diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2014-09-02 15:51:53 -0700 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2014-09-02 15:51:53 -0700 |
commit | c99069dac15a8c82e45e21747e94703c72c2a383 (patch) | |
tree | 46ea2acd502138ab84d465f4e0e4924745b01081 /base/server/python/pki/server/deployment | |
parent | e362995b7b63ae3bb4617a59caf9e1a6fefc1492 (diff) | |
download | pki-c99069dac15a8c82e45e21747e94703c72c2a383.tar.gz pki-c99069dac15a8c82e45e21747e94703c72c2a383.tar.xz pki-c99069dac15a8c82e45e21747e94703c72c2a383.zip |
Remove Apache info from pkispawn and pkidestroy
- PKI TRAC Ticket #1077 - Consider removing [Apache] section from 'default.cfg'
Diffstat (limited to 'base/server/python/pki/server/deployment')
11 files changed, 20 insertions, 208 deletions
diff --git a/base/server/python/pki/server/deployment/pkiconfig.py b/base/server/python/pki/server/deployment/pkiconfig.py index 67edad1ee..003d14387 100644 --- a/base/server/python/pki/server/deployment/pkiconfig.py +++ b/base/server/python/pki/server/deployment/pkiconfig.py @@ -38,14 +38,12 @@ PKI_DEPLOYMENT_DEFAULT_USER = "pkiuser" PKI_SUBSYSTEMS = ["CA", "KRA", "OCSP", "RA", "TKS", "TPS"] PKI_SIGNED_AUDIT_SUBSYSTEMS = ["CA", "KRA", "OCSP", "TKS", "TPS"] -PKI_APACHE_SUBSYSTEMS = ["RA"] PKI_TOMCAT_SUBSYSTEMS = ["CA", "KRA", "OCSP", "TKS", "TPS"] PKI_BASE_RESERVED_NAMES = ["alias", "bin", "ca", "common", "conf", "kra", "lib", "logs", "ocsp", "temp", "tks", "tps", "webapps", "work"] PKI_CONFIGURATION_RESERVED_NAMES = ["CA", "java", "nssdb", "rpm-gpg", "rsyslog", "tls"] -PKI_APACHE_REGISTRY_RESERVED_NAMES = ["ra"] PKI_TOMCAT_REGISTRY_RESERVED_NAMES = ["ca", "kra", "ocsp", "tks", "tps"] PKI_INDENTATION_LEVEL_0 = {'indent': ''} @@ -71,7 +69,6 @@ PKI_DEPLOYMENT_LOG_ROOT = "/var/log/pki" # the default 'instance' name may be overridden by the value specified # in the configuration file (the value in the default configuration file # should always match the 'default' instance name specified below). -PKI_DEPLOYMENT_DEFAULT_APACHE_INSTANCE_NAME = "pki-apache" PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME = "pki-tomcat" DEFAULT_DEPLOYMENT_CONFIGURATION = "default.cfg" diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py index afb7eea29..a35b8f347 100644 --- a/base/server/python/pki/server/deployment/pkihelper.py +++ b/base/server/python/pki/server/deployment/pkihelper.py @@ -425,20 +425,7 @@ class Namespace: log.PKIHELPER_NAMESPACE_RESERVED_NAME_2 % ( self.mdict['pki_instance_name'], self.mdict['pki_instance_configuration_path'])) - if self.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS: - # Top-Level Apache PKI registry path reserved name collision - if self.mdict['pki_instance_name'] in\ - config.PKI_APACHE_REGISTRY_RESERVED_NAMES: - config.pki_log.error( - log.PKIHELPER_NAMESPACE_RESERVED_NAME_2, - self.mdict['pki_instance_name'], - self.mdict['pki_instance_registry_path'], - extra=config.PKI_INDENTATION_LEVEL_2) - raise Exception( - log.PKIHELPER_NAMESPACE_RESERVED_NAME_2 % ( - self.mdict['pki_instance_name'], - self.mdict['pki_instance_registry_path'])) - elif self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + if self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: # Top-Level Tomcat PKI registry path reserved name collision if self.mdict['pki_instance_name'] in\ config.PKI_TOMCAT_REGISTRY_RESERVED_NAMES: @@ -869,53 +856,6 @@ class Instance: def __init__(self, deployer): self.mdict = deployer.mdict - def apache_instance_subsystems(self): - rv = 0 - try: - # count number of PKI subsystems present - # within the specified Apache instance - for subsystem in config.PKI_APACHE_SUBSYSTEMS: - path = self.mdict['pki_instance_path'] + "/" + subsystem.lower() - if os.path.exists(path) and os.path.isdir(path): - rv += 1 - config.pki_log.debug(log.PKIHELPER_APACHE_INSTANCE_SUBSYSTEMS_2, - self.mdict['pki_instance_path'], - rv, extra=config.PKI_INDENTATION_LEVEL_2) - except OSError as exc: - config.pki_log.error(log.PKI_OSERROR_1, exc, - extra=config.PKI_INDENTATION_LEVEL_2) - raise - return rv - - def apache_instances(self): - rv = 0 - try: - # Since ALL directories under the top-level PKI 'apache' registry - # directory SHOULD represent PKI Apache instances, and there - # shouldn't be any stray files or symbolic links at this