summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-12-06 13:06:14 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-12-06 19:31:38 -0500
commit7259a1256afc853b91aa09cd48592a706591fa08 (patch)
tree50d156b9c2d537ddd32bc04fe3b4c72329c37925
parentcd279e34b5d92ff8fe53e79c974baf9972221748 (diff)
downloadpki-7259a1256afc853b91aa09cd48592a706591fa08.zip
pki-7259a1256afc853b91aa09cd48592a706591fa08.tar.gz
pki-7259a1256afc853b91aa09cd48592a706591fa08.tar.xz
Parameterizing RESTEasy paths.ticket-422-1
The paths to RESTEasy jar files have been modified such that it can be configured globally at build time using the spec file to support different distributions, and at deployment time using a system-wide configuration in /etc/pki/pki.conf. Ticket #422, #423.
-rw-r--r--base/ca/src/CMakeLists.txt3
-rw-r--r--base/common/shared/conf/pki.policy30
-rw-r--r--base/common/shared/conf/tomcat.conf7
-rw-r--r--base/common/src/CMakeLists.txt9
-rw-r--r--base/deploy/CMakeLists.txt13
-rw-r--r--base/deploy/etc/pki.conf2
-rw-r--r--base/deploy/scripts/operations21
-rw-r--r--base/deploy/src/scriptlets/configuration.py4
-rw-r--r--base/deploy/src/scriptlets/pkiconfig.py14
-rw-r--r--base/deploy/src/scriptlets/pkihelper.py58
-rw-r--r--base/deploy/src/scriptlets/pkijython.py81
-rw-r--r--base/deploy/src/scriptlets/pkimessages.py3
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py17
-rwxr-xr-xbase/java-tools/pki11
-rw-r--r--base/java-tools/src/CMakeLists.txt9
-rw-r--r--base/kra/src/CMakeLists.txt3
-rw-r--r--base/ocsp/src/CMakeLists.txt3
-rw-r--r--base/setup/scripts/functions6
-rw-r--r--base/tks/src/CMakeLists.txt3
-rw-r--r--specs/pki-core.spec23
20 files changed, 132 insertions, 188 deletions
diff --git a/base/ca/src/CMakeLists.txt b/base/ca/src/CMakeLists.txt
index aa19cc4..e5ef9e5 100644
--- a/base/ca/src/CMakeLists.txt
+++ b/base/ca/src/CMakeLists.txt
@@ -28,8 +28,7 @@ find_file(JAXRS_API_JAR
NAMES
jaxrs-api.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
# build pki-ca
diff --git a/base/common/shared/conf/pki.policy b/base/common/shared/conf/pki.policy
index b9d79fe..4ae2de7 100644
--- a/base/common/shared/conf/pki.policy
+++ b/base/common/shared/conf/pki.policy
@@ -106,43 +106,23 @@ grant codeBase "file:/usr/share/java/log4j.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:/usr/share/java/resteasy/jaxrs-api.jar" {
+grant codeBase "file:${RESTEASY_LIB}/jaxrs-api.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:/usr/share/java/resteasy/resteasy-atom-provider.jar" {
+grant codeBase "file:${RESTEASY_LIB}/resteasy-atom-provider.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxb-provider.jar" {
+grant codeBase "file:${RESTEASY_LIB}/resteasy-jaxb-provider.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxrs.jar" {
+grant codeBase "file:${RESTEASY_LIB}/resteasy-jaxrs.jar" {
permission java.security.AllPermission;
};
-grant codeBase "file:/usr/share/java/resteasy/resteasy-jettison-provider.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/resteasy-base/jaxrs-api.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/resteasy-base/resteasy-atom-provider.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/resteasy-base/resteasy-jaxb-provider.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/resteasy-base/resteasy-jaxrs.jar" {
- permission java.security.AllPermission;
-};
-
-grant codeBase "file:/usr/share/java/resteasy-base/resteasy-jettison-provider.jar" {
+grant codeBase "file:${RESTEASY_LIB}/resteasy-jettison-provider.jar" {
permission java.security.AllPermission;
};
diff --git a/base/common/shared/conf/tomcat.conf b/base/common/shared/conf/tomcat.conf
index 54d67e4..7b8f87c 100644
--- a/base/common/shared/conf/tomcat.conf
+++ b/base/common/shared/conf/tomcat.conf
@@ -14,6 +14,10 @@
# (see, for instance, /etc/sysconfig/tomcat)
#
+if [ -f /etc/pki/pki.conf ] ; then
+ . /etc/pki/pki.conf
+fi
+
# Where your java installation lives
#JAVA_HOME="/usr/lib/jvm/jre"
@@ -32,6 +36,9 @@ CATALINA_TMPDIR=[PKI_TMPDIR]
# Enable the following JAVA_OPTS to run a java debugger (e. g. - 'eclipse')
#JAVA_OPTS="-Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n -Djava.awt.headless=true -Xmx128M"
+# RESTEasy
+JAVA_OPTS="$JAVA_OPTS -DRESTEASY_LIB=${RESTEASY_LIB}"
+
# What user should run tomcat
TOMCAT_USER="[PKI_USER]"
diff --git a/base/common/src/CMakeLists.txt b/base/common/src/CMakeLists.txt
index e21f13c..c010bed 100644
--- a/base/common/src/CMakeLists.txt
+++ b/base/common/src/CMakeLists.txt
@@ -87,24 +87,21 @@ find_file(JAXRS_API_JAR
NAMES
jaxrs-api.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
find_file(RESTEASY_JAXRS_JAR
NAMES
resteasy-jaxrs.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
find_file(RESTEASY_ATOM_PROVIDER_JAR
NAMES
resteasy-atom-provider.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
find_file(HTTPCLIENT_JAR
diff --git a/base/deploy/CMakeLists.txt b/base/deploy/CMakeLists.txt
index d63176f..3b1d9f5 100644
--- a/base/deploy/CMakeLists.txt
+++ b/base/deploy/CMakeLists.txt
@@ -67,6 +67,19 @@ install(
etc/
DESTINATION
${SYSCONF_INSTALL_DIR}/pki
+ PATTERN "pki.conf" EXCLUDE
+)
+
+configure_file(
+ ${CMAKE_CURRENT_SOURCE_DIR}/etc/pki.conf
+ ${CMAKE_CURRENT_BINARY_DIR}/etc/pki.conf
+)
+
+install(
+ FILES
+ ${CMAKE_CURRENT_BINARY_DIR}/etc/pki.conf
+ DESTINATION
+ ${SYSCONF_INSTALL_DIR}/pki/
)
find_package(PythonInterp REQUIRED)
diff --git a/base/deploy/etc/pki.conf b/base/deploy/etc/pki.conf
new file mode 100644
index 0000000..3e5a5e1
--- /dev/null
+++ b/base/deploy/etc/pki.conf
@@ -0,0 +1,2 @@
+# RESTEasy library
+RESTEASY_LIB=${RESTEASY_LIB}
diff --git a/base/deploy/scripts/operations b/base/deploy/scripts/operations
index 0a768fb..336f847 100644
--- a/base/deploy/scripts/operations
+++ b/base/deploy/scripts/operations
@@ -30,6 +30,10 @@
# 200-254 reserved
#
+if [ -f /etc/pki/pki.conf ] ; then
+ . /etc/pki/pki.conf
+fi
+
# PKI subsystem-level directory and file values for locks
lockfile="/var/lock/subsys/${SERVICE_NAME}"
@@ -945,13 +949,6 @@ verify_symlinks()
pki_systemd_service="pki-${PKI_WEB_SERVER_TYPE}d@.service"
systemd_dir="/lib/systemd/system"
- grep "Red Hat Enterprise Linux" /etc/redhat-release
- if [ $? == 0 ]; then
- resteasy_java_dir="/usr/share/java/resteasy-base"
- else
- resteasy_java_dir="/usr/share/java/resteasy"
- fi
-
# Dogtag 10 Symbolic Link Variables
pki_common_jar_dir="${PKI_INSTANCE_PATH}/common/lib"
pki_registry_dir="/etc/sysconfig/pki/${PKI_WEB_SERVER_TYPE}/${PKI_INSTANCE_ID}"
@@ -1053,15 +1050,15 @@ verify_symlinks()
[httpclient.jar]=${java_dir}/httpcomponents/httpclient.jar
[httpcore.jar]=${java_dir}/httpcomponents/httpcore.jar
[javassist.jar]=${java_dir}/javassist.jar
- [jaxrs-api.jar]=${resteasy_java_dir}/jaxrs-api.jar
+ [jaxrs-api.jar]=${RESTEASY_LIB}/jaxrs-api.jar
[jettison.jar]=${java_dir}/jettison.jar
[jss4.jar]=${jni_dir}/jss4.jar
[ldapjdk.jar]=${java_dir}/ldapjdk.jar
[pki-tomcat.jar]=${java_dir}/pki/pki-tomcat.jar
- [resteasy-atom-provider.jar]=${resteasy_java_dir}/resteasy-atom-provider.jar
- [resteasy-jaxb-provider.jar]=${resteasy_java_dir}/resteasy-jaxb-provider.jar
- [resteasy-jaxrs.jar]=${resteasy_java_dir}/resteasy-jaxrs.jar
- [resteasy-jettison-provider.jar]=${resteasy_java_dir}/resteasy-jettison-provider.jar
+ [resteasy-atom-provider.jar]=${RESTEASY_LIB}/resteasy-atom-provider.jar
+ [resteasy-jaxb-provider.jar]=${RESTEASY_LIB}/resteasy-jaxb-provider.jar
+ [resteasy-jaxrs.jar]=${RESTEASY_LIB}/resteasy-jaxrs.jar
+ [resteasy-jettison-provider.jar]=${RESTEASY_LIB}/resteasy-jettison-provider.jar
[scannotation.jar]=${java_dir}/scannotation.jar
[tomcatjss.jar]=${java_dir}/tomcat7jss.jar
[velocity.jar]=${java_dir}/velocity.jar
diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py
index 16b6312..d105590 100644
--- a/base/deploy/src/scriptlets/configuration.py
+++ b/base/deploy/src/scriptlets/configuration.py
@@ -92,7 +92,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.systemd.restart()
# Pass control to the Java servlet via Jython 2.2 'configuration.jy'
- util.jython.invoke(master['pki_jython_configuration_scriptlet'])
+ util.jython.invoke(
+ master['pki_jython_configuration_scriptlet'],
+ master['RESTEASY_LIB'])
return self.rv
def respawn(self):
diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py
index 4bbf92e..7b20e47 100644
--- a/base/deploy/src/scriptlets/pkiconfig.py
+++ b/base/deploy/src/scriptlets/pkiconfig.py
@@ -20,16 +20,6 @@
#
import re
-def is_rhel():
- try:
- f = open("/etc/redhat-release")
- for line in f:
- if re.search("Red Hat Enterprise Linux", line):
- return True
- except IOError, e:
- pass
- return False
-
# PKI Deployment Constants
PKI_DEPLOYMENT_DEFAULT_CLIENT_DIR_PERMISSIONS = 00755
PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS = 00770
@@ -71,10 +61,6 @@ PKI_DEPLOYMENT_JAR_SOURCE_ROOT = "/usr/share/java"
PKI_DEPLOYMENT_HTTPCOMPONENTS_JAR_SOURCE_ROOT = "/usr/share/java/httpcomponents"
PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT = "/usr/share/java/pki"
-PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT = "/usr/share/java/resteasy"
-if is_rhel():
- PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT = "/usr/share/java/resteasy-base"
-
PKI_DEPLOYMENT_SOURCE_ROOT = "/usr/share/pki"
PKI_DEPLOYMENT_SYSTEMD_ROOT = "/lib/systemd/system"
PKI_DEPLOYMENT_SYSTEMD_CONFIGURATION_ROOT = "/etc/systemd/system"
diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py
index 2d7b759..ff11efd 100644
--- a/base/deploy/src/scriptlets/pkihelper.py
+++ b/base/deploy/src/scriptlets/pkihelper.py
@@ -2516,33 +2516,63 @@ class systemd:
# PKI Deployment 'jython' Class
class jython:
- def invoke(self, scriptlet, critical_failure=True):
+ def invoke(self, scriptlet, resteasy_lib, critical_failure=True):
try:
+ # JSS JNI Jars
+ #
+ # NOTE: Always load 64-bit JNI 'jss4.jar'
+ # PRIOR to 32-bit JNI 'jss4.jar'
+ #
+ classpath = "/usr/lib64/java/jss4.jar" +\
+ ":/usr/lib/java/jss4.jar" +\
+ ":/usr/share/java/httpcomponents/httpclient.jar" +\
+ ":/usr/share/java/httpcomponents/httpcore.jar" +\
+ ":/usr/share/java/apache-commons-cli.jar" +\
+ ":/usr/share/java/apache-commons-codec.jar" +\
+ ":/usr/share/java/apache-commons-logging.jar" +\
+ ":/usr/share/java/istack-commons-runtime.jar" +\
+ ":/usr/share/java/glassfish-jaxb/jaxb-impl.jar" +\
+ ":/usr/share/java/scannotation.jar"
+
+ # RESTEasy Jars
+ classpath = classpath +\
+ ":" + resteasy_lib + "/jaxrs-api.jar" +\
+ ":" + resteasy_lib + "/resteasy-atom-provider.jar" +\
+ ":" + resteasy_lib + "/resteasy-jaxb-provider.jar" +\
+ ":" + resteasy_lib + "/resteasy-jaxrs.jar" +\
+ ":" + resteasy_lib + "/resteasy-jettison-provider.jar"
+
+ # PKI Jars
+ classpath = classpath +\
+ ":/usr/share/java/pki/pki-certsrv.jar" +\
+ ":/usr/share/java/pki/pki-client.jar" +\
+ ":/usr/share/java/pki/pki-cmsutil.jar" +\
+ ":/usr/share/java/pki/pki-nsutil.jar"
+
+ properties = ""
+
# From 'http://www.jython.org/archive/22/userfaq.html':
# Setting this to false will allow Jython to provide access to
# non-public fields, methods, and constructors of Java objects.
- property = "-Dpython.security.respectJavaAccessibility=false"
- # comment the next line out to use the "property" defined above
- property = ""
+ # properties = properties + " -Dpython.security.respectJavaAccessibility=false"
+
# Compose this "jython" command
data = pickle.dumps(master)
- ld_library_path = "LD_LIBRARY_PATH"
if master['pki_architecture'] == 64:
- ld_library_path = ld_library_path + "=" +\
- "/usr/lib64/jss:/usr/lib64:/lib64:" +\
+ ld_library_path = "/usr/lib64/jss:/usr/lib64:/lib64:" +\
"/usr/lib/jss:/usr/lib:/lib"
else:
- ld_library_path = ld_library_path + "=" +\
- "/usr/lib/jss:/usr/lib:/lib"
- command = "export" + " " + ld_library_path + ";" + "jython" + " " +\
- property + " " + scriptlet + " " + "\"" + data + "\""
+ ld_library_path = "/usr/lib/jss:/usr/lib:/lib"
+ command = "export LD_LIBRARY_PATH=" + ld_library_path +\
+ ";export CLASSPATH=" + classpath +\
+ ";jython " + properties + " " + scriptlet
# Display this "jython" command
config.pki_log.info(
- log.PKIHELPER_INVOKE_JYTHON_3,
- ld_library_path, property, scriptlet,
+ log.PKIHELPER_INVOKE_JYTHON_1,
+ command,
extra=config.PKI_INDENTATION_LEVEL_2)
# Invoke this "jython" command
- subprocess.call(command, shell=True)
+ subprocess.call(command + " \"" + data + "\"", shell=True)
except subprocess.CalledProcessError as exc:
config.pki_log.error(log.PKI_SUBPROCESS_ERROR_1, exc,
extra=config.PKI_INDENTATION_LEVEL_2)
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index c1bec93..2567804 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -34,89 +34,10 @@ pki_python_module_path = os.path.join(sys.prefix,
sys.path.append(pki_python_module_path)
-# http://www.jython.org/jythonbook/en/1.0/appendixB.html#working-with-classpath
-###############################################################################
-# from http://forum.java.sun.com/thread.jspa?threadID=300557
-#
-# Author: SG Langer Jan 2007 translated the above Java to this Jython class
-# Purpose: Allow runtime additions of new Class/jars either from local files
-# or URL
-###############################################################################
-class classPathHacker:
- import java.lang.reflect.Method
- import java.io.File
- import java.net.URL
- import java.net.URLClassLoader
- import jarray
-
- def addFile(self, s):
- ##################################################
- # Purpose: If adding a file/jar call this first
- # with s = path_to_jar
- ##################################################
-
- # make a URL out of 's'
- f = self.java.io.File (s)
- u = f.toURL ()
- a = self.addURL (u)
- return a
-
- def addURL(self, u):
- ###########################################
- # Purpose: Call this with u= URL for the
- # new Class/jar to be loaded
- ###########################################
-
- parameters = self.jarray.array([self.java.net.URL],
- self.java.lang.Class)
- sysloader = self.java.lang.ClassLoader.getSystemClassLoader()
- sysclass = self.java.net.URLClassLoader
- method = sysclass.getDeclaredMethod("addURL", parameters)
- a = method.setAccessible(1)
- jar_a = self.jarray.array([u], self.java.lang.Object)
- b = method.invoke(sysloader, jar_a)
- return u
-
# PKI Python Imports
import pkiconfig as config
import pkimessages as log
-# Dynamically Load Additional Java Jars ('append' to existing classpath)
-jarLoad = classPathHacker()
-# Webserver Jars
-jarLoad.addFile("/usr/share/java/httpcomponents/httpclient.jar")
-jarLoad.addFile("/usr/share/java/httpcomponents/httpcore.jar")
-jarLoad.addFile("/usr/share/java/apache-commons-cli.jar")
-jarLoad.addFile("/usr/share/java/apache-commons-codec.jar")
-jarLoad.addFile("/usr/share/java/apache-commons-logging.jar")
-jarLoad.addFile("/usr/share/java/istack-commons-runtime.jar")
-
-# Resteasy Jars
-RESTEASY_ROOT = "resteasy"
-if config.is_rhel():
- RESTEASY_ROOT = "resteasy-base"
-
-jarLoad.addFile("/usr/share/java/glassfish-jaxb/jaxb-impl.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/jaxrs-api.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-atom-provider.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jaxb-provider.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jaxrs.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jettison-provider.jar")
-jarLoad.addFile("/usr/share/java/scannotation.jar")
-# PKI Jars
-jarLoad.addFile("/usr/share/java/pki/pki-certsrv.jar")
-jarLoad.addFile("/usr/share/java/pki/pki-client.jar")
-jarLoad.addFile("/usr/share/java/pki/pki-cmsutil.jar")
-jarLoad.addFile("/usr/share/java/pki/pki-nsutil.jar")
-# JSS JNI Jars
-#
-# NOTE: Always load 64-bit JNI 'jss4.jar'
-# PRIOR to 32-bit JNI 'jss4.jar'
-#
-jarLoad.addFile("/usr/lib64/java/jss4.jar")
-jarLoad.addFile("/usr/lib/java/jss4.jar")
-
-
# Apache Commons Java Imports
from org.apache.commons.cli import CommandLine
from org.apache.commons.cli import CommandLineParser
@@ -125,7 +46,6 @@ from org.apache.commons.cli import Options
from org.apache.commons.cli import ParseException
from org.apache.commons.cli import PosixParser
-
# JSS Java Imports
from org.mozilla.jss import CryptoManager
from org.mozilla.jss.asn1 import ASN1Util
@@ -147,7 +67,6 @@ from org.mozilla.jss.pkix.primitive import Name
from org.mozilla.jss.pkix.primitive import SubjectPublicKeyInfo
from org.mozilla.jss.util import Password
-
# PKI Java Imports
from com.netscape.certsrv.system import SystemConfigClient
from com.netscape.certsrv.system import SystemCertData
diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py
index 8d7ba1b..9c10e01 100644
--- a/base/deploy/src/scriptlets/pkimessages.py
+++ b/base/deploy/src/scriptlets/pkimessages.py
@@ -189,8 +189,7 @@ PKIHELPER_GROUP_ADD_GID_KEYERROR_1 = "KeyError: pki_gid %s"
PKIHELPER_GROUP_ADD_KEYERROR_1 = "KeyError: pki_group %s"
PKIHELPER_INVALID_SELINUX_CONTEXT_FOR_PORT = "port %s has invalid selinux "\
"context %s"
-PKIHELPER_INVOKE_JYTHON_3 = "executing 'export %s;"\
- "jython %s %s <master_dictionary>'"
+PKIHELPER_INVOKE_JYTHON_1 = "executing '%s'"
PKIHELPER_IS_A_DIRECTORY_1 = "'%s' is a directory"
PKIHELPER_IS_A_FILE_1 = "'%s' is a file"
PKIHELPER_IS_A_SYMLINK_1 = "'%s' is a symlink"
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 80bdcb2..3d9ec7f 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -26,6 +26,7 @@ import logging
import os
import random
import string
+import subprocess
import sys
import time
@@ -276,6 +277,12 @@ class PKIConfigParser:
config.pki_master_dict.update(config.pki_subsystem_dict)
config.pki_master_dict.update(__name__="PKI Master Dictionary")
+ # RESTEasy
+ config.pki_master_dict['RESTEASY_LIB'] =\
+ subprocess.check_output(
+ 'source /etc/pki/pki.conf && echo $RESTEASY_LIB',
+ shell=True).strip()
+
# IMPORTANT: A "PKI instance" no longer corresponds to a single
# pki subystem, but rather to a unique
# "Tomcat web instance" or a unique "Apache web instance".
@@ -624,7 +631,7 @@ class PKIConfigParser:
os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT,
"javassist.jar")
config.pki_master_dict['pki_resteasy_jaxrs_api_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"jaxrs-api.jar")
config.pki_master_dict['pki_jettison_jar'] =\
os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT,
@@ -654,16 +661,16 @@ class PKIConfigParser:
os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT,
"pki-tomcat.jar")
config.pki_master_dict['pki_resteasy_atom_provider_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-atom-provider.jar")
config.pki_master_dict['pki_resteasy_jaxb_provider_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-jaxb-provider.jar")
config.pki_master_dict['pki_resteasy_jaxrs_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-jaxrs.jar")
config.pki_master_dict['pki_resteasy_jettison_provider_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-jettison-provider.jar")
config.pki_master_dict['pki_scannotation_jar'] =\
os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT,
diff --git a/base/java-tools/pki b/base/java-tools/pki
index e465fa9..07194c9 100755
--- a/base/java-tools/pki
+++ b/base/java-tools/pki
@@ -71,6 +71,9 @@ if( $ARCHITECTURE eq "i386" ) {
## order this command wrapper uses to find jar files. ##
###############################################################################
+my $RESTEASY_LIB = `source /etc/pki/pki.conf && echo \$RESTEASY_LIB`;
+chomp($RESTEASY_LIB);
+
$ENV{CLASSPATH} = "/usr/share/java/${PRODUCT}/pki-certsrv.jar:"
. "/usr/share/java/${PRODUCT}/pki-nsutil.jar:"
. "/usr/share/java/${PRODUCT}/pki-tools.jar:"
@@ -82,10 +85,10 @@ $ENV{CLASSPATH} = "/usr/share/java/${PRODUCT}/pki-certsrv.jar:"
. "/usr/share/java/httpcomponents/httpclient.jar:"
. "/usr/share/java/httpcomponents/httpcore.jar:"
. "/usr/share/java/jaxb-api.jar:"
- . "/usr/share/java/resteasy/jaxrs-api.jar:"
- . "/usr/share/java/resteasy/resteasy-atom-provider.jar:"
- . "/usr/share/java/resteasy/resteasy-jaxb-provider.jar:"
- . "/usr/share/java/resteasy/resteasy-jaxrs.jar:"
+ . "${RESTEASY_LIB}/jaxrs-api.jar:"
+ . "${RESTEASY_LIB}/resteasy-atom-provider.jar:"
+ . "${RESTEASY_LIB}/resteasy-jaxb-provider.jar:"
+ . "${RESTEASY_LIB}/resteasy-jaxrs.jar:"
. "/usr/share/java/servlet.jar:";
if( $ARCHITECTURE eq "x86_64" ) {
diff --git a/base/java-tools/src/CMakeLists.txt b/base/java-tools/src/CMakeLists.txt
index 96aae5c..6ea69ca 100644
--- a/base/java-tools/src/CMakeLists.txt
+++ b/base/java-tools/src/CMakeLists.txt
@@ -49,24 +49,21 @@ find_file(JAXRS_API_JAR
NAMES
jaxrs-api.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
find_file(RESTEASY_JAXRS_JAR
NAMES
resteasy-jaxrs.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
find_file(RESTEASY_ATOM_PROVIDER_JAR
NAMES
resteasy-atom-provider.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
find_file(HTTPCLIENT_JAR
diff --git a/base/kra/src/CMakeLists.txt b/base/kra/src/CMakeLists.txt
index d9ab25c..99088ce 100644
--- a/base/kra/src/CMakeLists.txt
+++ b/base/kra/src/CMakeLists.txt
@@ -50,8 +50,7 @@ find_file(JAXRS_API_JAR
NAMES
jaxrs-api.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
# '${JAVA_LIB_INSTALL_DIR}' jars
diff --git a/base/ocsp/src/CMakeLists.txt b/base/ocsp/src/CMakeLists.txt
index 39468ca..d3bdf0e 100644
--- a/base/ocsp/src/CMakeLists.txt
+++ b/base/ocsp/src/CMakeLists.txt
@@ -50,8 +50,7 @@ find_file(JAXRS_API_JAR
NAMES
jaxrs-api.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
# '${JAVA_LIB_INSTALL_DIR}' jars
diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions
index 058022e..3f7f955 100644
--- a/base/setup/scripts/functions
+++ b/base/setup/scripts/functions
@@ -30,6 +30,10 @@
# 200-254 reserved
#
+if [ -f /etc/pki/pki.conf ] ; then
