summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-11-14 00:53:04 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-11-14 00:53:04 -0500
commitdf7087813ee2bd14c2c78928b8766c37c579e9c2 (patch)
tree9c1342f251529a3949624622b8f72e552dcb81db
parent8817f4312e62f939caf5ea5c34b9720a7625ede2 (diff)
downloadpki-ticket-399.tar.gz
pki-ticket-399.tar.xz
pki-ticket-399.zip
Refactored config.ticket-399
-rwxr-xr-xbase/deploy/src/pkidestroy11
-rwxr-xr-xbase/deploy/src/pkispawn13
-rw-r--r--base/deploy/src/scriptlets/configuration.jy1
-rw-r--r--base/deploy/src/scriptlets/configuration.py14
-rw-r--r--base/deploy/src/scriptlets/finalization.py9
-rw-r--r--base/deploy/src/scriptlets/infrastructure_layout.py5
-rw-r--r--base/deploy/src/scriptlets/initialization.py7
-rw-r--r--base/deploy/src/scriptlets/instance_layout.py5
-rw-r--r--base/deploy/src/scriptlets/pkiconfig.py72
-rw-r--r--base/deploy/src/scriptlets/pkihelper.py84
-rw-r--r--base/deploy/src/scriptlets/pkijython.py1
-rw-r--r--base/deploy/src/scriptlets/pkimanifest.py1
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py9
-rw-r--r--base/deploy/src/scriptlets/pkiscriptlet.py2
-rw-r--r--base/deploy/src/scriptlets/security_databases.py7
-rw-r--r--base/deploy/src/scriptlets/selinux_setup.py10
-rw-r--r--base/deploy/src/scriptlets/slot_substitution.py4
-rw-r--r--base/deploy/src/scriptlets/subsystem_layout.py7
-rw-r--r--base/deploy/src/scriptlets/webapp_deployment.py10
19 files changed, 169 insertions, 103 deletions
diff --git a/base/deploy/src/pkidestroy b/base/deploy/src/pkidestroy
index fd99d5eae..33866ba11 100755
--- a/base/deploy/src/pkidestroy
+++ b/base/deploy/src/pkidestroy
@@ -35,7 +35,6 @@ try:
import subprocess
import time
from time import strftime as date
- from pki.deployment import pkiconfig as config
from pki.deployment.pkiconfig import PKIConfig
from pki.deployment.pkiparser import PKIConfigParser
from pki.deployment import pkilogging
@@ -61,6 +60,8 @@ def main(argv):
# Set the umask
os.umask(PKIConfig.PKI_DEPLOYMENT_DEFAULT_UMASK)
+ config = PKIConfig()
+
# Set installation time
ticks = time.time()
config.pki_install_time = time.asctime(time.localtime(ticks))
@@ -94,7 +95,7 @@ def main(argv):
# Read and process command-line arguments.
parser = PKIConfigParser()
- parser.process_command_line_arguments(argv)
+ parser.process_command_line_arguments(argv, config)
# Enable 'pkidestroy' logging.
pkilogging.pki_log_dir = config.pki_root_prefix +\
@@ -115,7 +116,7 @@ def main(argv):
sys.exit(1)
# Read the specified PKI configuration file.
- rv = parser.read_pki_configuration_file()
+ rv = parser.read_pki_configuration_file(config)
if rv != 0:
pkilogging.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv,
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
@@ -150,7 +151,7 @@ def main(argv):
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
# Combine the various sectional dictionaries into a PKI master dictionary
- parser.compose_pki_master_dictionary()
+ parser.compose_pki_master_dictionary(config)
config.pki_master_dict['pki_destroy_log'] = pkilogging.pki_log_dir + "/" +\
pkilogging.pki_log_name
pkilogging.pki_log.debug(log.PKI_DICTIONARY_MASTER,
@@ -177,7 +178,7 @@ def main(argv):
"." + pki_scriptlet[4:],
fromlist = [pki_scriptlet[4:]])
instance = scriptlet.PkiScriptlet()
- rv = instance.destroy()
+ rv = instance.destroy(config)
if rv != 0:
sys.exit(1)
pkilogging.pki_log.debug(log.PKI_DICTIONARY_MASTER,
diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn
index 4ed9e3086..9e5776c21 100755
--- a/base/deploy/src/pkispawn
+++ b/base/deploy/src/pkispawn
@@ -35,7 +35,6 @@ try:
import subprocess
import time
from time import strftime as date
- from pki.deployment import pkiconfig as config
from pki.deployment.pkiconfig import PKIConfig
from pki.deployment.pkiparser import PKIConfigParser
from pki.deployment import pkilogging
@@ -61,6 +60,8 @@ def main(argv):
# Set the umask
os.umask(PKIConfig.PKI_DEPLOYMENT_DEFAULT_UMASK)
+ config = PKIConfig()
+
# Set installation time
ticks = time.time()
config.pki_install_time = time.asctime(time.localtime(ticks))
@@ -94,7 +95,7 @@ def main(argv):
