summaryrefslogtreecommitdiff
path: root/etc/init.d/fetch-filter-cert
diff options
context:
space:
mode:
Diffstat (limited to 'etc/init.d/fetch-filter-cert')
-rwxr-xr-xetc/init.d/fetch-filter-cert80
1 files changed, 80 insertions, 0 deletions
diff --git a/etc/init.d/fetch-filter-cert b/etc/init.d/fetch-filter-cert
new file mode 100755
index 0000000..8fdae97
--- /dev/null
+++ b/etc/init.d/fetch-filter-cert
@@ -0,0 +1,80 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: fetch-filter-cert
+# Required-Start: $local_fs $remote_fs
+# Required-Stop: $local_fs $remote_fs
+# Should-Start: $network $syslog $named
+# Default-Start: 2 3 4 5
+# Default-Stop:
+# Short-Description: Fetch e2guardian SSL public cacert
+# Description:
+# Retrieve e2guardian proxy's CA certificate and add it to
+# the system-wide list of CA certificates.
+### END INIT INFO
+
+set -xe
+
+. /lib/lsb/init-functions
+
+CERTFILE=/usr/local/share/ca-certificates/debian-edu/filter-ca.crt
+FILTERSERVER="filter"
+FILTERCACERTURL="http://$FILTERSERVER/filter-ca.crt"
+
+do_start() {
+ ERROR=false
+ if ! fping "$FILTERSERVER" 1>/dev/null 2>/dev/null; then
+ logger -t fetch-filter-cert "Site does not have a content filter server, aborting."
+ return 0
+ elif [ ! -f $CERTFILE ]; then
+ [ "$VERBOSE" != no ] && log_action_begin_msg "Fetching content filter CA certificate."
+ mkdir -p "$(dirname $CERTFILE)"
+ curl "$FILTERCACERTURL" > $CERTFILE.new
+ chmod 644 $CERTFILE.new
+ if test -s $CERTFILE.new && head -n1 $CERTFILE.new | grep -q -E '^-----BEGIN CERTIFICATE-----$'; then
+ mv $CERTFILE.new $CERTFILE
+ [ "$VERBOSE" != no ] && log_action_end_msg 0
+ logger -t fetch-filter-cert "Fetched content filter CA certificate from $FILTERCACERTURL."
+ update-ca-certificates 1>/dev/null
+ else
+ rm $CERTFILE.new
+ log_action_end_msg 1
+ logger -t fetch-filter-cert "Failed to fetch content filter CA certificate from $FILTERCACERTURL."
+ ERROR=true
+ fi
+ fi
+ if [ -d /opt/ltsp ] ; then
+ for ltsp_chroot in `find /opt/ltsp/ -mindepth 1 -maxdepth 1 -type d`; do
+ if [ ! -f $ltsp_chroot$CERTFILE ]; then
+ [ "$VERBOSE" != no ] &&
+ log_action_begin_msg "Copying content filter CA certificate to ltsp-chroot $ltsp_chroot "
+ if test -s $CERTFILE; then
+ mkdir -p $(dirname $ltsp_chroot/$CERTFILE)
+ cp $CERTFILE $ltsp_chroot$CERTFILE
+ chmod 644 $ltsp_chroot$CERTFILE
+ chroot $ltsp_chroot update-ca-certificates 1>/dev/null
+ [ "$VERBOSE" != no ] && log_action_end_msg 0
+ else
+ log_action_end_msg 1
+ ERROR=true
+ fi
+ fi
+ done
+ fi
+ if $ERROR; then
+ return 1
+ fi
+}
+
+case "$1" in
+ start)
+ do_start
+ ;;
+ stop)
+ ;;
+ restart|force-reload)
+ ;;
+ *)
+ echo "Usage: $0 {start|stop|restart|force-reload}"
+ exit 2
+esac
+exit 0