From: Paul Mackerras Date: Sat, 14 Sep 2024 03:31:56 +0000 (+1000) Subject: Don't overwrite configuration files in /ppp (#518) X-Git-Tag: v2.5.1~6 X-Git-Url: https://git.ozlabs.org/?a=commitdiff_plain;h=53e6846dffe2b0e2645581d70eabbc0cb0da78e3;p=ppp.git Don't overwrite configuration files in /ppp (#518) This renames the configuration files in etc.ppp/ to have ".example" on the end of their names. This is so that when they are copied to /ppp (often /etc/ppp), they don't overwrite existing pppd configuration files, and it is clear that they are just examples. Signed-off-by: Paul Mackerras --- diff --git a/Makefile.am b/Makefile.am index 23b16c1..3de35c8 100644 --- a/Makefile.am +++ b/Makefile.am @@ -10,16 +10,17 @@ DIST_SUBDIRS = $(SUBDIRS) include scripts install-data-hook: (cd $(DESTDIR)/$(sysconfdir)/$(PACKAGE) ; \ - chmod 600 chap-secrets pap-secrets eaptls-server eaptls-client) + chmod 600 chap-secrets.example pap-secrets.example \ + eaptls-server.example eaptls-client.example) sampledir = $(sysconfdir)/$(PACKAGE) sample_DATA = \ - etc.ppp/options \ - etc.ppp/chap-secrets \ - etc.ppp/pap-secrets \ - etc.ppp/eaptls-server \ - etc.ppp/eaptls-client \ - etc.ppp/openssl.cnf + etc.ppp/options.example \ + etc.ppp/chap-secrets.example \ + etc.ppp/pap-secrets.example \ + etc.ppp/eaptls-server.example \ + etc.ppp/eaptls-client.example \ + etc.ppp/openssl.cnf.example EXTRA_README = \ Changes-2.3 \ diff --git a/etc.ppp/chap-secrets b/etc.ppp/chap-secrets deleted file mode 100644 index 7d1c3cd..0000000 --- a/etc.ppp/chap-secrets +++ /dev/null @@ -1,2 +0,0 @@ -# Secrets for authentication using CHAP -# client server secret IP addresses diff --git a/etc.ppp/chap-secrets.example b/etc.ppp/chap-secrets.example new file mode 100644 index 0000000..7d1c3cd --- /dev/null +++ b/etc.ppp/chap-secrets.example @@ -0,0 +1,2 @@ +# Secrets for authentication using CHAP +# client server secret IP addresses diff --git a/etc.ppp/eaptls-client b/etc.ppp/eaptls-client deleted file mode 100644 index 7782f0e..0000000 --- a/etc.ppp/eaptls-client +++ /dev/null @@ -1,10 +0,0 @@ -# Parameters for authentication using EAP-TLS (client) - -# client name (can be *) -# server name (can be *) -# client certificate file (required) -# server certificate file (optional, if unused put '-') -# CA certificate file (required) -# client private key file (required) - -#client server /root/cert/client.crt - /root/cert/ca.crt /root/cert/client.key diff --git a/etc.ppp/eaptls-client.example b/etc.ppp/eaptls-client.example new file mode 100644 index 0000000..7782f0e --- /dev/null +++ b/etc.ppp/eaptls-client.example @@ -0,0 +1,10 @@ +# Parameters for authentication using EAP-TLS (client) + +# client name (can be *) +# server name (can be *) +# client certificate file (required) +# server certificate file (optional, if unused put '-') +# CA certificate file (required) +# client private key file (required) + +#client server /root/cert/client.crt - /root/cert/ca.crt /root/cert/client.key diff --git a/etc.ppp/eaptls-server b/etc.ppp/eaptls-server deleted file mode 100644 index fa53cbd..0000000 --- a/etc.ppp/eaptls-server +++ /dev/null @@ -1,11 +0,0 @@ -# Parameters for authentication using EAP-TLS (server) - -# client name (can be *) -# server name (can be *) -# client certificate file (optional, if unused put '-') -# server certificate file (required) -# CA certificate file (required) -# server private key file (required) -# allowed addresses (required, can be *) - -#client server - /root/cert/server.crt /root/cert/ca.crt /root/cert/server.key 192.168.1.0/24 diff --git a/etc.ppp/eaptls-server.example b/etc.ppp/eaptls-server.example new file mode 100644 index 0000000..fa53cbd --- /dev/null +++ b/etc.ppp/eaptls-server.example @@ -0,0 +1,11 @@ +# Parameters for authentication using EAP-TLS (server) + +# client name (can be *) +# server name (can be *) +# client certificate file (optional, if unused put '-') +# server certificate file (required) +# CA certificate file (required) +# server private key file (required) +# allowed addresses (required, can be *) + +#client server - /root/cert/server.crt /root/cert/ca.crt /root/cert/server.key 192.168.1.0/24 diff --git a/etc.ppp/openssl.cnf b/etc.ppp/openssl.cnf deleted file mode 100644 index dd32f30..0000000 --- a/etc.ppp/openssl.cnf +++ /dev/null @@ -1,14 +0,0 @@ -openssl_conf = openssl_def - -[ openssl_def ] -engines = engine_section - -[ engine_section ] -pkcs11 = pkcs11_section - -[ pkcs11_section ] -engine_id = pkcs11 -dynamic_path = /usr/lib64/openssl/engines/engine_pkcs11.so -MODULE_PATH = /usr/lib64/libeTPkcs11.so -init = 0 - diff --git a/etc.ppp/openssl.cnf.example b/etc.ppp/openssl.cnf.example new file mode 100644 index 0000000..dd32f30 --- /dev/null +++ b/etc.ppp/openssl.cnf.example @@ -0,0 +1,14 @@ +openssl_conf = openssl_def + +[ openssl_def ] +engines = engine_section + +[ engine_section ] +pkcs11 = pkcs11_section + +[ pkcs11_section ] +engine_id = pkcs11 +dynamic_path = /usr/lib64/openssl/engines/engine_pkcs11.so +MODULE_PATH = /usr/lib64/libeTPkcs11.so +init = 0 + diff --git a/etc.ppp/options b/etc.ppp/options deleted file mode 100644 index 4b67b6a..0000000 --- a/etc.ppp/options +++ /dev/null @@ -1 +0,0 @@ -lock diff --git a/etc.ppp/options.example b/etc.ppp/options.example new file mode 100644 index 0000000..4b67b6a --- /dev/null +++ b/etc.ppp/options.example @@ -0,0 +1 @@ +lock diff --git a/etc.ppp/pap-secrets b/etc.ppp/pap-secrets deleted file mode 100644 index f8b7dce..0000000 --- a/etc.ppp/pap-secrets +++ /dev/null @@ -1,2 +0,0 @@ -# Secrets for authentication using PAP -# client server secret IP addresses diff --git a/etc.ppp/pap-secrets.example b/etc.ppp/pap-secrets.example new file mode 100644 index 0000000..f8b7dce --- /dev/null +++ b/etc.ppp/pap-secrets.example @@ -0,0 +1,2 @@ +# Secrets for authentication using PAP +# client server secret IP addresses