- use the API SSL private key for signing tickets

- generate API SSL public key if necessary
- /etc/init.d/postgresql always returns 0, even on failure, check status
  after starting

diff --git a/guest.init b/guest.init
index 251a6f5..6cd8beb 100755 (executable)
--- a/guest.init
+++ b/guest.init
@@ -6,7 +6,7 @@
 #
 # description: Manages all PLC services on this machine
 #
-# $Id: guest.init,v 1.2 2006/03/27 18:50:20 mlhuang Exp $
+# $Id: guest.init,v 1.3 2006/03/27 22:03:38 mlhuang Exp $
 #
 
 PATH=/sbin:/bin:/usr/bin:/usr/sbin
@@ -92,7 +92,7 @@ PL_API_PORT=$PLC_API_PORT
 PL_API_CAPABILITY_AUTH_METHOD='capability'
 PL_API_CAPABILITY_PASS='$PLC_API_MAINTENANCE_PASSWORD'
 PL_API_CAPABILITY_USERNAME='$PLC_API_MAINTENANCE_USER'
-PL_API_TICKET_KEY_FILE='$PLC_API_TICKET_KEY'
+PL_API_TICKET_KEY_FILE='$PLC_API_SSL_KEY'
 PLANETLAB_SUPPORT_EMAIL='$PLC_MAIL_SUPPORT_ADDRESS'
 BOOT_MESSAGES_EMAIL='$PLC_MAIL_BOOT_ADDRESS'
 WWW_BASE='$PLC_WWW_HOST'
@@ -230,6 +230,8 @@ config_postgresql ()
 
            # Start up the server
            service postgresql start
+           # /etc/init.d/postgresql always returns 0, even on failure
+           status postmaster
            RETVAL=$?
 
            # Create/update the unprivileged database user and password
@@ -345,6 +347,10 @@ EOF
            if [ ! -f $PLC_API_SSL_KEY ] ; then
                cp -a $PLC_WWW_SSL_KEY $PLC_API_SSL_KEY
            fi
+           if [ ! -f $PLC_API_SSL_KEY_PUB ] ; then
+               openssl rsa -pubout <$PLC_API_SSL_KEY >$PLC_API_SSL_KEY_PUB
+               RETVAL=$(($RETVAL+$?))
+           fi
            if [ ! -f $PLC_API_SSL_CRT ] ; then
                cp -a $PLC_WWW_SSL_CRT $PLC_API_SSL_CRT
            fi