Fixed Java dependency.

The code has been modified to use the JAVA_HOME path specified in the pki.conf. The spec file has been modified to depend specifically on OpenJDK 1.8.0 and to provide the default JAVA_HOME path for the pki.conf. https://fedorahosted.org/pki/ticket/2363
author: Endi S. Dewata <edewata@redhat.com> 2016-06-16 17:23:22 -0500
committer: Endi S. Dewata <edewata@redhat.com> 2016-06-17 20:19:09 +0200
commit: fc96c05922d1a42d0fbaaa02a67a31e69c667f84 (patch)
tree: b0a1fd07d733888cbda0480439859e1af752ff17
parent: 502e9ee5eb52bda8cb5bdf4ac4ef1d32dbded98f (diff)
download: pki-fc96c05922d1a42d0fbaaa02a67a31e69c667f84.tar.gz
pki-fc96c05922d1a42d0fbaaa02a67a31e69c667f84.tar.xz
pki-fc96c05922d1a42d0fbaaa02a67a31e69c667f84.zip
15 files changed, 79 insertions, 41 deletions
diff --git a/base/common/share/etc/pki.conf b/base/common/share/etc/pki.conf
index 57cb83e5a..f43d9148c 100644
--- a/base/common/share/etc/pki.conf
+++ b/base/common/share/etc/pki.conf
@@ -1,3 +1,6 @@
+# Java home
+JAVA_HOME=${JAVA_HOME}
+
 # JNI jar file location
 JNI_JAR_DIR=/usr/lib/java
 
diff --git a/base/java-tools/bin/pki b/base/java-tools/bin/pki
index 88490f7da..c9170831b 100644
--- a/base/java-tools/bin/pki
+++ b/base/java-tools/bin/pki
@@ -70,6 +70,12 @@ class PKICLI(pki.cli.CLI):
 
     def execute_java(self, args, stdout=sys.stdout):
 
+        # read Java home
+        value = subprocess.check_output(
+            '. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $JAVA_HOME',
+            shell=True)
+        java_home = value.decode(sys.getfilesystemencoding()).strip()
+
         # read RESTEasy library path
         value = subprocess.check_output(
             '. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $RESTEASY_LIB',
@@ -117,7 +123,7 @@ class PKICLI(pki.cli.CLI):
         ]
 
         cmd = [
-            'java',
+            java_home + '/bin/java',
             '-cp',
             ':'.join(classpath),
             '-Djava.util.logging.config.file=' + logging_config,
diff --git a/base/java-tools/templates/pki_java_command_wrapper.in b/base/java-tools/templates/pki_java_command_wrapper.in
index c6dfc6409..fcf3b3a2e 100644
--- a/base/java-tools/templates/pki_java_command_wrapper.in
+++ b/base/java-tools/templates/pki_java_command_wrapper.in
@@ -19,6 +19,12 @@
 # --- END COPYRIGHT BLOCK ---
 #
 
+# Read default PKI configuration.
+. /usr/share/pki/etc/pki.conf
+
+# Read user-defined PKI configuration.
+. /etc/pki/pki.conf
+
 # Check to insure that this script's original invocation directory
 # has not been deleted!
 CWD=`/bin/pwd > /dev/null 2>&1`
@@ -68,7 +74,7 @@ OS=`uname -s`
 
 if [ "${OS}" = "Linux" ] ; then
     ARCHITECTURE=`arch`
-    JAVA="java"
+    JAVA="${JAVA_HOME}/bin/java"
     JAVA_OPTIONS=""
 elif [ "${OS}" = "SunOS" ] ; then
     ARCHITECTURE=`uname -p`
@@ -110,7 +116,6 @@ fi
 ##      order this command wrapper uses to find jar files.                   ##
 ###############################################################################
 
-JNI_JAR_DIR=`. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $JNI_JAR_DIR`
 CP=${JNI_JAR_DIR}/jss4.jar
 CP=/usr/share/java/commons-cli.jar:${CP}
 CP=/usr/share/java/commons-codec.jar:${CP}
@@ -124,8 +129,6 @@ CP=/usr/share/java/${PRODUCT}/pki-cmsutil.jar:${CP}
 CP=/usr/share/java/${PRODUCT}/pki-tools.jar:${CP}
 export CP
 
