Fixes to get TPS to configure correctly

1. Reorder http.conf to actually read worker config 2. Change functions so that the TPS would restart. Before restarts would fail because the tus link already exists 3. Modify system verification test to return correctly when tests are successful
author: Ade Lee <alee@redhat.com> 2012-10-17 16:17:54 -0400
committer: Ade Lee <alee@redhat.com> 2012-10-18 17:30:01 -0400
commit: 643c089887db3369363e2b88dde19ef3a97029a2 (patch)
tree: bf83cb714fcf35190d8108fd71a6ae8671add303
parent: 8973480558c6b87c4aa6e1fdcd48b6d98c05a042 (diff)
download: pki-643c089887db3369363e2b88dde19ef3a97029a2.tar.gz
pki-643c089887db3369363e2b88dde19ef3a97029a2.tar.xz
pki-643c089887db3369363e2b88dde19ef3a97029a2.zip
4 files changed, 22 insertions, 18 deletions
diff --git a/base/ra/apache/conf/httpd.conf b/base/ra/apache/conf/httpd.conf
index 180c08de0..754dcebee 100644
--- a/base/ra/apache/conf/httpd.conf
+++ b/base/ra/apache/conf/httpd.conf
@@ -130,6 +130,11 @@ MaxRequestsPerChild  0
 # MaxSpareThreads: maximum number of worker threads which are kept spare
 # ThreadsPerChild: constant number of worker threads in each server process
 # MaxRequestsPerChild: maximum number of requests a server process serves
+
+# MPM worker module is a loadable module as of 2.4
+# Module must be loaded before the configuration stanza
+LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
+
 <IfModule worker.c>
 ServerLimit          1
 StartServers         1
@@ -232,9 +237,6 @@ Listen [PORT]
 # LoadModule foo_module modules/mod_foo.so
 #
 
-# MPM worker module is a loadable module as of 2.4
-LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
-
 LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so
 [FORTITUDE_AUTH_MODULES]
 # Module for User and Group
diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions
index 308f2ca80..058022efc 100644
--- a/base/setup/scripts/functions
+++ b/base/setup/scripts/functions
@@ -897,6 +897,7 @@ verify_symlinks()
     declare -A common_jar_symlinks
     declare -A webapps_jar_symlinks
     declare -A systemd_symlinks
+    declare -A tus_symlinks
 
     # Dogtag 9 Conditional Variables
     if [ ${ARCHITECTURE} == "x86_64" ]; then
@@ -949,6 +950,9 @@ verify_symlinks()
     # '${PKI_INSTANCE_PATH}/lib' symlinks
     perl_symlinks[perl]=/usr/share/pki/${PKI_SUBSYSTEM_TYPE}/lib/perl
 
+    # '${PKI_INSTANCE_PATH}/docroot' symlinks
+    tus_symlinks[tus]="${PKI_INSTANCE_PATH}/docroot/tokendb"
+
     # '${pki_common_jar_dir}' symlinks
     common_jar_symlinks=(
         [apache-commons-logging.jar]=/usr/share/java/apache-commons-logging.jar
@@ -1017,20 +1021,16 @@ verify_symlinks()
         fi
 
         if [ "${PKI_SUBSYSTEM_TYPE}" == "tps"  ]; then
-            # ALWAYS recreate this "convenience" link and 'chown' it
-            # NOTE:  Ignore 'chown' errors.
-            cd ${PKI_INSTANCE_PATH}/docroot ;
-            ln -s tokendb tus ;
+            # Detect and correct 'tus_symlinks'
+            tus_symlinks_string=$(declare -p tus_symlinks)
+            eval "declare -A symlinks=${tus_symlinks_string#*=}"
+            check_symlinks ${PKI_INSTANCE_PATH}/docroot ${PKI_USER} ${PKI_GROUP}
             rv=$?
-            if [ $rv -eq 0 ]; then
-                chown -h ${PKI_USER}:${PKI_GROUP} tus
-                # echo "SUCCESS:  Created 'tus' -> 'tokendb'"
-            else
-                echo "ERROR:  Failed to create 'tus' -> 'tokendb' convenience"
-                echo "        symbolic link for '${PKI_INSTANCE_ID}'!"
-                return 1
+            if [ $rv -ne 0 ]; then
+                return $rv
             fi
         fi
+
     elif [ "${PKI_SUBSYSTEM_TYPE}" == "ca"   ]  ||
          [ "${PKI_SUBSYSTEM_TYPE}" == "kra"  ]  ||
          [ "${PKI_SUBSYSTEM_TYPE}" == "ocsp" ]  ||
diff --git a/base/tps/apache/conf/httpd.conf b/base/tps/apache/conf/httpd.conf
index a9410849c..bf5864174 100644
--- a/base/tps/apache/conf/httpd.conf
+++ b/base/tps/apache/conf/httpd.conf
@@ -130,6 +130,11 @@ MaxRequestsPerChild  0
 # MaxSpareThreads: maximum number of worker threads which are kept spare
 # ThreadsPerChild: constant number of worker threads in each server process
 # MaxRequestsPerChild: maximum number of requests a server process serves
+
+# MPM worker module is a loadable module as of 2.4
+# Module must be loaded before the configuration stanza
+LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
+
 <IfModule worker.c>
 ServerLimit          1
 StartServers         1
@@ -232,9 +237,6 @@ Listen [PORT]
 # LoadModule foo_module modules/mod_foo.so
 #
 
-# MPM worker module is a loadable module as of 2.4
-LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
-
 LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so
 [FORTITUDE_AUTH_MODULES]
 # Module for User and Group
diff --git a/base/tps/src/engine/RA.cpp b/base/tps/src/engine/RA.cpp
index 436225045..82f53c161 100644
--- a/base/tps/src/engine/RA.cpp
+++ b/base/tps/src/engine/RA.cpp
@@ -3483,7 +3483,7 @@ TPS_PUBLIC bool RA::verifySystemCertByNickname(const char *nickname, const char
  */
 TPS_PUBLIC bool RA::verifySystemCerts() {
     bool verifyResult = false;
-    bool rv = false; /* final return value */
+    bool rv = true; /* final return value */
     char configname[256];
     char configname_nn[256];
     char configname_cu[256];
author	Ade Lee <alee@redhat.com>	2012-10-17 16:17:54 -0400
committer	Ade Lee <alee@redhat.com>	2012-10-18 17:30:01 -0400
commit	643c089887db3369363e2b88dde19ef3a97029a2 (patch)
tree	bf83cb714fcf35190d8108fd71a6ae8671add303
parent	8973480558c6b87c4aa6e1fdcd48b6d98c05a042 (diff)
download	pki-643c089887db3369363e2b88dde19ef3a97029a2.tar.gz pki-643c089887db3369363e2b88dde19ef3a97029a2.tar.xz pki-643c089887db3369363e2b88dde19ef3a97029a2.zip