level, - # simply count the number of PKI 'apache' instances (directories) - # present within the PKI 'apache' registry directory - for instance in\ - os.listdir(self.mdict['pki_instance_type_registry_path']): - if os.path.isdir( - os.path.join( - self.mdict['pki_instance_type_registry_path'], - instance)) and not\ - os.path.islink( - os.path.join( - self.mdict['pki_instance_type_registry_path'], - instance)): - rv += 1 - config.pki_log.debug(log.PKIHELPER_APACHE_INSTANCES_2, - self.mdict['pki_instance_type_registry_path'], - rv, - extra=config.PKI_INDENTATION_LEVEL_2) - except OSError as exc: - config.pki_log.error(log.PKI_OSERROR_1, exc, - extra=config.PKI_INDENTATION_LEVEL_2) - raise - return rv - def pki_instance_subsystems(self): rv = 0 try: @@ -2048,10 +1988,6 @@ class Password: with open(path, "w") as fd: if pin_sans_token: fd.write(str(pin)) - elif self.mdict['pki_subsystem'] in \ - config.PKI_APACHE_SUBSYSTEMS: - fd.write(self.mdict['pki_self_signed_token'] + - ":" + str(pin)) else: fd.write(self.mdict['pki_self_signed_token'] + "=" + str(pin)) @@ -2062,10 +1998,6 @@ class Password: with open(path, "w") as fd: if pin_sans_token: fd.write(str(pin)) - elif self.mdict['pki_subsystem'] in\ - config.PKI_APACHE_SUBSYSTEMS: - fd.write(self.mdict['pki_self_signed_token'] + - ":" + str(pin)) else: fd.write(self.mdict['pki_self_signed_token'] + "=" + str(pin)) @@ -3316,11 +3248,7 @@ class Systemd(object): if reload_daemon: self.daemon_reload(critical_failure) # Compose this "systemd" execution management command - if self.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS: - service = "pki-apached" + "@" +\ - self.mdict['pki_instance_name'] + "." +\ - "service" - elif self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + if self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: service = "pki-tomcatd" + "@" +\ self.mdict['pki_instance_name'] + "." +\ "service" @@ -3371,11 +3299,7 @@ class Systemd(object): try: service = None # Compose this "systemd" execution management command - if self.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS: - service = "pki-apached" + "@" +\ - self.mdict['pki_instance_name'] + "." +\ - "service" - elif self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + if self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: service = "pki-tomcatd" + "@" +\ self.mdict['pki_instance_name'] + "." +\ "service" @@ -3430,11 +3354,7 @@ class Systemd(object): # Execute the "systemd daemon-reload" management lifecycle command if reload_daemon: self.daemon_reload(critical_failure) - if self.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS: - service = "pki-apached" + "@" +\ - self.mdict['pki_instance_name'] + "." +\ - "service" - elif self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + if self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: service = "pki-tomcatd" + "@" +\ self.mdict['pki_instance_name'] + "." +\ "service" diff --git a/base/server/python/pki/server/deployment/pkimessages.py b/base/server/python/pki/server/deployment/pkimessages.py index 1c21e8689..2b12851cf 100644 --- a/base/server/python/pki/server/deployment/pkimessages.py +++ b/base/server/python/pki/server/deployment/pkimessages.py @@ -137,11 +137,10 @@ PKISPAWN_END_MESSAGE_2 = \ PKISPAWN_EPILOG = """ REMINDER: - If two or more Apache or Tomcat PKI 'instances' are specified via + If two or more Tomcat PKI 'instances' are specified via separate configuration files, remember that the following parameters MUST differ between PKI 'instances': - Apache: 'pki_instance_name', 'pki_http_port', and 'pki_https_port' Tomcat: 'pki_instance_name', 'pki_http_port', 'pki_https_port', 'pki_ajp_port', and 'pki_tomcat_server_port' @@ -151,10 +150,6 @@ REMINDER: # PKI Deployment "Helper" Messages -PKIHELPER_APACHE_INSTANCE_SUBSYSTEMS_2 = \ - "instance '%s' contains '%d' Apache PKI subsystems" -PKIHELPER_APACHE_INSTANCES_2 = \ - "PKI Apache registry '%s' contains '%d' Apache PKI instances" PKIHELPER_APPLY_SLOT_SUBSTITUTION_1 = \ "applying in-place slot substitutions on '%s'" PKIHELPER_CERTUTIL_GENERATE_CSR_1 = "executing '%s'" diff --git a/base/server/python/pki/server/deployment/pkiparser.py b/base/server/python/pki/server/deployment/pkiparser.py index 1f6cbe0b4..049ebf518 100644 --- a/base/server/python/pki/server/deployment/pkiparser.py +++ b/base/server/python/pki/server/deployment/pkiparser.py @@ -182,10 +182,6 @@ class PKIConfigParser: default_instance_name = 'pki-tomcat' default_http_port = '8080' default_https_port = '8443' - else: - default_instance_name = 'pki-apache' - default_http_port = '80' - default_https_port = '443' application_version = str(pki.upgrade.Version( pki.implementation_version())) @@ -386,9 +382,6 @@ class PKIConfigParser: if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS: if self.pki_config.has_section('Tomcat'): web_server_dict = dict(self.pki_config.items('Tomcat')) - else: - if self.pki_config.has_section('Apache'): - web_server_dict = dict(self.pki_config.items('Apache')) if web_server_dict: web_server_dict[0] = None @@ -750,37 +743,7 @@ class PKIConfigParser: self.mdict['PKI_REGISTRY_FILE_SLOT'] = \ os.path.join(self.mdict['pki_subsystem_registry_path'], self.mdict['pki_instance_name']) - if self.mdict['pki_subsystem'] in\ - config.PKI_APACHE_SUBSYSTEMS: - self.mdict['FORTITUDE_APACHE_SLOT'] = None - self.mdict['FORTITUDE_AUTH_MODULES_SLOT'] = None - self.mdict['FORTITUDE_DIR_SLOT'] = None - self.mdict['FORTITUDE_LIB_DIR_SLOT'] = None - self.mdict['FORTITUDE_MODULE_SLOT'] = None - self.mdict['FORTITUDE_NSS_MODULES_SLOT'] = None - self.mdict['HTTPD_CONF_SLOT'] = None - self.mdict['LIB_PREFIX_SLOT'] = None - self.mdict['NON_CLIENTAUTH_SECURE_PORT_SLOT'] = None - self.mdict['NSS_CONF_SLOT'] = None - self.mdict['OBJ_EXT_SLOT'] = None - self.mdict['PKI_LOCKDIR_SLOT'] = \ - os.path.join("/var/lock/pki", - "apache") - self.mdict['PKI_PIDDIR_SLOT'] = \ - os.path.join("/var/run/pki", - "apache") - self.mdict['PKI_WEB_SERVER_TYPE_SLOT'] = "apache" - self.mdict['PORT_SLOT'] = None - self.mdict['PROCESS_ID_SLOT'] = None - self.mdict['REQUIRE_CFG_PL_SLOT'] = None - self.mdict['SECURE_PORT_SLOT'] = None - self.mdict['SECURITY_LIBRARIES_SLOT'] = None - self.mdict['PKI_HOSTNAME_SLOT'] = None - self.mdict['SERVER_ROOT_SLOT'] = None - self.mdict['SYSTEM_LIBRARIES_SLOT'] = None - self.mdict['SYSTEM_USER_LIBRARIES_SLOT'] = None - self.mdict['TMP_DIR_SLOT'] = None - elif self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + if self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: self.mdict['INSTALL_TIME_SLOT'] = \ self.mdict['pki_install_time'] self.mdict['PKI_ADMIN_SECURE_PORT_SLOT'] = \ @@ -1006,7 +969,7 @@ class PKIConfigParser: if self.mdict['pki_subsystem'] == "CA": self.mdict['PKI_ENABLE_RANDOM_SERIAL_NUMBERS'] = \ self.mdict['pki_random_serial_numbers_enable'].lower() - # Shared Apache/Tomcat NSS security database name/value pairs + # Tomcat NSS security database name/value pairs self.mdict['pki_shared_pfile'] = \ os.path.join( self.mdict['pki_instance_configuration_path'], @@ -1041,7 +1004,7 @@ class PKIConfigParser: self.mdict['pki_subsystem_configuration_path'], "noise") self.mdict['pki_self_signed_noise_bytes'] = 1024 - # Shared Apache/Tomcat NSS security database convenience + # Tomcat NSS security database convenience # symbolic links self.mdict['pki_subsystem_configuration_password_conf_link'] = \ os.path.join( @@ -1058,7 +1021,6 @@ class PKIConfigParser: # 'Subsystem Name' Configuration name/value pairs # 'Token' Configuration name/value pairs # - # Apache - [RA] # Tomcat - [CA], [KRA], [OCSP], [TKS], [TPS] # - [CA Clone], [KRA Clone], [OCSP Clone], [TKS Clone], # [TPS Clone] @@ -1148,7 +1110,6 @@ class PKIConfigParser: # 'Backup' Configuration name/value pairs # - # Apache - [RA] # Tomcat - [CA], [KRA], [OCSP], [TKS], [TPS] # - [External CA] # - [Subordinate CA] @@ -1210,14 +1171,7 @@ class PKIConfigParser: "spawn" + "_" + "manifest" + "." + \ self.mdict['pki_timestamp'] # Compose this "systemd" execution management command - if self.mdict['pki_subsystem'] in\ - config.PKI_APACHE_SUBSYSTEMS: - self.mdict['pki_registry_initscript_command'] = \ - "systemctl" + " " + \ - "restart" + " " + \ - "pki-apached" + "@" + \ - self.mdict['pki_instance_name'] + "." + "service" - elif self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + if self.