diff options
author | Ade Lee <alee@redhat.com> | 2012-10-17 16:17:54 -0400 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-10-18 17:30:01 -0400 |
commit | 643c089887db3369363e2b88dde19ef3a97029a2 (patch) | |
tree | bf83cb714fcf35190d8108fd71a6ae8671add303 | |
parent | 8973480558c6b87c4aa6e1fdcd48b6d98c05a042 (diff) | |
download | pki-643c089887db3369363e2b88dde19ef3a97029a2.tar.gz pki-643c089887db3369363e2b88dde19ef3a97029a2.tar.xz pki-643c089887db3369363e2b88dde19ef3a97029a2.zip |
Fixes to get TPS to configure correctly
1. Reorder http.conf to actually read worker config
2. Change functions so that the TPS would restart. Before restarts
would fail because the tus link already exists
3. Modify system verification test to return correctly when tests
are successful
-rw-r--r-- | base/ra/apache/conf/httpd.conf | 8 | ||||
-rw-r--r-- | base/setup/scripts/functions | 22 | ||||
-rw-r--r-- | base/tps/apache/conf/httpd.conf | 8 | ||||
-rw-r--r-- | base/tps/src/engine/RA.cpp | 2 |
4 files changed, 22 insertions, 18 deletions
diff --git a/base/ra/apache/conf/httpd.conf b/base/ra/apache/conf/httpd.conf index 180c08de0..754dcebee 100644 --- a/base/ra/apache/conf/httpd.conf +++ b/base/ra/apache/conf/httpd.conf @@ -130,6 +130,11 @@ MaxRequestsPerChild 0 # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadsPerChild: constant number of worker threads in each server process # MaxRequestsPerChild: maximum number of requests a server process serves + +# MPM worker module is a loadable module as of 2.4 +# Module must be loaded before the configuration stanza +LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so + <IfModule worker.c> ServerLimit 1 StartServers 1 @@ -232,9 +237,6 @@ Listen [PORT] # LoadModule foo_module modules/mod_foo.so # -# MPM worker module is a loadable module as of 2.4 -LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so - LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so [FORTITUDE_AUTH_MODULES] # Module for User and Group diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions index 308f2ca80..058022efc 100644 --- a/base/setup/scripts/functions +++ b/base/setup/scripts/functions @@ -897,6 +897,7 @@ verify_symlinks() declare -A common_jar_symlinks declare -A webapps_jar_symlinks declare -A systemd_symlinks + declare -A tus_symlinks # Dogtag 9 Conditional Variables if [ ${ARCHITECTURE} == "x86_64" ]; then @@ -949,6 +950,9 @@ verify_symlinks() # '${PKI_INSTANCE_PATH}/lib' symlinks perl_symlinks[perl]=/usr/share/pki/${PKI_SUBSYSTEM_TYPE}/lib/perl + # '${PKI_INSTANCE_PATH}/docroot' symlinks + tus_symlinks[tus]="${PKI_INSTANCE_PATH}/docroot/tokendb" + # '${pki_common_jar_dir}' symlinks common_jar_symlinks=( [apache-commons-logging.jar]=/usr/share/java/apache-commons-logging.jar @@ -1017,20 +1021,16 @@ verify_symlinks() fi if [ "${PKI_SUBSYSTEM_TYPE}" == "tps" ]; then - # ALWAYS recreate this "convenience" link and 'chown' it - # NOTE: Ignore 'chown' errors. - cd ${PKI_INSTANCE_PATH}/docroot ; - ln -s tokendb tus ; + # Detect and correct 'tus_symlinks' + tus_symlinks_string=$(declare -p tus_symlinks) + eval "declare -A symlinks=${tus_symlinks_string#*=}" + check_symlinks ${PKI_INSTANCE_PATH}/docroot ${PKI_USER} ${PKI_GROUP} rv=$? - if [ $rv -eq 0 ]; then - chown -h ${PKI_USER}:${PKI_GROUP} tus - # echo "SUCCESS: Created 'tus' -> 'tokendb'" - else - echo "ERROR: Failed to create 'tus' -> 'tokendb' convenience" - echo " symbolic link for '${PKI_INSTANCE_ID}'!" - return 1 + if [ $rv -ne 0 ]; then + return $rv fi fi + elif [ "${PKI_SUBSYSTEM_TYPE}" == "ca" ] || [ "${PKI_SUBSYSTEM_TYPE}" == "kra" ] || [ "${PKI_SUBSYSTEM_TYPE}" == "ocsp" ] || diff --git a/base/tps/apache/conf/httpd.conf b/base/tps/apache/conf/httpd.conf index a9410849c..bf5864174 100644 --- a/base/tps/apache/conf/httpd.conf +++ b/base/tps/apache/conf/httpd.conf @@ -130,6 +130,11 @@ MaxRequestsPerChild 0 # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadsPerChild: constant number of worker threads in each server process # MaxRequestsPerChild: maximum number of requests a server process serves + +# MPM worker module is a loadable module as of 2.4 +# Module must be loaded before the configuration stanza +LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so + <IfModule worker.c> ServerLimit 1 StartServers 1 @@ -232,9 +237,6 @@ Listen [PORT] # LoadModule foo_module modules/mod_foo.so # -# MPM worker module is a loadable module as of 2.4 -LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so - LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so [FORTITUDE_AUTH_MODULES] # Module for User and Group diff --git a/base/tps/src/engine/RA.cpp b/base/tps/src/engine/RA.cpp index 436225045..82f53c161 100644 --- a/base/tps/src/engine/RA.cpp +++ b/base/tps/src/engine/RA.cpp @@ -3483,7 +3483,7 @@ TPS_PUBLIC bool RA::verifySystemCertByNickname(const char *nickname, const char */ TPS_PUBLIC bool RA::verifySystemCerts() { bool verifyResult = false; - bool rv = false; /* final return value */ + bool rv = true; /* final return value */ char configname[256]; char configname_nn[256]; char configname_cu[256]; |