# Read and process command-line arguments.
parser = PKIConfigParser()
- parser.process_command_line_arguments(argv)
+ parser.process_command_line_arguments(argv, config)
if not os.path.exists(PKIConfig.PKI_DEPLOYMENT_SOURCE_ROOT +\
"/" + config.pki_subsystem.lower()):
@@ -135,7 +136,7 @@ def main(argv):
sys.exit(1)
# Read the specified PKI configuration file.
- rv = parser.read_pki_configuration_file()
+ rv = parser.read_pki_configuration_file(config)
if rv != 0:
pkilogging.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv,
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
@@ -170,14 +171,14 @@ def main(argv):
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
# Read in the PKI slots configuration file.
- parser.compose_pki_slots_dictionary()
+ parser.compose_pki_slots_dictionary(config)
pkilogging.pki_log.debug(log.PKI_DICTIONARY_SLOTS,
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
pkilogging.pki_log.debug(pp.pformat(config.pki_slots_dict),
extra=PKIConfig.PKI_INDENTATION_LEVEL_0)
# Combine the various sectional dictionaries into a PKI master dictionary
- parser.compose_pki_master_dictionary()
+ parser.compose_pki_master_dictionary(config)
if not config.pki_update_flag:
config.pki_master_dict['pki_spawn_log'] = pkilogging.pki_log_dir + "/" +\
pkilogging.pki_log_name
@@ -209,7 +210,7 @@ def main(argv):
fromlist = [pki_scriptlet[4:]])
instance = scriptlet.PkiScriptlet()
if not config.pki_update_flag:
- rv = instance.spawn()
+ rv = instance.spawn(config)
else:
rv = instance.respawn()
if rv != 0:
diff --git a/base/deploy/src/scriptlets/configuration.jy b/base/deploy/src/scriptlets/configuration.jy
index df04470e2..5cfaaa48d 100644
--- a/base/deploy/src/scriptlets/configuration.jy
+++ b/base/deploy/src/scriptlets/configuration.jy
@@ -8,7 +8,6 @@ import sys
# PKI Python Imports
import pkijython as jyutil
-import pkiconfig as config
from pkiconfig import PKIConfig
import pkihelper as util
import pkimessages as log
diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py
index 64b7d6eae..c0b5d7b6b 100644
--- a/base/deploy/src/scriptlets/configuration.py
+++ b/base/deploy/src/scriptlets/configuration.py
@@ -20,10 +20,8 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
-from pkiconfig import pki_sensitive_dict as sensitive
import pkihelper as util
import pkilogging
import pkimessages as log
@@ -34,7 +32,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_configuration']):
pkilogging.pki_log.info(log.SKIP_CONFIGURATION_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -53,13 +52,13 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# allowing 'certutil' to generate the security databases
util.password.create_password_conf(
master['pki_client_password_conf'],
- sensitive['pki_client_database_password'], pin_sans_token=True)
+ config.pki_sensitive_dict['pki_client_database_password'], pin_sans_token=True)
util.file.modify(master['pki_client_password_conf'],
uid=0, gid=0)
# Similarly, create a simple password file containing the
# PKCS #12 password used when exporting the "Admin Certificate"
# into a PKCS #12 file
- util.password.create_client_pkcs12_password_conf(
+ util.password.create_client_pkcs12_password_conf(config,
master['pki_client_pkcs12_password_conf'])
util.file.modify(master['pki_client_pkcs12_password_conf'])
util.directory.create(master['pki_client_database_dir'],
@@ -95,7 +94,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.systemd.restart()
# Pass control to the Java servlet via Jython 2.2 'configuration.jy'
- util.jython.invoke(master['pki_jython_configuration_scriptlet'])
+ util.jython.invoke(config, master['pki_jython_configuration_scriptlet'])
return self.rv
def respawn(self):
@@ -103,7 +102,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
- def destroy(self):
+ def destroy(self, config):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.CONFIGURATION_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS and\
diff --git a/base/deploy/src/scriptlets/finalization.py b/base/deploy/src/scriptlets/finalization.py
index 35cff6dd2..0e4f55f74 100644
--- a/base/deploy/src/scriptlets/finalization.py
+++ b/base/deploy/src/scriptlets/finalization.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
