+ mkdir("$clientdir/ncalrpcdir", 0755);
+ umask $mask;
+
+ my $cadir = "$ENV{SRCDIR_ABS}/selftest/manage-ca/CA-samba.example.com";
+ my $cacert = "$cadir/Public/CA-samba.example.com-cert.pem";
+ my $cacrl_pem = "$cadir/Public/CA-samba.example.com-crl.pem";
+ my $ca_users_dir = "$cadir/Users";
+
+ if ( -d "$clientdir/pkinit" ) {
+ unlink <$clientdir/pkinit/*>;
+ } else {
+ mkdir("$clientdir/pkinit", 0700);
+ }
+
+ # each user has a USER-${USER_PRINCIPAL_NAME}-cert.pem and
+ # USER-${USER_PRINCIPAL_NAME}-private-key.pem symlink
+ # We make a copy here and make the certificated easily
+ # accessable in the client environment.
+ my $mask = umask;
+ umask 0077;
+ opendir USERS, "${ca_users_dir}" or die "Could not open dir '${ca_users_dir}': $!";
+ for my $d (readdir USERS) {
+ my $user_dir = "${ca_users_dir}/${d}";
+ next if ${d} =~ /^\./;
+ next if (! -d "${user_dir}");
+ opendir USER, "${user_dir}" or die "Could not open dir '${user_dir}': $!";
+ for my $l (readdir USER) {
+ my $user_link = "${user_dir}/${l}";
+ next if ${l} =~ /^\./;
+ next if (! -l "${user_link}");
+
+ my $dest = "${clientdir}/pkinit/${l}";
+ Samba::copy_file_content(${user_link}, ${dest});
+ }
+ closedir USER;
+ }
+ closedir USERS;
+ umask $mask;
+
+ open(CF, ">$conffile");
+ print CF "[global]\n";