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: self.mdict['pki_registry_initscript_command'] = \ "systemctl" + " " + \ "restart" + " " + \ @@ -1249,9 +1203,7 @@ class PKIConfigParser: parser.optionxform = str parser.read(config.PKI_DEPLOYMENT_SLOTS_CONFIGURATION_FILE) # Slots configuration file name/value pairs - if config.pki_subsystem in config.PKI_APACHE_SUBSYSTEMS: - self.slots_dict = dict(parser.items('Apache')) - elif config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS: + if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS: self.slots_dict = dict(parser.items('Tomcat')) except ConfigParser.ParsingError, err: rv = err diff --git a/base/server/python/pki/server/deployment/scriptlets/configuration.py b/base/server/python/pki/server/deployment/scriptlets/configuration.py index 78ec9ba80..464473625 100644 --- a/base/server/python/pki/server/deployment/scriptlets/configuration.py +++ b/base/server/python/pki/server/deployment/scriptlets/configuration.py @@ -80,15 +80,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.mdict['pki_client_secmod_database'], password_file=deployer.mdict['pki_client_password_conf']) - # Start/Restart this Apache/Tomcat PKI Process - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS: - apache_instance_subsystems = \ - deployer.instance.apache_instance_subsystems() - if apache_instance_subsystems == 1: - deployer.systemd.start() - elif apache_instance_subsystems > 1: - deployer.systemd.restart() - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: + # Start/Restart this Tomcat PKI Process + if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: # Optionally prepare to enable a java debugger # (e. g. - 'eclipse'): if config.str2bool(deployer.mdict['pki_enable_java_debugger']): @@ -115,14 +108,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # Construct PKI Subsystem Configuration Data data = None - if deployer.mdict['pki_instance_type'] == "Apache": - if deployer.mdict['pki_subsystem'] == "RA": - config.pki_log.info( - log.PKI_CONFIG_NOT_YET_IMPLEMENTED_1, - deployer.mdict['pki_subsystem'], - extra=config.PKI_INDENTATION_LEVEL_2) - return self.rv - elif deployer.mdict['pki_instance_type'] == "Tomcat": + if deployer.mdict['pki_instance_type'] == "Tomcat": # CA, KRA, OCSP, TKS, or TPS data = deployer.config_client.construct_pki_configuration_data() @@ -136,12 +122,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): config.pki_log.info(log.CONFIGURATION_DESTROY_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ - deployer.instance.apache_instance_subsystems() == 1: - if deployer.directory.exists(deployer.mdict['pki_client_dir']): - deployer.directory.delete(deployer.mdict['pki_client_dir']) - deployer.symlink.delete(deployer.mdict['pki_systemd_service_link']) - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ and len(deployer.instance.tomcat_instance_subsystems()) == 1: if deployer.directory.exists(deployer.mdict['pki_client_dir']): deployer.directory.delete(deployer.mdict['pki_client_dir']) diff --git a/base/server/python/pki/server/deployment/scriptlets/finalization.py b/base/server/python/pki/server/deployment/scriptlets/finalization.py index c545642da..7d38a5228 100644 --- a/base/server/python/pki/server/deployment/scriptlets/finalization.py +++ b/base/server/python/pki/server/deployment/scriptlets/finalization.py @@ -84,11 +84,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): config.pki_log.info(log.FINALIZATION_DESTROY_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) deployer.file.modify(deployer.mdict['pki_destroy_log'], silent=True) - # Start this Apache/Tomcat PKI Process - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ - deployer.instance.apache_instance_subsystems() >= 1: - deployer.systemd.start() - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + # Start this Tomcat PKI Process + if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ and len(deployer.instance.tomcat_instance_subsystems()) >= 1: deployer.systemd.start() config.pki_log.info(log.PKIDESTROY_END_MESSAGE_2, diff --git a/base/server/python/pki/server/deployment/scriptlets/initialization.py b/base/server/python/pki/server/deployment/scriptlets/initialization.py index a555a8938..632e21d8e 100644 --- a/base/server/python/pki/server/deployment/scriptlets/initialization.py +++ b/base/server/python/pki/server/deployment/scriptlets/initialization.py @@ -113,6 +113,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # tightly-coupled shared instance. # deployer.security_domain.deregister(token) - # ALWAYS Stop this Apache/Tomcat