From Fedora Project Wiki

(Created page with 'Part 1: enabling system NSS 1) As root install nss-sysinit nss-sysinit has a post install scriplet that invokes '/usr/bin/setup-nsssysint.sh on" This scripts edits /etc/pki/nss...')
 
(Updated to use QA/Test_Case template)
Line 1: Line 1:
Part 1: enabling system NSS
{{QA/Test_Case
1) As root install nss-sysinit
|description=This test case verifies properly enabling system NSS.
nss-sysinit has a post install scriplet that invokes  
|actions=
'/usr/bin/setup-nsssysint.sh on"
# As root, install {{command|nss-sysinit}}: <pre>yum install nss-sysinit</pre>
This scripts edits /etc/pki/nssdb/pkcs11.txt as follows
# The command {{command|nss-sysinit}} has a post install scriplet that invokes <code>/usr/bin/setup-nsssysint.sh on</code>.  This scripts edits {{filename|/etc/pki/nssdb/pkcs11.txt}} as follows:
(a) In the stanza with NSS Internal PKCS #11 Module:
#* In the stanza with NSS Internal PKCS #11 Module, change the ''library='' section to the following: <pre>library=libnsssysinit.so</pre>
library= is changed to library=libnsssysinit.so
#* In the same NSS stanza, update the Flags to include ''moduleDBOnly''.  For example: <pre>Flags=internal,moduleDBOnly,critical</pre>
(b) In the same stanza, with NSS= changes the Flags from:  
# The {{command|nss-sysinit}} has a preuninstall install scriplet that invokes <code>/usr/bin/setup-nsssysint.sh off</code> which undoes these changes.
Flags=internal,critical to
# Next, create sl dsb's from the local dbm database.  As root run: <pre>certutil -K -X -d sql:/etc/pki/nssdb</pre>
Flags=internal,moduleDBOnly,critical  
|results=FIXME
 
}}
nss-sysinit has a preuninstall install scriplet that invokes "/usr/bin/setup-nsssysint.sh off" which undoes these changes.
 
2) As root run "certutil -K -X -d sql:/etc/pki/nssdb"
(this will create sl dsb's from the local dbm database).

Revision as of 13:51, 15 October 2009

Description

This test case verifies properly enabling system NSS.


How to test

  1. As root, install nss-sysinit: 
    yum install nss-sysinit
  2. The command nss-sysinit has a post install scriplet that invokes /usr/bin/setup-nsssysint.sh on. This scripts edits /etc/pki/nssdb/pkcs11.txt as follows:
    • In the stanza with NSS Internal PKCS #11 Module, change the library= section to the following: 
      library=libnsssysinit.so
    • In the same NSS stanza, update the Flags to include moduleDBOnly. For example: 
      Flags=internal,moduleDBOnly,critical
  3. The nss-sysinit has a preuninstall install scriplet that invokes /usr/bin/setup-nsssysint.sh off which undoes these changes.
  4. Next, create sl dsb's from the local dbm database. As root run: 
    certutil -K -X -d sql:/etc/pki/nssdb

Expected Results

FIXME



Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_enable_system_nss&oldid=130072"