diff options
author | Ajay Garg <ajay@activitycentral.com> | 2012-09-04 14:16:31 (GMT) |
---|---|---|
committer | Ajay Garg <ajay@activitycentral.com> | 2012-09-04 15:43:51 (GMT) |
commit | fc964e813974268a8fe63153a074a2b6357396fd (patch) | |
tree | e8b03437e23643b66fd8be8cca2b31e260332994 | |
parent | 7c231494096c2cbcd737ff477ebb5193a386a556 (diff) |
ENABLE SECURE DATA TRANSFER FOR ===>>> 1-to-N Feature, via Peer-To-Peer mechanism; and Via-School-Server mechanism.
Signed-off-by: Ajay Garg <ajay@activitycentral.com>
-rw-r--r-- | config/dextrose3-common.ini | 1 | ||||
-rw-r--r-- | modules/base/kspost.10.core.inc | 46 |
2 files changed, 35 insertions, 12 deletions
diff --git a/config/dextrose3-common.ini b/config/dextrose3-common.ini index 7358d19..facde34 100644 --- a/config/dextrose3-common.ini +++ b/config/dextrose3-common.ini @@ -48,6 +48,7 @@ dx3_common_packages_add= httpd, ; au#1588: need "openssl-devel" package, for "libcrypto.so". openssl-devel, + mod_ssl, ; accessibility packages ; Already added as dependencies for sugar-control-accessibility diff --git a/modules/base/kspost.10.core.inc b/modules/base/kspost.10.core.inc index d3324d9..27e1e4a 100644 --- a/modules/base/kspost.10.core.inc +++ b/modules/base/kspost.10.core.inc @@ -217,18 +217,43 @@ SearchAndDeleteLineContainingRegex $filename " *<LWIN> = 133; *" SearchAndReplaceRegex $filename "<CAPS> = 66;" "<CAPS> = 133;" # uy#1769 : Set up "httpd", to host "WebDAV" shares. -filename="/etc/httpd/conf/httpd.conf" -SearchAndReplaceRegex $filename "#<VirtualHost \*:80>" "<VirtualHost \*:80>" -SearchAndDeleteLineContainingRegex $filename "#<\/VirtualHost>" - -mkdir -p /var/www/web1/web +# +# +# Make the directories (if not already), and set the permissions. +# mkdir -p /var/www/web1/web/.Sugar-Metadata +chmod -R 0777 /var/www/web1/ +# Some necessary tweaks in "httpd" service. +# rm /etc/httpd/logs mkdir /etc/httpd/logs -cat << EOF >> /etc/httpd/conf/httpd.conf - DocumentRoot /var/www/web1/web/ +# Generate the ssl-key and certificate. +# Note that initially, all XOs will be having the same pair +# (since the same image will be installled on all XOs). +# +# However, a new unique pair will be generated per XO, once the user +# creates her sugar-profile (on first startup of the XO). +mkdir -p /home/olpc/.sugar/default +openssl req -new -newkey rsa:1024 -days 365 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -keyout /home/olpc/.sugar/default/ssl.key -out /home/olpc/.sugar/default/ssl.crt + +# Replace the key- and crt-path in conf-file, so that secure-transfer may be enabled. +# +filename="/etc/httpd/conf.d/ssl.conf" +SearchAndReplaceRegex $filename "SSLCertificateKeyFile \/etc\/pki\/tls\/private\/localhost.key" "SSLCertificateKeyFile \/home\/olpc\/.sugar\/default\/ssl.key" +SearchAndReplaceRegex $filename "SSLCertificateFile \/etc\/pki\/tls\/certs\/localhost.crt" "SSLCertificateFile \/home\/olpc\/.sugar\/default\/ssl.crt" + +# Create the password file for WebDAV. +# +htpasswd -bc /var/www/web1/passwd.dav test olpc + +# Finally, configure "VirtualHost". +filename="/etc/httpd/conf.d/ssl.conf" +SearchAndDeleteLineContainingRegex $filename "<\/VirtualHost>" +cat << EOF >> /etc/httpd/conf.d/ssl.conf + + DocumentRoot /var/www/web1/web <Directory /var/www/web1/web/> Options Indexes MultiViews AllowOverride None @@ -246,13 +271,10 @@ cat << EOF >> /etc/httpd/conf/httpd.conf Require valid-user </Location> </VirtualHost> - EOF - -chmod -R 0777 /var/www/web1/web -chmod -R 0777 /var/www/web1/web/.Sugar-Metadata -htpasswd -bc /var/www/web1/passwd.dav test olpc +# Change the startup preferences of services. +# /sbin/chkconfig httpd --levels 5 on # uy#1769 customizations end. |