diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2012-05-18 10:52:06 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-05-18 11:06:37 -0700 |
commit | 924403a14e92112c3c3d696319759b65eb57a30c (patch) | |
tree | ae097f21c022bd21b4c8b655a0030a8bef3953a3 /base/deploy/src/scriptlets/configuration.py | |
parent | 488480629da8cd7c7263fab9773ef5860ad12947 (diff) | |
download | pki-924403a14e92112c3c3d696319759b65eb57a30c.tar.gz pki-924403a14e92112c3c3d696319759b65eb57a30c.tar.xz pki-924403a14e92112c3c3d696319759b65eb57a30c.zip |
PKI Deployment Scriptlets
* Introduced concept of "admin-domain" originally as a
separate folder, and later incorporated this concept
into an optional instance prefix
* Revised definition of <pki_instance_id> to be identified
as "[<pki_admin_domain_name>-]<pki_instance_name>
* Changed NSS security database model from one shared
database by BOTH a single Tomcat AND single Apache instance
into one per Tomcat instance (shared by CA/KRA/OCSP/TKS) and
one per Apache instance (shared by RA/TPS)
* Altered Configuration 'scriptlet' to invoke Jython for
access to new Java configuration servlet
* Renamed various "scriptlets" to comply with this new layout
* Re-aligned code to account for revised layout documented at
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment
Diffstat (limited to 'base/deploy/src/scriptlets/configuration.py')
-rw-r--r-- | base/deploy/src/scriptlets/configuration.py | 49 |
1 files changed, 42 insertions, 7 deletions
diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py index 45b325ce7..1155e9002 100644 --- a/base/deploy/src/scriptlets/configuration.py +++ b/base/deploy/src/scriptlets/configuration.py @@ -22,31 +22,66 @@ # PKI Deployment Imports import pkiconfig as config from pkiconfig import pki_master_dict as master +import pkihelper as util import pkimessages as log import pkiscriptlet -# PKI Deployment Instance Population Classes +# PKI Deployment Configuration Scriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 def spawn(self): config.pki_log.info(log.CONFIGURATION_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - config.pki_log.info("NOT YET IMPLEMENTED", - extra=config.PKI_INDENTATION_LEVEL_2) + if not config.pki_dry_run_flag: + util.directory.create(master['pki_client_path'], uid=0, gid=0) + util.password.create_password_conf( + master['pki_client_password_conf'], + master['pki_client_pin']) + util.directory.create(master['pki_client_database_path'], + uid=0, gid=0) + util.certutil.create_security_databases( + master['pki_client_database_path'], + master['pki_client_cert_database'], + master['pki_client_key_database'], + master['pki_client_secmod_database'], + password_file=master['pki_client_password_conf']) + else: + util.password.create_password_conf( + master['pki_client_password_conf'], + master['pki_client_pin']) + util.certutil.create_security_databases( + master['pki_client_database_path'], + master['pki_client_cert_database'], + master['pki_client_key_database'], + master['pki_client_secmod_database'], + password_file=master['pki_client_password_conf']) + # Pass control to the Java servlet via Jython 2.2 'configuration.jy' + util.jython.invoke(master['pki_jython_configuration_scriptlet']) return self.rv def respawn(self): config.pki_log.info(log.CONFIGURATION_RESPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - config.pki_log.info("NOT YET IMPLEMENTED", - extra=config.PKI_INDENTATION_LEVEL_2) return self.rv def destroy(self): config.pki_log.info(log.CONFIGURATION_DESTROY_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - config.pki_log.info("NOT YET IMPLEMENTED", - extra=config.PKI_INDENTATION_LEVEL_2) + if not config.pki_dry_run_flag: + if master['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ + util.instance.apache_instances() == 0: + util.directory.delete(master['pki_client_path']) + elif master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ + util.instance.tomcat_instances() == 0: + util.directory.delete(master['pki_client_path']) + else: + # ALWAYS display correct information (even during dry_run) + if master['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ + util.instance.apache_instances() == 1: + util.directory.delete(master['pki_client_path']) + elif master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ + util.instance.tomcat_instances() == 1: + util.directory.delete(master['pki_client_path']) return self.rv |