ca-certificates setup is now done by puppet

[mirror/dsa-wiki.git] / input / howto / new-machine.creole

diff --git a/input/howto/new-machine.creole b/input/howto/new-machine.creole
index 66e65f0..1303ea5 100644 (file)
--- a/input/howto/new-machine.creole
+++ b/input/howto/new-machine.creole
@@ -30,6 +30,7 @@ Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
 
 * on the host, run ud-replicate and check if it worked
 {{{
+    apt-get update &&
     apt-get install -y --no-install-recommends userdir-ldap &&
     ud-replicate &&
     id weasel
@@ -54,13 +55,6 @@ Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
 
 * try to become root using sudo.
 
-* make ca-certificates sane:  (choose to *not* trust new certs, and we only want the spi cert activated)
-{{{
-    echo "ca-certificates ca-certificates/trust_new_crts  select no" | debconf-set-selections
-    sed -i -e 's/^[^#!].*/!&/; s#^!spi-inc.org/spi-cacert-2008.crt#spi-inc.org/spi-cacert-2008.crt#' /etc/ca-certificates.conf
-    dpkg-reconfigure ca-certificates
-}}}
-
 * Add debian-admin@debian.org to root in /etc/aliases
 {{{
   if ! egrep '^root:' /etc/aliases > /dev/null; then
@@ -76,7 +70,7 @@ Note: this has recently been changed to rely more on [[puppet|howto/puppet-setup
   apt-get install -y samhain &&
   ( puppet agent --no-daemonize --onetime || true ) &&
   service samhain stop &&
-  rm /var/state/samhain/samhain_file &&
+  rm -f /var/state/samhain/samhain_file /var/lib/samhain/samhain_file &&
   samhain --foreground -t init -p none -s none -l none -m none &&
   service samhain start
 }}}