Petr Uzel wrote: > To be more specific: I work on packaging freeradius server RPM. The > README explictly states that "This bootstrap script SHOULD be run on > installation of any pre-built binary package for your OS." I > understand that it should be ran automatically in the %post section, > like in the suse spec file included in the tarball. This leads to two > problems: > - if the user runs bootstrap script manually after installation, the > certificates get corrupted
Yes. Re-generating the certs causes them to be regenerated. > - if the user performs upgrade of the package, the certificates get > corrupted - this is worse than the first problem, since the user > might already have his 'production' certificates installed. So don't regenerate them... > So I suggest either to > 1) do not recommend running the bootstrap script automatically and > force the user to run it manually > or > 2) fix the bootstrap script and/or Makefile to do nothing if > the required files already exist. That's already in the "makefile". I suggest a patch to the bootstrap script. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html