-LOGGING_CONFIG=`. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $LOGGING_CONFIG`
-
 ###############################################################################
 ##  (6) Execute the java command specified by this java command wrapper      ##
 ##      based upon the preset LD_LIBRARY_PATH and CP environment variables.  ##
diff --git a/base/java-tools/templates/pretty_print_cert_command_wrapper.in b/base/java-tools/templates/pretty_print_cert_command_wrapper.in
index 6dc86de27..63451d0c5 100644
--- a/base/java-tools/templates/pretty_print_cert_command_wrapper.in
+++ b/base/java-tools/templates/pretty_print_cert_command_wrapper.in
@@ -19,6 +19,12 @@
 # --- END COPYRIGHT BLOCK ---
 #
 
+# Read default PKI configuration.
+. /usr/share/pki/etc/pki.conf
+
+# Read user-defined PKI configuration.
+. /etc/pki/pki.conf
+
 # Check to insure that this script's original invocation directory
 # has not been deleted!
 CWD=`/bin/pwd > /dev/null 2>&1`
@@ -68,7 +74,7 @@ OS=`uname -s`
 
 if [ "${OS}" = "Linux" ] ; then
     ARCHITECTURE=`arch`
-    JAVA="java"
+    JAVA="${JAVA_HOME}/bin/java"
     JAVA_OPTIONS=""
 elif [ "${OS}" = "SunOS" ] ; then
     ARCHITECTURE=`uname -p`
diff --git a/base/java-tools/templates/pretty_print_crl_command_wrapper.in b/base/java-tools/templates/pretty_print_crl_command_wrapper.in
index 2a74d4d60..0c518ced3 100644
--- a/base/java-tools/templates/pretty_print_crl_command_wrapper.in
+++ b/base/java-tools/templates/pretty_print_crl_command_wrapper.in
@@ -19,6 +19,12 @@
 # --- END COPYRIGHT BLOCK ---
 #
 
+# Read default PKI configuration.
+. /usr/share/pki/etc/pki.conf
+
+# Read user-defined PKI configuration.
+. /etc/pki/pki.conf
+
 # Check to insure that this script's original invocation directory
 # has not been deleted!
 CWD=`/bin/pwd > /dev/null 2>&1`
@@ -68,7 +74,7 @@ OS=`uname -s`
 
 if [ "${OS}" = "Linux" ] ; then
     ARCHITECTURE=`arch`
-    JAVA="java"
+    JAVA="${JAVA_HOME}/bin/java"
     JAVA_OPTIONS=""
 elif [ "${OS}" = "SunOS" ] ; then
     ARCHITECTURE=`uname -p`
diff --git a/base/server/etc/default.cfg b/base/server/etc/default.cfg
index 2cb887d09..aa97e1fe6 100644
--- a/base/server/etc/default.cfg
+++ b/base/server/etc/default.cfg
@@ -11,6 +11,8 @@
 ###############################################################################
 [DEFAULT]
 
+JAVA_HOME=%(java_home)s
+
 # The sensitive_parameters contains a list of parameters which may contain
 # sensitive information which must not be displayed to the console nor stored
 # in log files for security reasons.
diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py
index 1be984d12..0145b4926 100644
--- a/base/server/python/pki/server/deployment/pkihelper.py
+++ b/base/server/python/pki/server/deployment/pkihelper.py
@@ -1818,7 +1818,10 @@ class File:
 
             except KeyError:
                 # undefined parameter, skip
-                pass
+                config.pki_log.debug(
+                    'ignoring slot [%s]',
+                    line[begin:end + 1],
+                    extra=config.PKI_INDENTATION_LEVEL_3)
 
             # find the next parameter in the remainder of the line
             begin = line.find('[', end + 1)
diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py
index fb569d0d7..b1fc21310 100644
--- a/base/server/python/pki/server/deployment/pkiparser.py
+++ b/base/server/python/pki/server/deployment/pkiparser.py
@@ -170,9 +170,18 @@ class PKIConfigParser:
 
     def init_config(self):
 
+        java_home = subprocess.check_output(
+            '. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf '
+            '&& echo $JAVA_HOME',
+            shell=True)
+        java_home = java_home.decode(sys.getfilesystemencoding())
+        # workaround for pylint error E1103
+        java_home = java_home.strip()
+
         # RESTEasy
         resteasy_lib = subprocess.check_output(
-            '. /etc/pki/pki.conf && echo $RESTEASY_LIB',
+            '. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf '
+            '&& echo $RESTEASY_LIB',
             shell=True)
         resteasy_lib = resteasy_lib.decode(sys.getfilesystemencoding())
         # workaround for pylint error E1103
@@ -203,6 +212,7 @@ class PKIConfigParser:
             'pki_subsystem': config.pki_subsystem,
             'pki_subsystem_type': config.pki_subsystem.lower(),
             'pki_root_prefix': config.pki_root_prefix,
+            'java_home': java_home,
             'resteasy_lib': resteasy_lib,
             'jni_jar_dir': jni_jar_dir,
             'home_dir': os.path.expanduser("~"),
diff --git a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py
index 98d82ff98..57f8537e0 100644
--- a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py
+++ b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py
@@ -55,6 +55,18 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
                 deployer.mdict['pki_instance_configuration_path'],
                 ignore_cb=file_ignore_callback_src_server)
 
