Create and install rsakeys.ini

Use install-data-hook to ensure restrictive permissions on rsakeys.ini.

Don't create rsakeys.ini in init scripts. This makes xrdp functional upon
"make install" without relying on the init scripts.

Packagers should not package rsakeys.ini, it should be created when the
package is installed.
This commit is contained in:
Pavel Roskin 2016-02-19 23:38:49 -08:00
parent 22e6f3e2f7
commit b63575cebc
3 changed files with 9 additions and 17 deletions

View File

@ -23,7 +23,6 @@ SESMAN_START=yes
#USERID=xrdp
# the X11rdp backend only works as root at the moment - GH 20/03/2013
USERID=root
RSAKEYS=/etc/xrdp/rsakeys.ini
NAME=xrdp
DESC="Remote Desktop Protocol server"
@ -67,18 +66,6 @@ if [ "$(id -u)" = "0" ]; then
mkdir $PIDDIR
fi
chown $USERID:$USERID $PIDDIR
# Check for rsa key
if [ ! -f $RSAKEYS ] ; then
log_action_begin_msg "Generating xrdp RSA keys..."
(umask 077 ; xrdp-keygen xrdp $RSAKEYS)
chown $USERID:$USERID $RSAKEYS
if [ ! -f $RSAKEYS ] ; then
log_action_end_msg 1 "could not create $RSAKEYS"
exit 1
fi
log_action_end_msg 0 "done"
fi
fi

View File

@ -61,10 +61,6 @@ xrdp_cmd() {
if [ "${rc_arg}" = "stop" ] ; then
xrdp_daemons=$(reverse_list ${xrdp_daemons})
fi
# Generate rsakeys.ini on start
if [ "${rc_arg}" = "start" -a ! -f %%PREFIX%%/etc/xrdp/rsakeys.ini ] ; then
%%PREFIX%%/bin/xrdp-keygen xrdp %%PREFIX%%/etc/xrdp/rsakeys.ini
fi
# Apply to all the daemons.
for name in ${xrdp_daemons}; do

View File

@ -13,3 +13,12 @@ xrdp_keygen_SOURCES = keygen.c
xrdp_keygen_LDADD = \
$(top_builddir)/common/libcommon.la
xrdpsysconfdir = $(sysconfdir)/xrdp
install-data-hook:
umask 077 && \
./xrdp-keygen xrdp $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini
uninstall-hook:
rm -f $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini