install_data_to_pki(): Use 'cp --no-clobber' to install a blank vars

In the context of 'vars-setup', install_data_to_pki() will only copy the example vars file to a live vars file in the event that no other vars file exists. This final check will never over-write vars file which is in the PKI. Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com>
2022-04-20 22:18:41 +01:00 · 2022-04-20 22:18:41 +01:00 · 9a8e77e043
commit 9a8e77e043
parent df526695d8
1 changed files with 17 additions and 4 deletions
--- a/easyrsa3/easyrsa
+++ b/easyrsa3/easyrsa
@ -680,6 +680,9 @@ install_data_to_pki () {
 #
 # Copying 'vars' to the PKI is complicated, code is included but DISABLED.

+	context="$1"
+	shift
+
 	# Set required sources
 	vars_file='vars'
 	vars_file_example='vars.example'
@ -735,9 +738,8 @@ install_data_to_pki () {
 	fi

 	# If this is init-pki then create PKI/vars from PKI/example
-	case "$1" in
+	case "$context" in
 	init-pki)
-		shift
 		if [ -e "${EASYRSA_PKI}/${vars_file_example}" ] && \
 			[ ! -e "${EASYRSA_PKI}/${vars_file}" ]
 		then
@ -758,11 +760,22 @@ install_data_to_pki () {
 		secure_session || die "install_data_to_pki - secure_session"
 	;;
 	vars-setup)
-		shift ;; # ok
+		if [ "$found_vars" ]; then
+			: # ok - Do not make a PKI/vars if another vars exists
+		else
+			if [ -e "${EASYRSA_PKI}/${vars_file_example}" ] && \
+				[ ! -e "${EASYRSA_PKI}/${vars_file}" ]
+			then
+				# This is allowed to fail because it should not be necessary
+				cp -n "${EASYRSA_PKI}/${vars_file_example}" \
+					"${EASYRSA_PKI}/${vars_file}" || :
+			fi
+		fi
+	;;
 	'')
 		die "install_data_to_pki - unspecified context" ;;
 	*)
-		die "install_data_to_pki - unknown context: $1"
+		die "install_data_to_pki - unknown context: $context"
 	esac

 	# Check PKI is updated - Omit unnecessary checks