+            # create /etc/sysconfig/<instance>
+            deployer.file.copy_with_slot_substitution(
+                deployer.mdict['pki_source_tomcat_conf'],
+                deployer.mdict['pki_target_tomcat_conf_instance_id'],
+                uid=0, gid=0, overwrite_flag=True)
+
+            # create /var/lib/pki/<instance>/conf/tomcat.conf
+            deployer.file.copy_with_slot_substitution(
+                deployer.mdict['pki_source_tomcat_conf'],
+                deployer.mdict['pki_target_tomcat_conf'],
+                overwrite_flag=True)
+
             # Deploy ROOT web application
             deployer.deploy_webapp(
                 "ROOT",
diff --git a/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py b/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py
index 1e85e44da..462a682f7 100644
--- a/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py
+++ b/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py
@@ -61,14 +61,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
                 deployer.mdict['pki_source_context_xml'],
                 deployer.mdict['pki_target_context_xml'],
                 overwrite_flag=True)
-            deployer.file.copy_with_slot_substitution(
-                deployer.mdict['pki_source_tomcat_conf'],
-                deployer.mdict['pki_target_tomcat_conf_instance_id'],
-                uid=0, gid=0, overwrite_flag=True)
-            deployer.file.copy_with_slot_substitution(
-                deployer.mdict['pki_source_tomcat_conf'],
-                deployer.mdict['pki_target_tomcat_conf'],
-                overwrite_flag=True)
 
         if deployer.mdict['pki_subsystem'] == "CA":
             deployer.file.copy_with_slot_substitution(
diff --git a/base/server/scripts/operations b/base/server/scripts/operations
index cbd329a0d..14443c4a5 100644
--- a/base/server/scripts/operations
+++ b/base/server/scripts/operations
@@ -30,9 +30,11 @@
 #  200-254 reserved
 #
 
-if [ -f /etc/pki/pki.conf ] ; then
-  . /etc/pki/pki.conf
-fi
+# Read default PKI configuration.
+. /usr/share/pki/etc/pki.conf
+
+# Read user-defined PKI configuration.
+. /etc/pki/pki.conf
 
 default_error=0
 
@@ -920,7 +922,7 @@ verify_symlinks()
         jni_jar_dir="/usr/share/java"
         tomcat_dir="/usr/share/tomcat7"
     else
-        jni_jar_dir=`. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $JNI_JAR_DIR`
+        jni_jar_dir="$JNI_JAR_DIR"
         tomcat_dir="/usr/share/tomcat"
     fi
 
@@ -1426,6 +1428,7 @@ find_openjdks()
 
 # function used by debian to set JAVA_HOME
 # taken from /etc/init.d/tomcat7
+# TODO: get JAVA_HOME for Debian from pki.conf
 set_java_home()
 {
     find_openjdks
@@ -1439,6 +1442,7 @@ set_java_home()
             JAVA_HOME="$jdir"
         fi
     done
+
     export JAVA_HOME
 }
 
diff --git a/base/server/share/conf/tomcat.conf b/base/server/share/conf/tomcat.conf
index 83a6cf1e6..bd2359c8b 100644
--- a/base/server/share/conf/tomcat.conf
+++ b/base/server/share/conf/tomcat.conf
@@ -4,23 +4,15 @@
 # Modifications: configuration parameters
 # --- END COPYRIGHT BLOCK ---
 
-# System-wide configuration file for tomcat services
-# This will be sourced by tomcat and any secondary service
-# Values will be overridden by service-specific configuration
-# files in /etc/sysconfig
-#
-# Use this one to change default values for all services
-# Change the service specific ones to affect only one service
-# (see, for instance, /etc/sysconfig/tomcat)
-#
+# This file contains instance-specific configuration.
 
