From b63575cebc2b4c4c6b0188cc376cf623b3fc0d8e Mon Sep 17 00:00:00 2001
From: Pavel Roskin <plroskin@gmail.com>
Date: Fri, 19 Feb 2016 23:38:49 -0800
Subject: [PATCH] Create and install rsakeys.ini

Use install-data-hook to ensure restrictive permissions on rsakeys.ini.

Don't create rsakeys.ini in init scripts. This makes xrdp functional upon
"make install" without relying on the init scripts.

Packagers should not package rsakeys.ini, it should be created when the
package is installed.
---
 instfiles/init.d/xrdp | 13 -------------
 instfiles/rc.d/xrdp   |  4 ----
 keygen/Makefile.am    |  9 +++++++++
 3 files changed, 9 insertions(+), 17 deletions(-)

diff --git a/instfiles/init.d/xrdp b/instfiles/init.d/xrdp
index 8e5f42d1..f64e5965 100644
--- a/instfiles/init.d/xrdp
+++ b/instfiles/init.d/xrdp
@@ -23,7 +23,6 @@ SESMAN_START=yes
 #USERID=xrdp
 # the X11rdp backend only works as root at the moment - GH 20/03/2013
 USERID=root
-RSAKEYS=/etc/xrdp/rsakeys.ini
 NAME=xrdp
 DESC="Remote Desktop Protocol server"
 
@@ -67,18 +66,6 @@ if [ "$(id -u)" = "0" ]; then
         mkdir $PIDDIR
     fi
     chown $USERID:$USERID $PIDDIR
-
-    # Check for rsa key 
-    if [ ! -f $RSAKEYS ] ; then
-        log_action_begin_msg "Generating xrdp RSA keys..."
-        (umask 077 ; xrdp-keygen xrdp $RSAKEYS)
-        chown $USERID:$USERID $RSAKEYS
-        if [ ! -f $RSAKEYS ] ; then
-            log_action_end_msg 1 "could not create $RSAKEYS"
-            exit 1
-        fi
-        log_action_end_msg 0 "done"
-    fi
 fi
 
 
diff --git a/instfiles/rc.d/xrdp b/instfiles/rc.d/xrdp
index d20f8108..9dec649e 100644
--- a/instfiles/rc.d/xrdp
+++ b/instfiles/rc.d/xrdp
@@ -61,10 +61,6 @@ xrdp_cmd() {
     if [ "${rc_arg}" = "stop" ] ; then
 	xrdp_daemons=$(reverse_list ${xrdp_daemons})
     fi
-    # Generate rsakeys.ini on start
-    if [ "${rc_arg}" = "start" -a ! -f %%PREFIX%%/etc/xrdp/rsakeys.ini ] ; then
-        %%PREFIX%%/bin/xrdp-keygen xrdp %%PREFIX%%/etc/xrdp/rsakeys.ini
-    fi
 
     # Apply to all the daemons.
     for name in ${xrdp_daemons}; do
diff --git a/keygen/Makefile.am b/keygen/Makefile.am
index 353f74df..25e20d50 100644
--- a/keygen/Makefile.am
+++ b/keygen/Makefile.am
@@ -13,3 +13,12 @@ xrdp_keygen_SOURCES = keygen.c
 
 xrdp_keygen_LDADD = \
   $(top_builddir)/common/libcommon.la
+
+xrdpsysconfdir = $(sysconfdir)/xrdp
+
+install-data-hook:
+	umask 077 && \
+	  ./xrdp-keygen xrdp $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini
+
+uninstall-hook:
+	rm -f $(DESTDIR)$(xrdpsysconfdir)/rsakeys.ini