diff options
author | Matthew Harmsen <mharmsen@pki.usersys.redhat.com> | 2016-04-26 16:43:15 -0600 |
---|---|---|
committer | Matthew Harmsen <mharmsen@pki.usersys.redhat.com> | 2016-04-27 12:38:20 -0600 |
commit | 6f9d417ff906360ee2f39a432cd3faccc3f52a2e (patch) | |
tree | d9a4f3391073acc358cc9f2fbfe23a0fe26e40d5 | |
parent | 849705a4cde92e61d3edaa5c266f97661d65f797 (diff) | |
download | pki-6f9d417ff906360ee2f39a432cd3faccc3f52a2e.tar.gz pki-6f9d417ff906360ee2f39a432cd3faccc3f52a2e.tar.xz pki-6f9d417ff906360ee2f39a432cd3faccc3f52a2e.zip |
Removed pkidaemon support of apache instances
- PKI TRAC Ticket #2248 - support only tomcat instances
-rw-r--r-- | base/server/man/man1/pkidaemon.1 | 26 | ||||
-rw-r--r-- | base/server/scripts/operations | 272 | ||||
-rwxr-xr-x | base/server/scripts/pkidaemon | 12 | ||||
-rw-r--r-- | base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service | 2 | ||||
-rw-r--r-- | base/server/share/lib/systemd/system/pki-tomcatd@.service | 2 |
5 files changed, 59 insertions, 255 deletions
diff --git a/base/server/man/man1/pkidaemon.1 b/base/server/man/man1/pkidaemon.1 index 35c04e558..d195f36d5 100644 --- a/base/server/man/man1/pkidaemon.1 +++ b/base/server/man/man1/pkidaemon.1 @@ -19,7 +19,7 @@ .SH SYNOPSIS .nf -\fBpkidaemon {start|status} instance-type [instance-name]\fR +\fBpkidaemon {start|status} [instance-name]\fR .fi .TP \fBNote:\fP Although this tool currently resides in the \fB/usr/bin\fP directory, proper use of it requires it to be run with super user privileges. @@ -29,8 +29,6 @@ The \fBpkidaemon\fR command with the 'status' argument provides a way to display the status of all existing PKI instances on a machine. Optionally, an individual PKI instance may be specified by using an optional \fB[instance-name]\fP. .PP The \fBpkidaemon\fR 'start' argument is currently only used internally by the systemctl scripts. -.PP -Currently, although the \fBpkidaemon\fR 'instance-type' argument states that it can be either \fBapache\fP or \fBtomcat\fP, only the \fBtomcat\fP argument will yield useful details. .SH OPTIONS As stated above, the only optional argument to \fBpkidaemon\fR is \fB[instance-name]\fP. If a valid instance name is specified, only the status of that instance will be displayed. @@ -44,7 +42,7 @@ For the OCSP 'Unsecure URL' and the OCSP 'Secure EE URL' which both specify a st .SS Listing the status of all local PKI instances on this machine: .BR .PP -\fB# pkidaemon status tomcat\fR +\fB# pkidaemon status\fR REPORT STATUS OF 'tomcat' INSTANCE(S): @@ -58,7 +56,7 @@ Status for pki-tomcat: pki-tomcat is running .. PKI Console Command = pkiconsole https://pki.example.com:8443/ca Tomcat Port = 8005 (for shutdown) - [DRM Status Definitions] + [KRA Status Definitions] Secure Agent URL = https://pki.example.com:8443/kra/agent/kra Secure Admin URL = https://pki.example.com:8443/kra/services PKI Console Command = pkiconsole https://pki.example.com:8443/kra @@ -81,9 +79,9 @@ Status for pki-tomcat: pki-tomcat is running .. [TPS Status Definitions] Unsecure URL = http://pki.example.com:8080/tps Secure URL = https://pki.example.com:8443/tps - Tomcat Port = 8005 (for shutdown) Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome + Tomcat Port = 8005 (for shutdown) [CA Configuration Definitions] PKI Instance Name: pki-tomcat @@ -96,10 +94,10 @@ Status for pki-tomcat: pki-tomcat is running .. URL: https://pki.example.com:8443 ==================================================================== - [DRM Configuration Definitions] + [KRA Configuration Definitions] PKI Instance Name: pki-tomcat - PKI Subsystem Type: DRM + PKI Subsystem Type: KRA Registered PKI Security Domain Information: ==================================================================== @@ -166,7 +164,7 @@ FINISHED REPORTING STATUS OF 'tomcat' INSTANCE(S). .SS Listing the status of the PKI instance named 'pki-tomcat': .BR .PP -\fB# pkidaemon status tomcat pki-tomcat\fR +\fB# pkidaemon status pki-tomcat\fR Status for pki-tomcat: pki-tomcat is running .. @@ -178,7 +176,7 @@ Status for pki-tomcat: pki-tomcat is running .. PKI Console Command = pkiconsole https://pki.example.com:8443/ca Tomcat Port = 8005 (for shutdown) - [DRM Status Definitions] + [KRA Status Definitions] Secure Agent URL = https://pki.example.com:8443/kra/agent/kra Secure Admin URL = https://pki.example.com:8443/kra/services PKI Console Command = pkiconsole https://pki.example.com:8443/kra @@ -201,9 +199,9 @@ Status for pki-tomcat: pki-tomcat is running .. [TPS Status Definitions] Unsecure URL = http://pki.example.com:8080/tps Secure URL = https://pki.example.com:8443/tps - Tomcat Port = 8005 (for shutdown) Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome + Tomcat Port = 8005 (for shutdown) [CA Configuration Definitions] PKI Instance Name: pki-tomcat @@ -216,10 +214,10 @@ Status for pki-tomcat: pki-tomcat is running .. URL: https://pki.example.com:8443 ==================================================================== - [DRM Configuration Definitions] + [KRA Configuration Definitions] PKI Instance Name: pki-tomcat - PKI Subsystem Type: DRM + PKI Subsystem Type: KRA Registered PKI Security Domain Information: ==================================================================== @@ -263,7 +261,7 @@ Status for pki-tomcat: pki-tomcat is running .. .SS Listing the status of the PKI instance named 'pki-tomcat-2': .BR .PP -\fB# pkidaemon status tomcat pki-tomcat-2\fR +\fB# pkidaemon status pki-tomcat-2\fR Status for pki-tomcat-2: pki-tomcat-2 is running .. diff --git a/base/server/scripts/operations b/base/server/scripts/operations index 14ab4af56..cbd329a0d 100644 --- a/base/server/scripts/operations +++ b/base/server/scripts/operations @@ -84,36 +84,22 @@ fi PKI_CA_PATH="/usr/share/pki/ca" PKI_KRA_PATH="/usr/share/pki/kra" PKI_OCSP_PATH="/usr/share/pki/ocsp" -PKI_RA_PATH="/usr/share/pki/ra" PKI_TKS_PATH="/usr/share/pki/tks" PKI_TPS_PATH="/usr/share/pki/tps" -if [ '${PKI_TYPE}' == "apache" ] ; then - if [ ! -d ${PKI_RA_PATH} ] && - [ ! -d ${PKI_TPS_PATH} ] ; then - echo "This machine is missing all PKI '${PKI_TYPE}' subsystems!" - if [ "${command}" != "status" ]; then - # 5 program is not installed - exit 5 - else - exit ${default_error} - fi - fi -elif [ '${PKI_TYPE}' == "tomcat" ] ; then - if [ ! -d ${PKI_CA_PATH} ] && - [ ! -d ${PKI_KRA_PATH} ] && - [ ! -d ${PKI_OCSP_PATH} ] && - [ ! -d ${PKI_TKS_PATH} ] ; then - echo "This machine is missing all PKI '${PKI_TYPE}' subsystems!" - if [ "${command}" != "status" ]; then - # 5 program is not installed - exit 5 - else - exit ${default_error} - fi +if [ ! -d ${PKI_CA_PATH} ] && + [ ! -d ${PKI_KRA_PATH} ] && + [ ! -d ${PKI_OCSP_PATH} ] && + [ ! -d ${PKI_TKS_PATH} ] && + [ ! -d ${PKI_TPS_PATH} ] ; then + echo "This machine is missing all PKI '${PKI_TYPE}' subsystems!" + if [ "${command}" != "status" ]; then + # 5 program is not installed + exit 5 + else + exit ${default_error} fi fi -PKI_INSTANCE_TYPES="apache tomcat" PKI_REGISTRY_ENTRIES="" PKI_SUBSYSTEMS="" TOTAL_PKI_REGISTRY_ENTRIES=0 @@ -150,30 +136,14 @@ usage() echo -n "|stop|restart" fi echo -n "|status} " - echo -n "instance-type " echo -n "[instance-name]" echo echo } -list_instance_types() -{ - echo - for PKI_INSTANCE_TYPE in $PKI_INSTANCE_TYPES; do - echo " $PKI_INSTANCE_TYPE" - done - echo -} - list_instances() { echo - for INSTANCE in /etc/sysconfig/pki/apache/*; do - if [ -d "${INSTANCE}" ] ; then - instance_name=`basename ${INSTANCE}` - echo " $instance_name" - fi - done for INSTANCE in /etc/sysconfig/pki/tomcat/*; do if [ -d "${INSTANCE}" ] ; then instance_name=`basename ${INSTANCE}` @@ -199,17 +169,6 @@ get_subsystems() fi done ;; - apache) - for SUBSYSTEM in ra; do - if [ -d ${PKI_INSTANCE_PATH}/conf/${SUBSYSTEM} ]; then - if [ '${PKI_SUBSYSTEMS}' == "" ] ; then - PKI_SUBSYSTEMS="${SUBSYSTEM}" - else - PKI_SUBSYSTEMS="${PKI_SUBSYSTEMS} ${SUBSYSTEM}" - fi - fi - done - ;; *) echo "Unknown web server type ($PKI_WEB_SERVER_TYPE)" exit ${default_error} @@ -218,14 +177,12 @@ get_subsystems() } # Check arguments -if [ $# -lt 2 ] ; then +if [ $# -lt 1 ] ; then # [insufficient arguments] echo "$PROG_NAME: Insufficient arguments!" echo usage - echo "where valid instance types include:" - list_instance_types - echo "and where valid instance names include:" + echo "where valid instance names include:" list_instances exit 3 elif [ ${default_error} -eq 2 ] ; then @@ -233,18 +190,14 @@ elif [ ${default_error} -eq 2 ] ; then echo "$PROG_NAME: Invalid arguments!" echo usage - echo "where valid instance types include:" - list_instance_types - echo "and where valid instance names include:" + echo "where valid instance names include:" list_instances exit 2 -elif [ $# -gt 3 ] ; then +elif [ $# -gt 2 ] ; then echo "$PROG_NAME: Excess arguments!" echo usage - echo "where valid instance types include:" - list_instance_types - echo "and where valid instance names include:" + echo "where valid instance names include:" list_instances if [ "${command}" != "status" ]; then # 2 excess arguments @@ -266,12 +219,7 @@ if [ -n "${pki_instance_id}" ]; then fi done if [ $valid -eq 0 ]; then - if [ "${pki_instance_type}" != "apache" ] && - [ "${pki_instance_type}" != "tomcat" ]; then - echo -n "unknown instance type (${pki_instance_type})" - else - echo -n "${pki_instance_id} is an invalid '${PKI_TYPE}' instance" - fi + echo -n "${pki_instance_id} is an invalid '${PKI_TYPE}' instance" echo if [ "${command}" != "status" ]; then @@ -289,16 +237,13 @@ check_pki_configuration_status() rv=0 case ${PKI_WEB_SERVER_TYPE} in tomcat) - for SUBSYSTEM in ca kra ocsp tks; do + for SUBSYSTEM in ca kra ocsp tks tps; do if [ -d ${PKI_INSTANCE_PATH}/conf/${SUBSYSTEM} ]; then rv=`grep -c ^preop ${PKI_INSTANCE_PATH}/conf/${SUBSYSTEM}/CS.cfg` rv=`expr ${rv} + 0` fi done ;; - apache) - # TBD - ;; *) echo "Unknown web server type ($PKI_WEB_SERVER_TYPE)" exit ${default_error} @@ -339,14 +284,6 @@ get_pki_status_definitions() get_pki_status_definitions_tomcat return $? ;; - ra) - get_pki_status_definitions_ra - return $? - ;; - tps) - get_pki_status_definitions_tps - return $? - ;; *) echo "Unknown web server type ($PKI_WEB_SERVER_TYPE)" exit ${default_error} @@ -354,115 +291,6 @@ get_pki_status_definitions() esac } -get_pki_status_definitions_ra() -{ - # establish well-known strings - total_ports=0 - PKI_UNSECURE_PORT="" - CLIENTAUTH_PORT="" - NON_CLIENTAUTH_PORT="" - - # check to see that an instance-specific "httpd.conf" file exists - if [ ! -f ${PKI_HTTPD_CONF} ] ; then - echo "File '${PKI_HTTPD_CONF}' does not exist!" - exit ${default_error} - fi - - # check to see that an instance-specific "nss.conf" file exists - if [ ! -f ${PKI_NSS_CONF} ] ; then - echo "File '${PKI_NSS_CONF}' does not exist!" - exit ${default_error} - fi - - # Iterate over Listen statements - for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_HTTPD_CONF}`; do - PKI_UNSECURE_PORT=$port - if [ $total_ports -eq 0 ]; then - echo " Unsecure URL = http://${PKI_HOSTNAME}:${PKI_UNSECURE_PORT}" - else - echo "ERROR: extra Unsecure URL = http://${PKI_HOSTNAME}:${PKI_UNSECURE_PORT}" - fi - total_ports=`expr ${total_ports} + 1` - - done - - # Iterate over Listen statements - for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_NSS_CONF}`; do - PKI_UNSECURE_PORT=$port - if [ $total_ports -eq 1 ]; then - CLIENTAUTH_PORT=$port - echo " Secure Clientauth URL = https://${PKI_HOSTNAME}:${CLIENTAUTH_PORT}" - fi - if [ $total_ports -eq 2 ]; then - NON_CLIENTAUTH_PORT=$port - echo " Secure Non-Clientauth URL = https://${PKI_HOSTNAME}:${NON_CLIENTAUTH_PORT}" - fi - total_ports=`expr ${total_ports} + 1` - - done - - return 0; -} - -get_pki_status_definitions_tps() -{ - # establish well-known strings - total_ports=0 - PKI_UNSECURE_PORT="" - CLIENTAUTH_PORT="" - NON_CLIENTAUTH_PORT="" - - # check to see that an instance-specific "httpd.conf" file exists - if [ ! -f ${PKI_HTTPD_CONF} ] ; then - echo "File '${PKI_HTTPD_CONF}' does not exist!" - exit ${default_error} - fi - - # check to see that an instance-specific "nss.conf" file exists - if [ ! -f ${PKI_NSS_CONF} ] ; then - echo "File '${PKI_NSS_CONF}' does not exist!" - exit ${default_error} - fi - - # Iterate over Listen statements - for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_HTTPD_CONF}`; do - PKI_UNSECURE_PORT=$port - if [ $total_ports -eq 0 ]; then - echo " Unsecure URL = http://${PKI_HOSTNAME}:${PKI_UNSECURE_PORT}/cgi-bin/so/enroll.cgi" - echo " (ESC Security Officer Enrollment)" - echo " Unsecure URL = http://${PKI_HOSTNAME}:${PKI_UNSECURE_PORT}/cgi-bin/home/index.cgi" - echo " (ESC Phone Home)" - else - echo "ERROR: extra Unsecure URL = http://${PKI_HOSTNAME}:${PKI_UNSECURE_PORT}" - fi - total_ports=`expr ${total_ports} + 1` - - done - - # Iterate over Listen statements - for port in `sed -n 's/^[ \t]*Listen[ \t][ \t]*\([^ \t][^ \t]*\)/\1/p' ${PKI_NSS_CONF}`; do - PKI_UNSECURE_PORT=$port - if [ $total_ports -eq 1 ]; then - CLIENTAUTH_PORT=$port - echo " Secure Clientauth URL = https://${PKI_HOSTNAME}:${CLIENTAUTH_PORT}/cgi-bin/sow/welcome.cgi" - echo " (ESC Security Officer Workstation)" - echo " Secure Clientauth URL = https://${PKI_HOSTNAME}:${CLIENTAUTH_PORT}/tus" - echo " (TPS Roles - Operator/Administrator/Agent)" - fi - if [ $total_ports -eq 2 ]; then - NON_CLIENTAUTH_PORT=$port - echo " Secure Non-Clientauth URL = https://${PKI_HOSTNAME}:${NON_CLIENTAUTH_PORT}/cgi-bin/so/enroll.cgi" - echo " (ESC Security Officer Enrollment)" - echo " Secure Non-Clientauth URL = https://${PKI_HOSTNAME}:${NON_CLIENTAUTH_PORT}/cgi-bin/home/index.cgi" - echo " (ESC Phone Home)" - fi - total_ports=`expr ${total_ports} + 1` - - done - - return 0; -} - get_pki_status_definitions_tomcat() { # establish well-known strings @@ -562,14 +390,14 @@ get_pki_status_definitions_tomcat() # always turn off processing CA status at this point process_pki_ca_status=0 if [ $display_pki_kra_status_banner -eq 1 ] ; then - # print DRM Status Definition banner + # print KRA Status Definition banner echo - echo " [DRM Status Definitions]" - # turn on processing DRM status at this point + echo " [KRA Status Definitions]" + # turn on processing KRA status at this point process_pki_kra_status=1 fi elif [ "$line" == "$begin_ocsp_status_comment" ] ; then - # always turn off processing DRM status at this point + # always turn off processing KRA status at this point process_pki_kra_status=0 if [ $display_pki_ocsp_status_banner -eq 1 ] ; then # print OCSP Status Definition banner @@ -640,24 +468,19 @@ get_pki_configuration_definitions() [ "${pki_subsystem}" != "KRA" ] && [ "${pki_subsystem}" != "OCSP" ] && [ "${pki_subsystem}" != "TKS" ] && - [ "${pki_subsystem}" != "RA" ] && [ "${pki_subsystem}" != "TPS" ] then return ${default_error} fi - if [ "${pki_subsystem}" == "KRA" ] ; then - # Rename "KRA" to "DRM" - pki_subsystem="DRM" - fi else return ${default_error} fi - # If "${pki_subsystem}" is a CA, DRM, OCSP, or TKS, + # If "${pki_subsystem}" is a CA, KRA, OCSP, or TKS, # check to see if "${pki_subsystem}" is a "Clone" pki_clone="" if [ "${pki_subsystem}" == "CA" ] || - [ "${pki_subsystem}" == "DRM" ] || + [ "${pki_subsystem}" == "KRA" ] || [ "${pki_subsystem}" == "OCSP" ] || [ "${pki_subsystem}" == "TKS" ] then @@ -706,14 +529,14 @@ get_pki_configuration_definitions() fi fi - # If ${pki_subsystem} is a DRM or OCSP, check to see if - # it is either a Stand-alone DRM or a Stand-alone OCSP + # If ${pki_subsystem} is a KRA or OCSP, check to see if + # it is either a Stand-alone KRA or a Stand-alone OCSP # # NOTE: Ignore errors when the '<pki>.standalone' parameter # is not present as this is most likely a legacy instance! # pki_standalone="" - if [ "${pki_subsystem}" == "DRM" ] ; then + if [ "${pki_subsystem}" == "KRA" ] ; then line=`grep -e '^[ \t]*kra.standalone[ \t]*=' ${PKI_SUBSYSTEM_CONFIGURATION_FILE}` if [ "${line}" != "" ] ; then pki_standalone=`echo "${line}" | sed -e 's/^[^=]*[ \t]*=[ \t]*\(.*\)/\1/' -e 's/[ \t]*$//'` @@ -782,7 +605,7 @@ get_pki_configuration_definitions() # Possible Values: # # "CA Clone" - # "DRM Clone" + # "KRA Clone" # "OCSP Clone" # "TKS Clone" # @@ -807,16 +630,15 @@ get_pki_configuration_definitions() elif [ "${pki_standalone}" != "" ] ; then # Possible Values: # - # "DRM (Stand-alone)" + # "KRA (Stand-alone)" # "OCSP (Stand-alone)" # data="${pki_subsystem} ${pki_standalone}" else # Possible Values: # - # "DRM" + # "KRA" # "OCSP" - # "RA" # "TKS" # "TPS" # @@ -903,25 +725,6 @@ display_instance_status_systemd() return $rv } -display_instance_status() -{ - # Verify there is an initscript for this instance - if [ ! -f $PKI_INSTANCE_INITSCRIPT ]; then - # 4 program or service status is unknown - return 4 - fi - - # Invoke the initscript for this instance - $PKI_INSTANCE_INITSCRIPT status - rv=$? - - if [ $rv -eq 0 ] ; then - display_configuration_information - fi - - return $rv -} - display_instance_status_debian() { set_debian_tomcat_parameters @@ -1316,6 +1119,17 @@ verify_symlinks() fi fi + if [ -e ${PKI_INSTANCE_PATH}/tps ]; then + # Detect and correct 'tps_symlinks' + tps_symlinks_string=$(declare -p tps_symlinks) + eval "declare -A symlinks=${tps_symlinks_string#*=}" + check_symlinks ${PKI_INSTANCE_PATH}/tps ${PKI_USER} ${PKI_GROUP} + rv=$? + if [ $rv -ne 0 ]; then + return $rv + fi + fi + # Detect and correct 'common_jar_symlinks' common_jar_symlinks_string=$(declare -p common_jar_symlinks) eval "declare -A symlinks=${common_jar_symlinks_string#*=}" @@ -1996,10 +1810,6 @@ registry_status() rv=$? fi ;; - apache) - display_instance_status - rv=$? - ;; esac if [ $rv -ne 0 ] ; then errors=`expr $errors + 1` diff --git a/base/server/scripts/pkidaemon b/base/server/scripts/pkidaemon index c9bdecea1..98ce3e0c2 100755 --- a/base/server/scripts/pkidaemon +++ b/base/server/scripts/pkidaemon @@ -24,8 +24,8 @@ SERVICE_NAME="pkidaemon" SERVICE_PROG="/bin/systemctl" command="$1" -pki_instance_type="$2" -pki_instance_id="$3" +pki_instance_type="tomcat" +pki_instance_id="$2" PKI_REGISTRY="/etc/sysconfig/pki/${pki_instance_type}" PKI_TYPE="${pki_instance_type}" @@ -38,9 +38,7 @@ print_usage() { echo usage - echo "where valid instance types include:" - list_instance_types - echo "and where valid instance names include:" + echo "where valid instance names include:" list_instances exit ${default_error} } @@ -75,9 +73,7 @@ case $command in echo "unknown action ($command)" echo usage - echo "where valid instance types include:" - list_instance_types - echo "and where valid instance names include:" + echo "where valid instance names include:" list_instances exit ${default_error} ;; diff --git a/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service b/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service index 3a0ca6538..228ba9754 100644 --- a/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service +++ b/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service @@ -8,7 +8,7 @@ EnvironmentFile=/etc/tomcat/tomcat.conf Environment="NAME=%i" Environment="STARTED_BY_SYSTEMD=1" EnvironmentFile=-/etc/sysconfig/%i -ExecStartPre=/usr/bin/pkidaemon start tomcat %i +ExecStartPre=/usr/bin/pkidaemon start %i ExecStart=/bin/nuxwdog -f /etc/pki/%i/nuxwdog.conf SuccessExitStatus=143 TimeoutStartSec=180 diff --git a/base/server/share/lib/systemd/system/pki-tomcatd@.service b/base/server/share/lib/systemd/system/pki-tomcatd@.service index be542426e..59858c6c9 100644 --- a/base/server/share/lib/systemd/system/pki-tomcatd@.service +++ b/base/server/share/lib/systemd/system/pki-tomcatd@.service @@ -7,7 +7,7 @@ Type=simple EnvironmentFile=/etc/tomcat/tomcat.conf Environment="NAME=%i" EnvironmentFile=-/etc/sysconfig/%i -ExecStartPre=/usr/bin/pkidaemon start tomcat %i +ExecStartPre=/usr/bin/pkidaemon start %i ExecStart=/usr/libexec/tomcat/server start ExecStop=/usr/libexec/tomcat/server stop SuccessExitStatus=143 |