Create and install rsakeys.ini

Use install-data-hook to ensure restrictive permissions on rsakeys.ini.

Don't create rsakeys.ini in init scripts. This makes xrdp functional upon
"make install" without relying on the init scripts.

Packagers should not package rsakeys.ini, it should be created when the
package is installed.

instfiles/init.d/xrdp

@@ -23,7 +23,6 @@ SESMAN_START=yes
 #USERID=xrdp
 # the X11rdp backend only works as root at the moment - GH 20/03/2013
 USERID=root
-RSAKEYS=/etc/xrdp/rsakeys.ini
 NAME=xrdp
 DESC="Remote Desktop Protocol server"
 
@@ -67,18 +66,6 @@ if [ "$(id -u)" = "0" ]; then
         mkdir $PIDDIR
     fi
     chown $USERID:$USERID $PIDDIR
-
-    # Check for rsa key 
-    if [ ! -f $RSAKEYS ] ; then
-        log_action_begin_msg "Generating xrdp RSA keys..."
-        (umask 077 ; xrdp-keygen xrdp $RSAKEYS)
-        chown $USERID:$USERID $RSAKEYS
-        if [ ! -f $RSAKEYS ] ; then
-            log_action_end_msg 1 "could not create $RSAKEYS"
-            exit 1
-        fi
-        log_action_end_msg 0 "done"
-    fi
 fi
 
 

instfiles/rc.d/xrdp

@@ -61,10 +61,6 @@ xrdp_cmd() {
     if [ "${rc_arg}" = "stop" ] ; then
 	xrdp_daemons=$(reverse_list ${xrdp_daemons})
     fi
-    # Generate rsakeys.ini on start
-    if [ "${rc_arg}" = "start" -a ! -f %%PREFIX%%/etc/xrdp/rsakeys.ini ] ; then
-        %%PREFIX%%/bin/xrdp-keygen xrdp %%PREFIX%%/etc/xrdp/rsakeys.ini
-    fi
 
     # Apply to all the daemons.
     for name in ${xrdp_daemons}; do

keygen/Makefile.am

@@ -13,3 +13,12 @@ xrdp_keygen_SOURCES = keygen.c
 
 xrdp_keygen_LDADD = \
   $(top_builddir)/common/libcommon.la
+
+xrdpsysconfdir = $(sysconfdir)/xrdp
+
+install-data-hook:
+	umask 077 && \
+	  ./xrdp-keygen xrdp $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini
+
+uninstall-hook:
+	rm -f $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini