SET(TARGET_CERT_SERVER "cert-server")
SET(CERT_SVC_PATH ${TZ_SYS_RO_SHARE}/cert-svc)
-SET(CERT_SVC_DB_PATH ${TZ_SYS_SHARE}/cert-svc/dbspace)
+SET(CERT_SVC_RW_PATH ${TZ_SYS_SHARE}/cert-svc)
+SET(CERT_SVC_DB_PATH ${CERT_SVC_RW_PATH}/dbspace)
ADD_DEFINITIONS("-DSIGNATURE_SCHEMA_PATH=\"${CERT_SVC_PATH}/schema.xsd\"")
+
ADD_DEFINITIONS("-DCERTSVC_SYSTEM_STORE_DB=\"${CERT_SVC_DB_PATH}/certs-meta.db\"")
-ADD_DEFINITIONS("-DCERTSVC_DIR=\"${CERT_SVC_PATH}/certs/\"")
-ADD_DEFINITIONS("-DCERTSVC_PKCS12_STORAGE_DIR=\"${CERT_SVC_PATH}/pkcs12/\"")
+ADD_DEFINITIONS("-DCERTSVC_PKCS12_STORAGE_DIR=\"${CERT_SVC_RW_PATH}/pkcs12/\"")
ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS=\"${TZ_SYS_CA_CERTS}\"")
ADD_DEFINITIONS("-DTZ_SYS_CA_CERTS_ORIG=\"${TZ_SYS_CA_CERTS_ORIG}\"")
<domain name="_" />
</request>
<assign>
- <filesystem path="@CERT_SVC_PATH@" label="System" type="transmutable" />
+ <filesystem path="@CERT_SVC_RW_PATH@" label="System" type="transmutable" />
</assign>
</manifest>
%install_service multi-user.target.wants cert-server.service
%install_service sockets.target.wants cert-server.socket
-mkdir -p %buildroot%TZ_SYS_RO_SHARE/cert-svc/pkcs12
+mkdir -p %buildroot%TZ_SYS_SHARE/cert-svc/pkcs12
mkdir -p %buildroot%TZ_SYS_SHARE/cert-svc/dbspace
ln -s %TZ_SYS_CA_BUNDLE_RW %buildroot%TZ_SYS_RO_SHARE/cert-svc/ca-certificate.crt
%_libdir/libcert-svc-vcore.so.*
%TZ_SYS_BIN/cert-server
%attr(-, system, system) %TZ_SYS_RO_SHARE/cert-svc
+%dir %attr(-, system, system) %TZ_SYS_SHARE/cert-svc
%attr(-, system, system) %TZ_SYS_SHARE/cert-svc/dbspace/*
%files devel