" = "configure" ]; then
             fi
         fi
     fi
+    # Fix CRL file on upgrade to use the CA crl file instead of the host crl.
+    if dpkg --compare-versions "$2" lt-nl "2.6.1-1"; then
+        if [ -e /etc/apache2/sites-available/puppetmaster ]; then
+            sed -i 's|SSLCARevocationFile /var/lib/puppet/ssl/crl.pem$|SSLCARevocationFile /var/lib/puppet/ssl/ca/ca_crl.pem|' /etc/apache2/sites-available/puppetmaster
+            if [ -x "/etc/init.d/apache2" ]; then
+                # Seems that a restart is needed. reload breaks ssl apparently.
+                if [ -x "`which invoke-rc.d 2>/dev/null`" ]; then
+                    invoke-rc.d apache2 restart || exit $?
+                else
+                    /etc/init.d/apache2 restart || exit $?
+                fi
+            fi
+        fi
+    fi
 fi
 
 #DEBHELPER#

-- 
Puppet packaging for Debian

More information about the Pkg-puppet-devel mailing list