On Sun, Sep 09, 2007 at 11:18:03AM +0300, Elan Ruusamäe wrote: > On Sunday 09 September 2007 02:44, Adam Gołębiowski wrote: > > Hi, > > > > I was thinking about apache mod_gnutls's dhfile/rsafile files being > > generate in %post, which could be done by something similiar to: > > > > --- cut --- > > %post > > if [ "$1" = "0" ]; then > > d=/etc/httpd/tls > > [ -f "$d/dhfile" ] || /usr/bin/certtool --generate-dh-params --bits 1024 > > --outfile $d/dhfile [ -f "$d/rsafile" ] || /usr/bin/certtool > > --generate-privkey --bits 512 --outfile $d/rsafile fi > > --- cut --- > > > > but the process may take some time on slower machines, or those where > > /dev/random tends to block while waiting for entropy pool. > > other way is openssh way -- when service is started, but that's modifying > apache.spec
Ah, didn't think of that. This would mean keeping httpd down for some time (only once, but still), and this could annoy some people. I think I'll go for the presented option (%post). -- http://www.mysza.eu.org/ | Everybody needs someone sure, someone true, PLD Linux developer | Everybody needs some solid rock, I know I do. _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
