to reset auth key age until the first rotation has happened, otherwise
all currently existing tickets get invalidated immediately once the
rotation code gets enabled.
disabled until first PVE 6.0 package release
Signed-off-by: Fabian Grünbichler <f.gruenbich...@proxmox.com>
---
Notes:
new in v3
debian/postinst | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
create mode 100755 debian/postinst
diff --git a/debian/postinst b/debian/postinst
new file mode 100755
index 0000000..a9b0331
--- /dev/null
+++ b/debian/postinst
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+set -e
+
+#DEBHELPER#
+
+case "$1" in
+ configure)
+ # TODO: enable for PVE 6.0
+# if test -n "$2"; then
+#
+# # TODO: remove once PVE 7.0 is released
+# if dpkg --compare-versions "$2" 'lt' '6.0-1'; then
+# if test ! -e /etc/pve/authkey.pub.old; then
+# # reset key age to prevent immediate invalidation of all
current tickets
+# touch -d "-2h" /etc/pve/authkey.pub 2>/dev/null || true
+# fi
+# fi
+#
+# fi
+ ;;
+
+esac
+
+exit 0
--
2.20.1
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
https://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
