From 15c67927eb7d4e23935e25ea26acb6755f842436 Mon Sep 17 00:00:00 2001 From: Jan-Simon Moeller Date: Fri, 31 Mar 2023 15:36:25 +0200 Subject: Rework nss-agl-driver-db to be a systemd unit at runtime This avoids the issues seen with access rights changes on /home/agl-driver and will replace https://gerrit.automotivelinux.org/gerrit/c/AGL/meta-agl-demo/+/28587 Bug-AGL: SPEC-4599 Change-Id: If01ffc9623208edd7a7705739465fa8fca764b74 Signed-off-by: Jan-Simon Moeller (cherry picked from commit 11323fa1ed396e3e16f4df327911bc9c60cc6e01) --- .../nss/nss-agl-driver-db/nss-agl-driver-db.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100755 recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh (limited to 'recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh') diff --git a/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh b/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh new file mode 100755 index 00000000..1a8351bf --- /dev/null +++ b/recipes-core/nss/nss-agl-driver-db/nss-agl-driver-db.sh @@ -0,0 +1,19 @@ +#!/bin/bash +set -e + +# TLDR we need this file for chromium to connect back to kuksa. + +# check if directory already exists and bail out +if test -d /home/agl-driver/.pki/nssdb ; then + echo "Directory already exists! Doing nothing." + exit 127 +fi + +# setup empty db in subfolder +mkdir -p /home/agl-driver/.pki/nssdb +certutil -N -d /home/agl-driver/.pki/nssdb --empty-password + +# deploy cert into local db +certutil -A -d /home/agl-driver/.pki/nssdb -n "KuksaRootCA" -t "pC,," -i /etc/kuksa-val/CA.pem + +#chown -R agl-driver:agl-driver /home/agl-driver/.pki/nssdb -- cgit 1.2.3-korg