diff options
author | Georgy Yakovlev <gyakovlev@gentoo.org> | 2019-05-09 13:51:30 -0700 |
---|---|---|
committer | Georgy Yakovlev <gyakovlev@gentoo.org> | 2019-05-09 16:04:52 -0700 |
commit | fdae1196b3a9e3ee1f597449fc0098fce0229306 (patch) | |
tree | 9f257853e274d2b33556e2560299b582590b9e3e | |
parent | sys-devel/gcc: add a reference to upstream report (diff) | |
download | gentoo-fdae1196b3a9e3ee1f597449fc0098fce0229306.tar.gz gentoo-fdae1196b3a9e3ee1f597449fc0098fce0229306.tar.bz2 gentoo-fdae1196b3a9e3ee1f597449fc0098fce0229306.zip |
sys-apps/baselayout-java: generate system-wide java keystore
keystore is created in etc/ssl/certs/java/cacerts
ebuild now installs ca-certificates/update.d snippet which
will regenerate certs on every ca-certificates run/update
allowing us to have all system certs in java keystore.
Bug: https://bugs.gentoo.org/682308
Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
-rw-r--r-- | sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild b/sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild new file mode 100644 index 000000000000..51a9dee76bc5 --- /dev/null +++ b/sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild @@ -0,0 +1,49 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit xdg-utils + +DESCRIPTION="Baselayout for Java" +HOMEPAGE="https://wiki.gentoo.org/wiki/Project:Java" +SRC_URI="https://dev.gentoo.org/~sera/distfiles/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" +IUSE="" + +BDEPEND=" + app-crypt/p11-kit[trust] + app-misc/ca-certificates +" + +RDEPEND="${BDEPEND} + !<dev-java/java-config-2.2" + +src_install() { + default + keepdir /etc/ssl/certs/java/ + exeinto /etc/ca-certificates/update.d + newexe - java-cacerts <<-_EOF_ + #!/bin/sh + exec trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose server-auth "${EROOT}"/etc/ssl/certs/java/cacerts + _EOF_ +} + +pkg_postrm() { + xdg_desktop_database_update + xdg_icon_cache_update +} + +pkg_postinst() { + xdg_desktop_database_update + xdg_icon_cache_update + # on first installation generate java cacert file + # so jdk ebuilds can create symlink to in into security directory + if [[ ! -f "${EROOT}"/etc/ssl/certs/java/cacerts ]]; then + einfo "Generating java cacerts file from system ca-certificates" + "${EROOT}"/etc/ca-certificates/update.d/java-cacerts || die + fi +} |