import pkihelper as util
@@ -34,7 +33,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_FINALIZATION_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -74,7 +74,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# If instance has not been configured, print the
# configuration URL to the log
if util.str2bool(master['pki_skip_configuration']):
- util.configuration_file.log_configuration_url()
+ util.configuration_file.log_configuration_url(config)
# Log final process messages
pkilogging.pki_log.info(log.PKISPAWN_END_MESSAGE_2,
master['pki_subsystem'],
@@ -84,7 +84,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# If instance has not been configured, print the
# configuration URL to the screen
if util.str2bool(master['pki_skip_configuration']):
- util.configuration_file.display_configuration_url()
+ util.configuration_file.display_configuration_url(config)
return self.rv
def respawn(self):
@@ -93,6 +93,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
return self.rv
def destroy(self):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.FINALIZATION_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
util.file.modify(master['pki_destroy_log'], silent=True)
diff --git a/base/deploy/src/scriptlets/infrastructure_layout.py b/base/deploy/src/scriptlets/infrastructure_layout.py
index 471e23510..1298ed2b9 100644
--- a/base/deploy/src/scriptlets/infrastructure_layout.py
+++ b/base/deploy/src/scriptlets/infrastructure_layout.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
import pkihelper as util
@@ -33,7 +32,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_ADMIN_DOMAIN_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -89,6 +89,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
return self.rv
def destroy(self):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.ADMIN_DOMAIN_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
# remove top-level infrastructure base
diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py
index 98aed9455..c2ad1c597 100644
--- a/base/deploy/src/scriptlets/initialization.py
+++ b/base/deploy/src/scriptlets/initialization.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
import pkihelper as util
@@ -33,7 +32,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
# begin official logging
pkilogging.pki_log.info(log.PKISPAWN_BEGIN_MESSAGE_2,
master['pki_subsystem'],
@@ -56,7 +56,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.identity.set_uid(master['pki_user'])
util.identity.set_gid(master['pki_group'])
# verify existence of SENSITIVE configuration file data
- util.configuration_file.verify_sensitive_data()
+ util.configuration_file.verify_sensitive_data(config)
# verify existence of MUTUALLY EXCLUSIVE configuration file data
util.configuration_file.verify_mutually_exclusive_data()
# verify existence of PREDEFINED configuration file data
@@ -80,6 +80,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
return self.rv
def destroy(self):
+ master = config.pki_master_dict
# begin official logging
pkilogging.pki_log.info(log.PKIDESTROY_BEGIN_MESSAGE_2,
master['pki_subsystem'],
diff --git a/base/deploy/src/scriptlets/instance_layout.py b/base/deploy/src/scriptlets/instance_layout.py
index b126e17a1..481d3111e 100644
--- a/base/deploy/src/scriptlets/instance_layout.py
+++ b/base/deploy/src/scriptlets/instance_layout.py
@@ -24,7 +24,6 @@ import os
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
import pkihelper as util
@@ -38,7 +37,8 @@ import os
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_INSTANCE_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -152,6 +152,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
return self.rv
def destroy(self):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.INSTANCE_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
if master['pki_subsystem'] == 'TKS':
diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py
index d1cc35347..5049e40a8 100644
--- a/base/deploy/src/scriptlets/pkiconfig.py
+++ b/base/deploy/src/scriptlets/pkiconfig.py
@@ -152,40 +152,38 @@ class PKIConfig:
print
return
-
-# PKI Deployment Global Variables
-pki_install_time = None
-pki_timestamp = None
-pki_architecture = None
-pki_hostname = None
-
-
