diff options
Diffstat (limited to 'recipes-core/ca-certificates-java/ca-certificates-java/ca-certificates-java.hook.in')
-rwxr-xr-x | recipes-core/ca-certificates-java/ca-certificates-java/ca-certificates-java.hook.in | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/recipes-core/ca-certificates-java/ca-certificates-java/ca-certificates-java.hook.in b/recipes-core/ca-certificates-java/ca-certificates-java/ca-certificates-java.hook.in new file mode 100755 index 0000000..f01fe36 --- /dev/null +++ b/recipes-core/ca-certificates-java/ca-certificates-java/ca-certificates-java.hook.in @@ -0,0 +1,64 @@ +#!/bin/sh -eu + +# As per the debian package, three cases when we can be called: +# 1) as part of update-ca-certificates -> add / remove certs as instructed +# 2) if first time install -> add all certs +# 3) package update -> do nothing +# We have no way to easily distinguish between first time install +# and package update in OE, so the distinction between cases 2) +# and 3) isn't perfect. + +self=$(basename $0) +jvm_libdir="@@libdir_jvm@@" + +if [ -n "${D:-}" ] ; then + # called from postinst as part of image build on host + if [ -z "${JVM_LIBDIR:-}" ] ; then + # should never happen, this is supposed to be passed in + echo "$0: no JVM_LIBDIR specified" >&2 + false + fi +fi +if [ -n "${JVM_LIBDIR:-}" ] ; then + jvm_libdir="${JVM_LIBDIR}" +fi + +for JAVA in icedtea7-native/bin/java \ + openjdk-8-native/bin/java openjdk-8/bin/java openjre-8/bin/java \ + ; do + if [ -x "${jvm_libdir}/${JAVA}" ] ; then + JAVA="${jvm_libdir}/${JAVA}" + break + fi +done + +if [ ! -x "${JAVA}" ] ; then + # shouldn't really happen, as we RDEPEND on java + echo "$0: JAVA not found" >&2 + false +fi + +if [ "${self}" = "ca-certificates-java-hook" ] ; then + # case 1) from above + # the list of (changed) files is passed via stdin + while read input ; do + echo "${input}" + done +elif [ -s $D${sysconfdir}/ssl/certs/java/cacerts ] ; then + # we were executed explicitly (not via ca-cacertificates hook) + # case 3) from above + # do nothing, as the trustStore exists already + return +else + # we were executed explicitly (not via ca-cacertificates hook) + # case 2) from above + # the trustStore doesn't exist yet, create it as this is + # a first time install (e.g. during image build) + find $D${sysconfdir}/ssl/certs -name '*.pem' | \ + while read filename ; do + echo "+${filename}" + done +fi | SYSROOT="${D:-}" ${JAVA} -Xmx64m \ + -jar ${D:-}@@datadir_java@@/@@JARFILENAME@@ \ + -storepass changeit + |