From 829fc0c4d710bb6358137096ea957609c83d969e Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Mon, 14 Dec 2009 16:12:56 -0500
Subject: [PATCH] PR 10905: Initscript improvements: Automatically authorize
 the initscript servers as trusted servers and signers.

---
 systemtap.spec | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/systemtap.spec b/systemtap.spec
index 508f03ba7..29ff70670 100644
--- a/systemtap.spec
+++ b/systemtap.spec
@@ -315,6 +315,13 @@ chgrp stap-server %{_localstatedir}/log/stap-server.log
 test -e /usr/share/systemtap/runtime/uprobes || mkdir -p /usr/share/systemtap/runtime/uprobes
 chgrp stap-server /usr/share/systemtap/runtime/uprobes
 chmod 775 /usr/share/systemtap/runtime/uprobes
+# As stap-server, generate the certificate used for signing and for ssl.
+runuser -s /bin/sh - stap-server -c %{_bindir}/stap-gen-cert
+# Authorize the certificate as a trusted ssl peer and as a trusted signer
+# local host.
+%{_bindir}/stap-authorize-server-cert %{_localstatedir}/lib/stap-server/.systemtap/ssl/server/stap.cert
+%{_bindir}/stap-authorize-signing-cert %{_localstatedir}/lib/stap-server/.systemtap/ssl/server/stap.cert
+
 # Activate the service
 /sbin/chkconfig --add stap-server
 exit 0
-- 
2.43.5