-# PKI Deployment Command-Line Variables
-pki_deployment_executable = None
-
-# PKI Deployment "Mandatory" Command-Line Variables
-pki_subsystem = None
-# 'pkispawn' ONLY
-pkideployment_cfg = None
-# 'pkidestroy' ONLY
-pki_deployed_instance_name = None
-
-# PKI Deployment "Optional" Command-Line Variables
-# 'pkispawn' ONLY
-pki_update_flag = False
-
-# PKI Deployment "Test" Command-Line Variables
-pki_root_prefix = None
-
-
-# PKI Deployment Global Dictionaries
-pki_sensitive_dict = None
-pki_common_dict = None
-pki_web_server_dict = None
-pki_subsystem_dict = None
-pki_master_dict = None
-pki_slots_dict = None
-pki_master_jython_dict = None
-
-# PKI Selinux parameters
-pki_selinux_config_ports = []
+ def __init__(self):
+ # PKI Deployment Global Variables
+ self.pki_install_time = None
+ self.pki_timestamp = None
+ self.pki_architecture = None
+ self.pki_hostname = None
+
+ # PKI Deployment Command-Line Variables
+ self.pki_deployment_executable = None
+
+ # PKI Deployment "Mandatory" Command-Line Variables
+ self.pki_subsystem = None
+ # 'pkispawn' ONLY
+ self.pkideployment_cfg = None
+ # 'pkidestroy' ONLY
+ self.pki_deployed_instance_name = None
+
+ # PKI Deployment "Optional" Command-Line Variables
+ # 'pkispawn' ONLY
+ self.pki_update_flag = False
+
+ # PKI Deployment "Test" Command-Line Variables
+ self.pki_root_prefix = None
+
+ # PKI Deployment Global Dictionaries
+ self.pki_sensitive_dict = None
+ self.pki_common_dict = None
+ self.pki_web_server_dict = None
+ self.pki_subsystem_dict = None
+ self.pki_master_dict = None
+ self.pki_slots_dict = None
+ self.pki_master_jython_dict = None
+
+ # PKI Selinux parameters
+ self.pki_selinux_config_ports = []
diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py
index 09e624094..64992ea73 100644
--- a/base/deploy/src/scriptlets/pkihelper.py
+++ b/base/deploy/src/scriptlets/pkihelper.py
@@ -40,10 +40,8 @@ import seobject
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
-from pkiconfig import pki_sensitive_dict as sensitive
from pkiconfig import pki_slots_dict as slots
from pkiconfig import pki_selinux_config_ports as ports
import pkimanifest as manifest
@@ -130,6 +128,9 @@ def pki_copytree(src, dst, symlinks=False, ignore=None):
# PKI Deployment Identity Class
class identity:
+ def __init__(self, config):
+ self.master = config.pki_master_dict
+
def __add_gid(self, pki_group):
pki_gid = None
try:
@@ -262,7 +263,7 @@ class identity:
def get_uid(self, critical_failure=True):
try:
- pki_uid = master['pki_uid']
+ pki_uid = self.master['pki_uid']
except KeyError as exc:
pkilogging.pki_log.error(log.PKI_KEYERROR_1, exc,
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
@@ -272,7 +273,7 @@ class identity:
def get_gid(self, critical_failure=True):
try:
- pki_gid = master['pki_gid']
+ pki_gid = self.master['pki_gid']
except KeyError as exc:
pkilogging.pki_log.error(log.PKI_KEYERROR_1, exc,
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
@@ -286,7 +287,7 @@ class identity:
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
# id -u <name>
pki_uid = getpwnam(name)[2]
- master['pki_uid']=pki_uid
+ self.master['pki_uid']=pki_uid
pkilogging.pki_log.debug(log.PKIHELPER_UID_2, name, pki_uid,
extra=PKIConfig.PKI_INDENTATION_LEVEL_3)
except KeyError as exc:
@@ -302,7 +303,7 @@ class identity:
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
# id -g <name>
pki_gid = getgrnam(name)[2]
- master['pki_gid']=pki_gid
+ self.master['pki_gid']=pki_gid
pkilogging.pki_log.debug(log.PKIHELPER_GID_2, name, pki_gid,
extra=PKIConfig.PKI_INDENTATION_LEVEL_3)
except KeyError as exc:
@@ -315,9 +316,13 @@ class identity:
# PKI Deployment Namespace Class
class namespace:
+ def __init__(self, config):
+ self.master = config.pki_master_dict
+
# Silently verify that the selected 'pki_instance_name' will
# NOT produce any namespace collisions
def collision_detection(self):
+ master = self.master
# Run simple checks for pre-existing namespace collisions
if os.path.exists(master['pki_instance_path']):
if os.path.exists(master['pki_subsystem_path']):
@@ -422,7 +427,9 @@ class namespace:
# PKI Deployment Configuration File Class
class configuration_file:
- def log_configuration_url(self):
+ def log_configuration_url(self, config):
