diff options
Diffstat (limited to 'meta-agl-html5-demo/recipes-core/nss')
3 files changed, 63 insertions, 0 deletions
diff --git a/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service new file mode 100644 index 000000000..40818cf2b --- /dev/null +++ b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.service @@ -0,0 +1,12 @@ +[Unit] +Description=Deploy Kuksa certificates to /home/agl-driver/.pki/ +After=local-fs.target +Before=multi-user.target +ConditionPathExists=!/home/agl-driver/.pki + +[Service] +User=agl-driver +ExecStart=/usr/sbin/nss-agl-driver-db.sh + +[Install] +WantedBy=multi-user.target diff --git a/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh new file mode 100755 index 000000000..1a8351bf9 --- /dev/null +++ b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh @@ -0,0 +1,19 @@ +#!/bin/bash +set -e + +# TLDR we need this file for chromium to connect back to kuksa. + +# check if directory already exists and bail out +if test -d /home/agl-driver/.pki/nssdb ; then + echo "Directory already exists! Doing nothing." + exit 127 +fi + +# setup empty db in subfolder +mkdir -p /home/agl-driver/.pki/nssdb +certutil -N -d /home/agl-driver/.pki/nssdb --empty-password + +# deploy cert into local db +certutil -A -d /home/agl-driver/.pki/nssdb -n "KuksaRootCA" -t "pC,," -i /etc/kuksa-val/CA.pem + +#chown -R agl-driver:agl-driver /home/agl-driver/.pki/nssdb diff --git a/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb new file mode 100644 index 000000000..b2fb40340 --- /dev/null +++ b/meta-agl-html5-demo/recipes-core/nss/nss-agl-driver-db_git.bb @@ -0,0 +1,32 @@ +SUMMARY = "Custom nss db hosting the kuksa certificates" +DESCRIPTION = "Custom nss db hosting the kuksa certificates for chromium" +AUTHOR = "Jan-Simon Moeller <jsmoeller@linuxfoundation.org>" +HOMEPAGE = "https://git.automotivelinux.org" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +PV = "0.1" + +SRC_URI = "file://${BPN}.service \ + file://${BPN}.sh \ + " + +inherit systemd + +SYSTEMD_SERVICE:${PN} = "${BPN}.service" + +do_configure[noexec] = "1" +do_compile[noexec] = "1" + +do_install() { + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -d ${D}${systemd_system_unitdir} + install -d ${D}${sbindir} + install -m 0644 ${WORKDIR}/${BPN}.service ${D}${systemd_system_unitdir} + install -m 0755 ${WORKDIR}/${BPN}.sh ${D}${sbindir} + fi +} + +FILES:${PN} += "${systemd_system_unitdir} ${sbindir}" + +RDEPENDS:${PN} += "nss agl-users kuksa-val-certificates-client bash" |