 # Where your java installation lives
-#JAVA_HOME="/usr/lib/jvm/jre"
+JAVA_HOME="[JAVA_HOME]"
 
 # Where your tomcat installation lives
 CATALINA_BASE="[PKI_INSTANCE_PATH]"
-#CATALINA_HOME="/usr/share/tomcat"
-#JASPER_HOME="/usr/share/tomcat"
+
+# Instance tmp dir
 CATALINA_TMPDIR=[PKI_TMPDIR]
 
 # NOTE: JAVA_OPTS is now only read once.  All desired settings must be concatenated
diff --git a/base/server/upgrade/10.1.99/02-ReplaceJettisonWithJackson b/base/server/upgrade/10.1.99/02-ReplaceJettisonWithJackson
index 9926b60bf..c08fbfa11 100755
--- a/base/server/upgrade/10.1.99/02-ReplaceJettisonWithJackson
+++ b/base/server/upgrade/10.1.99/02-ReplaceJettisonWithJackson
@@ -40,7 +40,7 @@ class ReplaceJettisonWithJackson(pki.server.upgrade.PKIServerUpgradeScriptlet):
 
         # RESTEasy library
         resteasy_lib = subprocess.check_output(
-            '. /etc/pki/pki.conf && echo $RESTEASY_LIB',
+            '. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $RESTEASY_LIB',
             shell=True)
         resteasy_lib = resteasy_lib.decode(sys.getfilesystemencoding())
         # workaround for pylint error E1103
diff --git a/base/server/upgrade/10.1.99/03-AddedRESTEasyClient b/base/server/upgrade/10.1.99/03-AddedRESTEasyClient
index c38e0a62f..245ad3a32 100755
--- a/base/server/upgrade/10.1.99/03-AddedRESTEasyClient
+++ b/base/server/upgrade/10.1.99/03-AddedRESTEasyClient
@@ -40,7 +40,7 @@ class AddedRESTEasyClient(pki.server.upgrade.PKIServerUpgradeScriptlet):
 
         # RESTEasy library
         resteasy_lib = subprocess.check_output(
-            '. /etc/pki/pki.conf && echo $RESTEASY_LIB',
+            '. /usr/share/pki/etc/pki.conf && . /etc/pki/pki.conf && echo $RESTEASY_LIB',
             shell=True)
         resteasy_lib = resteasy_lib.decode(sys.getfilesystemencoding())
         # workaround for pylint error E1103
diff --git a/specs/pki-core.spec b/specs/pki-core.spec
index 63eee8094..5574c8399 100644
--- a/specs/pki-core.spec
+++ b/specs/pki-core.spec
@@ -20,6 +20,9 @@
 %global package_fedora_packages 1
 %endif
 
+# Java
+%define java_home /usr/lib/jvm/jre-1.8.0-openjdk
+
 # Tomcat
 %if 0%{?fedora} >= 23
 %define with_tomcat7 0
@@ -65,12 +68,7 @@ BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:    cmake >= 2.8.9-1
 BuildRequires:    zip
-%if 0%{?rhel}
-# HACK:  RHEL builds currently suppress 'Provides: java-devel' . . .
 BuildRequires:    java-1.8.0-openjdk-devel
-%else
-BuildRequires:    java-devel >= 1:1.8.0
-%endif
 BuildRequires:    redhat-rpm-config
 BuildRequires:    ldapjdk
 BuildRequires:    apache-commons-cli
@@ -286,7 +284,7 @@ least one PKI Theme package:                                           \
 Summary:          Symmetric Key JNI Package
 Group:            System Environment/Libraries
 
-Requires:         java-headless >= 1:1.8.0
+Requires:         java-1.8.0-openjdk-headless
 Requires:         nss
 Requires:         jpackage-utils >= 0:1.7.5-10
 Requires:         jss >= 4.2.6-40
@@ -771,6 +769,7 @@ cd build
 %cmake -DVERSION=%{version}-%{release} \
 	-DVAR_INSTALL_DIR:PATH=/var \
 	-DBUILD_PKI_CORE:BOOL=ON \
+	-DJAVA_HOME=%{java_home} \
 	-DJAVA_LIB_INSTALL_DIR=%{_jnidir} \
 	-DSYSTEMD_LIB_INSTALL_DIR=%{_unitdir} \
 %if %{version_phase}
author	Endi S. Dewata <edewata@redhat.com>	2016-06-16 17:23:22 -0500
committer	Endi S. Dewata <edewata@redhat.com>	2016-06-17 20:19:09 +0200
commit	fc96c05922d1a42d0fbaaa02a67a31e69c667f84 (patch)
tree	b0a1fd07d733888cbda0480439859e1af752ff17
parent	502e9ee5eb52bda8cb5bdf4ac4ef1d32dbded98f (diff)
download	pki-fc96c05922d1a42d0fbaaa02a67a31e69c667f84.tar.gz pki-fc96c05922d1a42d0fbaaa02a67a31e69c667f84.tar.xz pki-fc96c05922d1a42d0fbaaa02a67a31e69c667f84.zip