+ master = config.pki_master_dict
+ sensitive = config.pki_sensitive_dict
# NOTE: This is the one and only parameter containing a sensitive
# parameter that may be stored in a log file.
pkilogging.pki_log.info(log.PKI_CONFIGURATION_WIZARD_URL_1,
@@ -432,7 +439,9 @@ class configuration_file:
master['pki_registry_initscript_command'],
extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
- def display_configuration_url(self):
+ def display_configuration_url(self, config):
+ master = config.pki_master_dict
+ sensitive = config.pki_sensitive_dict
# NOTE: This is the one and only parameter containing a sensitive
# parameter that may be displayed to the screen.
print log.PKI_CONFIGURATION_URL_1 % sensitive['pki_configuration_url']
@@ -441,7 +450,9 @@ class configuration_file:
master['pki_registry_initscript_command']
print
- def verify_sensitive_data(self):
+ def verify_sensitive_data(self, config):
+ master = config.pki_master_dict
+ sensitive = config.pki_sensitive_dict
# Silently verify the existence of 'sensitive' data
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
# Verify existence of Directory Server Password (ALWAYS)
@@ -526,7 +537,8 @@ class configuration_file:
sys.exit(1)
return
- def verify_mutually_exclusive_data(self):
+ def verify_mutually_exclusive_data(self, config):
+ master = config.pki_master_dict
# Silently verify the existence of 'mutually exclusive' data
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
if master['pki_subsystem'] == "CA":
@@ -561,6 +573,7 @@ class configuration_file:
sys.exit(1)
def verify_predefined_configuration_file_data(self):
+ master = config.pki_master_dict
# Silently verify the existence of any required 'predefined' data
#
# FUTURE: As much as is possible, alter this routine to verify
@@ -742,6 +755,7 @@ class configuration_file:
return
def populate_non_default_ports(self):
+ master = config.pki_master_dict
if master['pki_http_port'] != \
str(PKIConfig.PKI_DEPLOYMENT_DEFAULT_TOMCAT_HTTP_PORT):
ports.append(master['pki_http_port'])
@@ -791,6 +805,7 @@ class configuration_file:
return
def verify_command_matches_configuration_file(self):
+ master = config.pki_master_dict
# Silently verify that the command-line parameters match the values
# that are present in the corresponding configuration file
if master['pki_deployment_executable'] == 'pkidestroy':
@@ -808,9 +823,12 @@ class configuration_file:
# PKI Deployment XML File Class
#class xml_file:
+# def __init__(self, config):
+# self.config = config
# def remove_filter_section_from_web_xml(self,
# web_xml_source,
# web_xml_target):
+# master = self.config.pki_master_dict
# pkilogging.pki_log.info(log.PKIHELPER_REMOVE_FILTER_SECTION_1,
# master['pki_target_subsystem_web_xml'],
# extra=PKIConfig.PKI_INDENTATION_LEVEL_2)
@@ -841,7 +859,10 @@ class configuration_file:
# PKI Deployment Instance Class
class instance:
+ def __init__(self, config):
+ self.config = config
def apache_instance_subsystems(self):
+ master = self.config.pki_master_dict
rv = 0
try:
# count number of PKI subsystems present
@@ -860,6 +881,7 @@ class instance:
return rv
def apache_instances(self):
+ master = self.config.pki_master_dict
rv = 0
try:
# Since ALL directories under the top-level PKI 'apache' registry
@@ -887,6 +909,7 @@ class instance:
return rv
def pki_instance_subsystems(self):
+ master = self.config.pki_master_dict
rv = 0
try:
# Since ALL directories within the top-level PKI infrastructure
@@ -915,6 +938,7 @@ class instance:
return rv
def tomcat_instance_subsystems(self):
+ master = self.config.pki_master_dict
rv = 0
try:
# count number of PKI subsystems present
@@ -933,6 +957,7 @@ class instance:
return rv
def tomcat_instances(self):
+ master = self.config.pki_master_dict
rv = 0
try:
# Since ALL directories under the top-level PKI 'tomcat' registry
@@ -960,6 +985,7 @@ class instance:
return rv
def verify_subsystem_exists(self):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(master['pki_subsystem_path']):
pkilogging.pki_log.error(log.PKI_SUBSYSTEM_DOES_NOT_EXIST_2,
