summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGeorgy Yakovlev <gyakovlev@gentoo.org>2019-05-09 13:51:30 -0700
committerGeorgy Yakovlev <gyakovlev@gentoo.org>2019-05-09 16:04:52 -0700
commitfdae1196b3a9e3ee1f597449fc0098fce0229306 (patch)
tree9f257853e274d2b33556e2560299b582590b9e3e
parent08d9828590d3f513ee0e937d4b76313d488a0880 (diff)
downloadgentoo-fdae1196b3a9e3ee1f597449fc0098fce0229306.tar.gz
gentoo-fdae1196b3a9e3ee1f597449fc0098fce0229306.tar.xz
sys-apps/baselayout-java: generate system-wide java keystore
keystore is created in etc/ssl/certs/java/cacerts ebuild now installs ca-certificates/update.d snippet which will regenerate certs on every ca-certificates run/update allowing us to have all system certs in java keystore. Bug: https://bugs.gentoo.org/682308 Package-Manager: Portage-2.3.66, Repoman-2.3.12 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
-rw-r--r--sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild49
1 files changed, 49 insertions, 0 deletions
diff --git a/sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild b/sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild
new file mode 100644
index 00000000000..51a9dee76bc
--- /dev/null
+++ b/sys-apps/baselayout-java/baselayout-java-0.1.0-r1.ebuild
@@ -0,0 +1,49 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit xdg-utils
+
+DESCRIPTION="Baselayout for Java"
+HOMEPAGE="https://wiki.gentoo.org/wiki/Project:Java"
+SRC_URI="https://dev.gentoo.org/~sera/distfiles/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ia64 ~ppc ~ppc64 ~x86 ~amd64-fbsd ~x86-fbsd ~amd64-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE=""
+
+BDEPEND="
+ app-crypt/p11-kit[trust]
+ app-misc/ca-certificates
+"
+
+RDEPEND="${BDEPEND}
+ !<dev-java/java-config-2.2"
+
+src_install() {
+ default
+ keepdir /etc/ssl/certs/java/
+ exeinto /etc/ca-certificates/update.d
+ newexe - java-cacerts <<-_EOF_
+ #!/bin/sh
+ exec trust extract --overwrite --format=java-cacerts --filter=ca-anchors --purpose server-auth "${EROOT}"/etc/ssl/certs/java/cacerts
+ _EOF_
+}
+
+pkg_postrm() {
+ xdg_desktop_database_update
+ xdg_icon_cache_update
+}
+
+pkg_postinst() {
+ xdg_desktop_database_update
+ xdg_icon_cache_update
+ # on first installation generate java cacert file
+ # so jdk ebuilds can create symlink to in into security directory
+ if [[ ! -f "${EROOT}"/etc/ssl/certs/java/cacerts ]]; then
+ einfo "Generating java cacerts file from system ca-certificates"
+ "${EROOT}"/etc/ca-certificates/update.d/java-cacerts || die
+ fi
+}