Last active
January 14, 2025 18:04
Revisions
-
Informatic revised this gist
Feb 20, 2022 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -29,6 +29,7 @@ overlay() { overlay /etc/ssl/certs overlay /usr/share/ca-certificates overlay /etc/ca-certificates.conf overlay /etc/pki if [ ! -f "/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt" ]; then # from https://letsencrypt.org/certs/isrgrootx1.pem -
Feb 20, 2022 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -83,3 +83,5 @@ if [[ "$(ls -td /etc/ssl/certs/* /etc/ca-certificates.conf | head -1)" != "/etc/ c_rehash cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/trusted_cas.crt fi # TODO: certutil -d /etc/pki/nssdb/ -A -t 'C,,' -n CA -i /usr/share/ca-certificates/... -
Feb 20, 2022 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -80,5 +80,6 @@ fi if [[ "$(ls -td /etc/ssl/certs/* /etc/ca-certificates.conf | head -1)" != "/etc/ssl/certs/ca-certificates.crt" ]]; then update-ca-certificates c_rehash cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/trusted_cas.crt fi -
Jan 23, 2022 . No changes.There are no files selected for viewing
-
Jan 23, 2022 . No changes.There are no files selected for viewing
-
Jan 2, 2022 . 1 changed file with 1 addition and 4 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -29,10 +29,6 @@ overlay() { overlay /etc/ssl/certs overlay /usr/share/ca-certificates overlay /etc/ca-certificates.conf if [ ! -f "/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt" ]; then # from https://letsencrypt.org/certs/isrgrootx1.pem @@ -84,4 +80,5 @@ fi if [[ "$(ls -td /etc/ssl/certs/* /etc/ca-certificates.conf | head -1)" != "/etc/ssl/certs/ca-certificates.crt" ]]; then update-ca-certificates cp /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/trusted_cas.crt fi -
Jan 2, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,87 @@ #!/bin/sh # Directory to store overlays in (one directory structure is created per overlay configured down below) OVERLAY_BASE=/var/lib/webosbrew/customca overlay() { set -e overlay_id="$(echo $1 | sed 's;/;__;g')" unset TARGET SOURCE FSTYPE OPTIONS eval $(findmnt -P $1) if [[ "$FSTYPE" == "overlay" ]] || [ -f "$1" ] && [[ "$FSTYPE" != "" ]]; then echo "[-] Overlay '$1' already mounted" elif [ -f "$1" ]; then if [ ! -f "$OVERLAY_BASE/$overlay_id" ]; then echo "[ ] Preparing overlay for '$1'" cp $1 $OVERLAY_BASE/$overlay_id; fi mount --bind "$OVERLAY_BASE/$overlay_id" "$1" echo "[+] File overlay '$1' mounted" else echo "[ ] Preparing overlay for '$1' -> $OVERLAY_BASE/$overlay_id" mkdir -p "$OVERLAY_BASE/$overlay_id/upper" "$OVERLAY_BASE/$overlay_id/work" mount -t overlay -o lowerdir=$1,upperdir=$OVERLAY_BASE/$overlay_id/upper/,workdir=$OVERLAY_BASE/$overlay_id/work/ overlay-$overlay_id $1 echo "[+] Overlay '$1' mounted" fi } # Usage: overlay /etc/ssl/certs overlay /usr/share/ca-certificates overlay /etc/ca-certificates.conf overlay /etc/jail_native.conf overlay /etc/jail_default.conf overlay /etc/jail_native_devmode.conf overlay /etc/jail_native_builtin.conf if [ ! -f "/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt" ]; then # from https://letsencrypt.org/certs/isrgrootx1.pem cat <<EOF >"/usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt" -----BEGIN CERTIFICATE----- MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4 WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+ 0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ 3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5 ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq 4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc= -----END CERTIFICATE----- EOF ln -sf /usr/share/ca-certificates/mozilla/ISRG_Root_X1.crt /etc/ssl/certs/ISRG_Root_X1.crt fi if grep -i DST_Root_CA_X3 /etc/ca-certificates.conf; then echo "[+] Removing DST_Root_CA_X3" sed '/DST_Root_CA_X3/d' /etc/ca-certificates.conf > /tmp/c && cp /tmp/c /etc/ca-certificates.conf fi if ! grep 'ISRG_Root_X1' /etc/ca-certificates.conf; then echo "[+] Adding ISRG_Root_X1" echo 'mozilla/ISRG_Root_X1.crt' >> /etc/ca-certificates.conf fi if [[ "$(ls -td /etc/ssl/certs/* /etc/ca-certificates.conf | head -1)" != "/etc/ssl/certs/ca-certificates.crt" ]]; then update-ca-certificates fi