PKI Process + # ALWAYS Stop this Tomcat PKI Process deployer.systemd.stop() return self.rv diff --git a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py index b5ec19e3a..9cdecb4f2 100644 --- a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py +++ b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py @@ -288,25 +288,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): if deployer.mdict['pki_subsystem'] == 'TKS': deployer.symlink.delete(deployer.mdict['pki_symkey_jar_link']) - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ - deployer.instance.apache_instance_subsystems() == 0: - # remove Apache instance base - deployer.directory.delete(deployer.mdict['pki_instance_path']) - # remove Apache instance logs - # remove shared NSS security database path for this instance - deployer.directory.delete(deployer.mdict['pki_database_path']) - # remove Apache instance configuration - deployer.directory.delete( - deployer.mdict['pki_instance_configuration_path']) - # remove Apache instance registry - deployer.directory.delete( - deployer.mdict['pki_instance_registry_path']) - # remove Apache PKI registry (if empty) - if deployer.instance.apache_instances() == 0: - deployer.directory.delete( - deployer.mdict['pki_instance_type_registry_path']) - - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ and len(deployer.instance.tomcat_instance_subsystems()) == 0: # remove Tomcat instance base deployer.directory.delete(deployer.mdict['pki_instance_path']) diff --git a/base/server/python/pki/server/deployment/scriptlets/security_databases.py b/base/server/python/pki/server/deployment/scriptlets/security_databases.py index dc175cd6c..8adb3c4e3 100644 --- a/base/server/python/pki/server/deployment/scriptlets/security_databases.py +++ b/base/server/python/pki/server/deployment/scriptlets/security_databases.py @@ -103,13 +103,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): config.pki_log.info(log.SECURITY_DATABASES_DESTROY_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS \ - and deployer.instance.apache_instance_subsystems() == 0: - deployer.file.delete(deployer.mdict['pki_cert_database']) - deployer.file.delete(deployer.mdict['pki_key_database']) - deployer.file.delete(deployer.mdict['pki_secmod_database']) - deployer.file.delete(deployer.mdict['pki_shared_password_conf']) - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ and len(deployer.instance.tomcat_instance_subsystems()) == 0: deployer.file.delete(deployer.mdict['pki_cert_database']) deployer.file.delete(deployer.mdict['pki_key_database']) diff --git a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py index daf41423f..dce5648a0 100644 --- a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py +++ b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py @@ -69,9 +69,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # add SELinux contexts when adding the first subsystem if deployer.mdict['pki_subsystem'] in \ - config.PKI_APACHE_SUBSYSTEMS and \ - deployer.instance.apache_instance_subsystems() == 1 \ - or deployer.mdict['pki_subsystem'] in \ config.PKI_TOMCAT_SUBSYSTEMS and \ len(deployer.instance.tomcat_instance_subsystems()) == 1: @@ -167,9 +164,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): try: # remove SELinux contexts when removing the last subsystem if (deployer.mdict['pki_subsystem'] in - config.PKI_APACHE_SUBSYSTEMS and - deployer.instance.apache_instance_subsystems() == 0 or - deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and len(deployer.instance.tomcat_instance_subsystems()) == 0): diff --git a/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py b/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py index 432fba9ca..324accad0 100644 --- a/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py +++ b/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py @@ -51,7 +51,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # deployer.directory.copy( # deployer.mdict['pki_source_conf_path'], # deployer.mdict['pki_subsystem_configuration_path']) - # establish instance-based Apache/Tomcat specific subsystems + # establish instance-based Tomcat specific subsystems if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: # establish instance-based Tomcat PKI subsystem base if deployer.mdict['pki_subsystem'] == "CA": |