diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2014-07-24 11:16:56 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2014-08-04 14:15:36 -0700 |
commit | 3cbd3f4fd71bace3e1b5020defba07a3311d082a (patch) | |
tree | ad1896e2122382b20e1940480a061fa44d58d86f /base/server/python/pki/server/deployment/scriptlets | |
parent | 7227047530a5a809299bf3198f6886776af1742e (diff) | |
download | pki-3cbd3f4fd71bace3e1b5020defba07a3311d082a.tar.gz pki-3cbd3f4fd71bace3e1b5020defba07a3311d082a.tar.xz pki-3cbd3f4fd71bace3e1b5020defba07a3311d082a.zip |
Fix independent pkispawn installation and configuration
* PKI TRAC Ticket #905 - 2 Step Configuration of CA instance using
pkispawn fails
Diffstat (limited to 'base/server/python/pki/server/deployment/scriptlets')
-rw-r--r-- | base/server/python/pki/server/deployment/scriptlets/finalization.py | 13 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/scriptlets/initialization.py | 12 |
2 files changed, 7 insertions, 18 deletions
diff --git a/base/server/python/pki/server/deployment/scriptlets/finalization.py b/base/server/python/pki/server/deployment/scriptlets/finalization.py index 4d4b59c64..d3756b7ae 100644 --- a/base/server/python/pki/server/deployment/scriptlets/finalization.py +++ b/base/server/python/pki/server/deployment/scriptlets/finalization.py @@ -32,18 +32,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): def spawn(self, deployer): - if (deployer.mdict['pki_subsystem'] == "CA" or - config.str2bool(deployer.mdict['pki_standalone'])) and\ - config.str2bool(deployer.mdict['pki_external_step_two']): - # For External CAs (Step 2), or Stand-alone PKIs (Step 2), - # must check for (Step 2) installation PRIOR to - # 'pki_skip_installation' since this value has been set to true - # by the initialization scriptlet - pass - elif config.str2bool(deployer.mdict['pki_skip_installation']): - config.pki_log.info(log.SKIP_FINALIZATION_SPAWN_1, __name__, - extra=config.PKI_INDENTATION_LEVEL_1) - return self.rv + # ALWAYS finalize execution of scriptlets config.pki_log.info(log.FINALIZATION_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) # For debugging/auditing purposes, save a timestamped copy of diff --git a/base/server/python/pki/server/deployment/scriptlets/initialization.py b/base/server/python/pki/server/deployment/scriptlets/initialization.py index a0f1e313a..a555a8938 100644 --- a/base/server/python/pki/server/deployment/scriptlets/initialization.py +++ b/base/server/python/pki/server/deployment/scriptlets/initialization.py @@ -36,6 +36,12 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.mdict['pki_subsystem'], deployer.mdict['pki_instance_name'], extra=config.PKI_INDENTATION_LEVEL_0) + # ALWAYS initialize 'uid' and 'gid' + deployer.identity.add_uid_and_gid(deployer.mdict['pki_user'], + deployer.mdict['pki_group']) + # ALWAYS establish 'uid' and 'gid' + deployer.identity.set_uid(deployer.mdict['pki_user']) + deployer.identity.set_gid(deployer.mdict['pki_group']) if config.str2bool(deployer.mdict['pki_skip_installation']): config.pki_log.info(log.SKIP_INITIALIZATION_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) @@ -56,12 +62,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.instance.verify_subsystem_does_not_exist() # detect and avoid any namespace collisions deployer.namespace.collision_detection() - # initialize 'uid' and 'gid' - deployer.identity.add_uid_and_gid(deployer.mdict['pki_user'], - deployer.mdict['pki_group']) - # establish 'uid' and 'gid' - deployer.identity.set_uid(deployer.mdict['pki_user']) - deployer.identity.set_gid(deployer.mdict['pki_group']) # verify existence of SENSITIVE configuration file data deployer.configuration_file.verify_sensitive_data() # verify existence of MUTUALLY EXCLUSIVE configuration file data |