@@ -973,6 +999,7 @@ class instance:
sys.exit(1)
def verify_subsystem_does_not_exist(self):
+ master = self.config.pki_master_dict
try:
if os.path.exists(master['pki_subsystem_path']):
pkilogging.pki_log.error(log.PKI_SUBSYSTEM_ALREADY_EXISTS_2,
@@ -988,9 +1015,12 @@ class instance:
# PKI Deployment Directory Class
class directory:
+ def __init__(self, config):
+ self.config = config
def create(self, name, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS,
acls=None, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(name):
# mkdir -p <name>
@@ -1040,6 +1070,7 @@ class directory:
def modify(self, name, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS,
acls=None, silent=False, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if os.path.exists(name):
if not os.path.isdir(name):
@@ -1150,6 +1181,7 @@ class directory:
PKIConfig.PKI_DEPLOYMENT_DEFAULT_SYMLINK_PERMISSIONS,
dir_acls=None, file_acls=None, symlink_acls=None,
recursive_flag=True, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(name) or not os.path.isdir(name):
pkilogging.pki_log.error(
@@ -1341,9 +1373,12 @@ class directory:
# PKI Deployment File Class (also used for executables)
class file:
+ def __init__(self, config):
+ self.config = config
def create(self, name, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS,
acls=None, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(name):
# touch <name>
@@ -1393,6 +1428,7 @@ class file:
def modify(self, name, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS,
acls=None, silent=False, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if os.path.exists(name):
if not os.path.isfile(name):
@@ -1478,6 +1514,7 @@ class file:
def copy(self, old_name, new_name, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None,
overwrite_flag=False, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(old_name) or not os.path.isfile(old_name):
pkilogging.pki_log.error(
@@ -1537,6 +1574,7 @@ class file:
self, name, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS,
acls=None, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(name) or not os.path.isfile(name):
pkilogging.pki_log.error(
@@ -1598,6 +1636,7 @@ class file:
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS,
acls=None, overwrite_flag=False,
critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(old_name) or not os.path.isfile(old_name):
pkilogging.pki_log.error(
@@ -1666,6 +1705,7 @@ class file:
def generate_noise_file(self, name, bytes, uid=None, gid=None,
perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS,
acls=None, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(name):
# generating noise file called <name> and
@@ -1721,8 +1761,11 @@ class file:
# PKI Deployment Symbolic Link Class
class symlink:
+ def __init__(self, config):
+ self.config = config
def create(self, name, link, uid=None, gid=None,
acls=None, allow_dangling_symlink=False, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if not os.path.exists(link):
if not os.path.exists(name):
@@ -1777,6 +1820,7 @@ class symlink:
def modify(self, link, uid=None, gid=None,
acls=None, silent=False, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if os.path.exists(link):
if not os.path.islink(link):
@@ -1909,8 +1953,11 @@ class war:
# PKI Deployment Password Class
class password:
+ def __init__(self, config):
+ self.config = config
def create_password_conf(self, path, pin, pin_sans_token=False,
overwrite_flag=False, critical_failure=True):
+ master = self.config.pki_master_dict
try:
if os.path.exists(path):
if overwrite_flag:
@@ -1951,8 +1998,9 @@ class password:
sys.exit(1)
return
- def create_client_pkcs12_password_conf(self, path, overwrite_flag=False,
+ def create_client_pkcs12_password_conf(self, config, path, overwrite_flag=False,
critical_failure=True):
+ sensitive = config.pki_sensitive_dict
try:
if os.path.exists(path):
if overwrite_flag:
@@ -2257,7 +2305,10 @@ class certutil:
# PKI Deployment Security Domain Class
class security_domain:
+ def __init__(self, config):
+ self.config = config
def deregister(self, critical_failure=False):
+ master = self.config.pki_master_dict
try:
# process this PKI subsystem instance's 'CS.cfg'
cs_cfg = read_simple_configuration_file(master['pki_target_cs_cfg'])
@@ -2443,7 +2494,10 @@ class security_domain:
# PKI Deployment 'systemd' Execution Management Class
class systemd:
+ def __init__(self, config):
+ self.config = config
def start(self, critical_failure=True):
+ master = self.config.pki_master_dict
try:
# Compose this "systemd" execution management command
if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS:
@@ -2470,6 +2524,7 @@ class systemd:
return
def stop(self, critical_failure=True):
+ master = self.config.pki_master_dict
try:
# Compose this "systemd" execution management command
if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS:
@@ -2496,6 +2551,7 @@ class systemd:
return
def restart(self, critical_failure=True):
+ master = self.config.pki_master_dict
try:
# Compose this "systemd" execution management command
if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS:
@@ -2524,7 +2580,11 @@ class systemd:
# PKI Deployment 'jython' Class
class jython:
- def invoke(self, scriptlet, critical_failure=True):
+ def __init__(self, config):
+ self.config = config
+ def invoke(self, config, scriptlet, critical_failure=True):
+ master = self.config.pki_master_dict
+ sensitive = config.pki_sensitive_dict
try:
# From 'http://www.jython.org/archive/22/userfaq.html':
# Setting this to false will allow Jython to provide access to
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index 306f203cd..b3f48f3e0 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -150,7 +150,6 @@ from netscape.security.x509 import X500Name
# PKI Python Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
import pkihelper as util
import pkimessages as log
diff --git a/base/deploy/src/scriptlets/pkimanifest.py b/base/deploy/src/scriptlets/pkimanifest.py
index b40bf86cc..c89fb0da6 100644
--- a/base/deploy/src/scriptlets/pkimanifest.py
+++ b/base/deploy/src/scriptlets/pkimanifest.py
@@ -26,7 +26,6 @@ import sys
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
import pkilogging
import pkimessages as log
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 4b13c2e4a..866df44a4 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -31,7 +31,6 @@ import time
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
import pkihelper as util
import pkilogging
@@ -41,7 +40,7 @@ import pkimessages as log
class PKIConfigParser:
# PKI Deployment Helper Functions
- def process_command_line_arguments(self, argv):
+ def process_command_line_arguments(self, argv, config):
"Read and process command-line options"
config.pki_deployment_executable = os.path.basename(argv[0])
description = None
@@ -187,7 +186,7 @@ class PKIConfigParser:
return
- def read_pki_configuration_file(self):
+ def read_pki_configuration_file(self, config):
"Read configuration file sections into dictionaries"
rv = 0
try:
@@ -225,7 +224,7 @@ class PKIConfigParser:
return rv
- def compose_pki_master_dictionary(self):
+ def compose_pki_master_dictionary(self, config):
"Create a single master PKI dictionary from the sectional dictionaries"
try:
config.pki_master_dict = dict()
@@ -2322,7 +2321,7 @@ class PKIConfigParser:
return
- def compose_pki_slots_dictionary(self):
+ def compose_pki_slots_dictionary(self, config):
"""Read the slots configuration file to create
the appropriate PKI slots dictionary"""
rv = 0
diff --git a/base/deploy/src/scriptlets/pkiscriptlet.py b/base/deploy/src/scriptlets/pkiscriptlet.py
index 767b3c609..b221c353a 100644
--- a/base/deploy/src/scriptlets/pkiscriptlet.py
+++ b/base/deploy/src/scriptlets/pkiscriptlet.py
@@ -28,7 +28,7 @@ class AbstractBasePkiScriptlet(object):
__metaclass__ = abc.ABCMeta
@abc.abstractmethod
- def spawn(self):
+ def spawn(self, config):
"""Retrieve data from the specified PKI dictionary and
use it to install a new PKI instance."""