+ . /etc/pki/pki.conf
+fi
+
# PKI subsystem-level directory and file values for locks
lockfile="/var/lock/subsys/${SERVICE_NAME}"
@@ -980,7 +984,7 @@ verify_symlinks()
[xml-commons-apis.jar]=/usr/share/java/xml-commons-apis.jar
[xml-commons-resolver.jar]=/usr/share/java/xml-commons-resolver.jar
# dogtag 9 -> dogtag 10
- [resteasy-jaxrs.jar]=/usr/share/java/resteasy/resteasy-jaxrs.jar)
+ [resteasy-jaxrs.jar]=${RESTEASY_LIB}/resteasy-jaxrs.jar)
if [ "${PKI_SUBSYSTEM_TYPE}" == "tks" ]; then
webapps_jar_symlinks[symkey.jar]=${jni_dir}/symkey.jar
diff --git a/base/tks/src/CMakeLists.txt b/base/tks/src/CMakeLists.txt
index 0ff69ae..9d0d3a7 100644
--- a/base/tks/src/CMakeLists.txt
+++ b/base/tks/src/CMakeLists.txt
@@ -50,8 +50,7 @@ find_file(JAXRS_API_JAR
NAMES
jaxrs-api.jar
PATHS
- /usr/share/java/resteasy
- /usr/share/java/resteasy-base
+ ${RESTEASY_LIB}
)
diff --git a/specs/pki-core.spec b/specs/pki-core.spec
index 8c3c791..f748154 100644
--- a/specs/pki-core.spec
+++ b/specs/pki-core.spec
@@ -14,7 +14,7 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")}
Name: pki-core
Version: 10.0.0
-Release: %{?relprefix}54%{?prerel}%{?dist}
+Release: %{?relprefix}55%{?prerel}%{?dist}
Summary: Certificate System - PKI Core Components
URL: http://pki.fedoraproject.org/
License: GPLv2
@@ -462,7 +462,6 @@ This package is a part of the PKI Core used by the Certificate System.
%clean
%{__rm} -rf %{buildroot}
-
%build
%{__mkdir_p} build
cd build
@@ -471,6 +470,11 @@ cd build
-DBUILD_PKI_CORE:BOOL=ON \
-DJAVA_LIB_INSTALL_DIR=%{_jnidir} \
-DSYSTEMD_LIB_INSTALL_DIR=%{_unitdir} \
+%if 0%{?rhel}
+ -DRESTEASY_LIB=/usr/share/java/resteasy-base \
+%else
+ -DRESTEASY_LIB=/usr/share/java/resteasy \
+%endif
%{?_without_javadoc:-DWITH_JAVADOC:BOOL=OFF} \
%if ! 0%{?rhel} && 0%{?fedora} <= 17
-DBUILD_PKI_SELINUX:BOOL=ON \
@@ -809,7 +813,7 @@ fi
%files -n pki-server
%defattr(-,root,root,-)
%doc base/deploy/LICENSE
-%{_sysconfdir}/pki/default.cfg
+%{_sysconfdir}/pki/
%{_sbindir}/pkispawn
%{_sbindir}/pkidestroy
#%{_bindir}/pki-setup-proxy
@@ -820,6 +824,9 @@ fi
%{_datadir}/pki/deployment/config/
%dir %{_datadir}/pki/scripts
%{_datadir}/pki/scripts/operations
+%{_datadir}/pki/scripts/pkicommon.pm
+%{_datadir}/pki/scripts/functions
+%{_datadir}/pki/scripts/pki_apache_initscript
%dir %{_localstatedir}/lock/pki
%dir %{_localstatedir}/run/pki
%{_bindir}/pkidaemon
@@ -837,13 +844,7 @@ fi
%{_bindir}/pkiremove
%{_bindir}/pki-setup-proxy
%{_bindir}/pkisilent
-%dir %{_datadir}/pki/scripts
-%{_datadir}/pki/scripts/pkicommon.pm
-%{_datadir}/pki/scripts/functions
-%{_datadir}/pki/scripts/pki_apache_initscript
%{_datadir}/pki/silent/
-%dir %{_localstatedir}/lock/pki
-%dir %{_localstatedir}/run/pki
%{_bindir}/pkicontrol
# Details:
@@ -959,6 +960,10 @@ fi
%changelog
+* Thu Dec 6 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.55.b3
+- Added system-wide configuration /etc/pki/pki.conf.
+- Removed redundant lines in %files.
+
* Tue Dec 4 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.54.b3
- Moved default deployment configuration to /etc/pki.