PKI Deployment Scriptlets

* TRAC Ticket #263 - Dogtag 10: Fix 'pkidestroy' problem of sporadically "not" removing "/etc/sysconfig/{pki_instance_id}" . . . * TRAC Ticket #264 - Dogtag 10: Enable various other subsystems for configuration . . . * TRAC Ticket #261 - Dogtag 10: Revisit command-line options of 'pkispawn' and 'pkidestroy' . . . * TRAC Ticket #268 - Dogtag 10: Create a parameter for optional restart of configured PKI instance . . . * TRAC Ticket #270 - Dogtag 10: Add missing parameters to 'pkideployment.cfg' . . . * TRAC Ticket #265 - Dogtag 10: Provide configurable options for PKI client information . . . * TRAC Ticket #275 - Dogtag 10: Add debug information (comments) to Tomcat 7 "logging.properties" * TRAC Ticket #276 - Dogtag 10: Relocate all 'pin' data to the 'sensitive' dictionary * TRAC Ticket #277 - Dogtag 10: Create an 'archive' for 'manifest' and 'pkideployment.cfg' files * TRAC Ticket #278 - Dogtag 10: Fix Miscellaneous PKI Deployment Scriptlet Issues . . .
author: Matthew Harmsen <mharmsen@redhat.com> 2012-07-28 18:59:30 -0700
committer: Ade Lee <alee@redhat.com> 2012-07-30 23:51:19 -0400
commit: f589cc1e267d6d7b67a6463b4495b7a9c982669f (patch)
tree: 765428401ea3072d768b6d5f52f366e617bcc927 /base/deploy/src/scriptlets/initialization.py
parent: 2d427ce0008fb43ae9f6c02301ce6793a42904b9 (diff)
download: pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.tar.gz
pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.tar.xz
pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.zip
1 files changed, 16 insertions, 2 deletions
diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py
index da1a93465..f158592d3 100644
--- a/base/deploy/src/scriptlets/initialization.py
+++ b/base/deploy/src/scriptlets/initialization.py
@@ -32,8 +32,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
     rv = 0
 
     def spawn(self):
-        # detect and avoid any namespace collisions
-        util.namespace.collision_detection()
         # begin official logging
         config.pki_log.info(log.PKISPAWN_BEGIN_MESSAGE_2,
                             master['pki_subsystem'],
@@ -41,6 +39,11 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
                             extra=config.PKI_INDENTATION_LEVEL_0)
         config.pki_log.info(log.INITIALIZATION_SPAWN_1, __name__,
                             extra=config.PKI_INDENTATION_LEVEL_1)
+        # verify that this type of "subsystem" does NOT yet
+        # exist for this "instance"
+        util.instance.verify_subsystem_does_not_exist()
+        # detect and avoid any namespace collisions
+        util.namespace.collision_detection()
         # initialize 'uid' and 'gid'
         util.identity.add_uid_and_gid(master['pki_user'], master['pki_group'])
         # establish 'uid' and 'gid'
@@ -50,6 +53,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
         util.configuration_file.verify_sensitive_data()
         # verify existence of MUTUALLY EXCLUSIVE configuration file data
         util.configuration_file.verify_mutually_exclusive_data()
+        # verify existence of PREDEFINED configuration file data
+        util.configuration_file.verify_predefined_configuration_file_data()
         # verify selinux context of selected ports
         util.configuration_file.populate_non_default_ports()
         util.configuration_file.verify_selinux_ports()
@@ -63,6 +68,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
                             extra=config.PKI_INDENTATION_LEVEL_0)
         config.pki_log.info(log.INITIALIZATION_RESPAWN_1, __name__,
                             extra=config.PKI_INDENTATION_LEVEL_1)
+        # verify that this type of "subsystem" currently EXISTS
+        # for this "instance"
+        util.instance.verify_subsystem_exists()
         # establish 'uid' and 'gid'
         util.identity.set_uid(master['pki_user'])
         util.identity.set_gid(master['pki_group'])
@@ -76,6 +84,12 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
                             extra=config.PKI_INDENTATION_LEVEL_0)
         config.pki_log.info(log.INITIALIZATION_DESTROY_1, __name__,
                             extra=config.PKI_INDENTATION_LEVEL_1)
+        # verify that this type of "subsystem" currently EXISTS
+        # for this "instance"
+        util.instance.verify_subsystem_exists()
+        # verify that the command-line parameters match the values
+        # that are present in the corresponding configuration file
+        util.configuration_file.verify_command_matches_configuration_file()
         # establish 'uid' and 'gid'
         util.identity.set_uid(master['pki_user'])
         util.identity.set_gid(master['pki_group'])
author	Matthew Harmsen <mharmsen@redhat.com>	2012-07-28 18:59:30 -0700
committer	Ade Lee <alee@redhat.com>	2012-07-30 23:51:19 -0400
commit	f589cc1e267d6d7b67a6463b4495b7a9c982669f (patch)
tree	765428401ea3072d768b6d5f52f366e617bcc927 /base/deploy/src/scriptlets/initialization.py
parent	2d427ce0008fb43ae9f6c02301ce6793a42904b9 (diff)
download	pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.tar.gz pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.tar.xz pki-f589cc1e267d6d7b67a6463b4495b7a9c982669f.zip