return
diff --git a/base/deploy/src/scriptlets/security_databases.py b/base/deploy/src/scriptlets/security_databases.py
index 10ba9a9f7..c5fb42312 100644
--- a/base/deploy/src/scriptlets/security_databases.py
+++ b/base/deploy/src/scriptlets/security_databases.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
from pkiconfig import pki_sensitive_dict as sensitive
@@ -34,7 +33,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SECURITY_DATABASES_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -104,7 +104,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
- def destroy(self):
+ def destroy(self, config):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.SECURITY_DATABASES_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS and\
diff --git a/base/deploy/src/scriptlets/selinux_setup.py b/base/deploy/src/scriptlets/selinux_setup.py
index 93b48c298..dfa9453db 100644
--- a/base/deploy/src/scriptlets/selinux_setup.py
+++ b/base/deploy/src/scriptlets/selinux_setup.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
from pkiconfig import pki_selinux_config_ports as ports
@@ -36,12 +35,14 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
suffix = "(/.*)?"
- def restore_context(self):
+ def restore_context(self, config):
+ master = config.pki_master_dict
selinux.restorecon(master['pki_instance_path'], True)
selinux.restorecon(master['pki_instance_log_path'], True)
selinux.restorecon(master['pki_instance_configuration_path'], True)
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SELINUX_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -109,7 +110,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
self.restore_context()
return self.rv
- def destroy(self):
+ def destroy(self, config):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.SELINUX_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
diff --git a/base/deploy/src/scriptlets/slot_substitution.py b/base/deploy/src/scriptlets/slot_substitution.py
index 142b994f1..1d2c84d6b 100644
--- a/base/deploy/src/scriptlets/slot_substitution.py
+++ b/base/deploy/src/scriptlets/slot_substitution.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
from pkiconfig import pki_slots_dict as slots
@@ -34,7 +33,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SLOT_ASSIGNMENT_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
diff --git a/base/deploy/src/scriptlets/subsystem_layout.py b/base/deploy/src/scriptlets/subsystem_layout.py
index 62c90569c..cd30a0c55 100644
--- a/base/deploy/src/scriptlets/subsystem_layout.py
+++ b/base/deploy/src/scriptlets/subsystem_layout.py
@@ -20,7 +20,6 @@
#
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
import pkihelper as util
@@ -33,7 +32,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_SUBSYSTEM_SPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
@@ -108,7 +108,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
- def destroy(self):
+ def destroy(self, config):
+ master = config.pki_master_dict
pkilogging.pki_log.info(log.SUBSYSTEM_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
# remove instance-based subsystem base
diff --git a/base/deploy/src/scriptlets/webapp_deployment.py b/base/deploy/src/scriptlets/webapp_deployment.py
index 2b7ca006f..1c8d1126c 100644
--- a/base/deploy/src/scriptlets/webapp_deployment.py
+++ b/base/deploy/src/scriptlets/webapp_deployment.py
@@ -24,7 +24,6 @@ import os
# PKI Deployment Imports
-import pkiconfig as config
from pkiconfig import PKIConfig
from pkiconfig import pki_master_dict as master
import pkihelper as util
@@ -37,7 +36,8 @@ import pkiscriptlet
class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
rv = 0
- def spawn(self):
+ def spawn(self, config):
+ master = config.pki_master_dict
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
if util.str2bool(master['pki_skip_installation']):
pkilogging.pki_log.info(log.SKIP_WEBAPP_DEPLOYMENT_SPAWN_1,
@@ -144,13 +144,15 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.directory.set_mode(master['pki_tomcat_webapps_subsystem_path'])
return self.rv
- def respawn(self):
+ def respawn(self, config):
+ master = config.pki_master_dict
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
pkilogging.pki_log.info(log.WEBAPP_DEPLOYMENT_RESPAWN_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)
return self.rv
- def destroy(self):
+ def destroy(self, config):
+ master = config.pki_master_dict
if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS:
pkilogging.pki_log.info(log.WEBAPP_DEPLOYMENT_DESTROY_1, __name__,
extra=PKIConfig.PKI_INDENTATION_LEVEL_1)