diff options
author | Ade Lee <alee@redhat.com> | 2014-06-09 22:34:57 +0700 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2014-06-10 20:55:28 +0700 |
commit | a4fca6b7265924f0b656a1851970612a1c56e8c4 (patch) | |
tree | f34d3ea2d728c0f4f51d2f976fb40ba3ea8b54dc /base/server | |
parent | f603869e1e9964617fc36c82d19a3105c59a2495 (diff) | |
download | pki-a4fca6b7265924f0b656a1851970612a1c56e8c4.tar.gz pki-a4fca6b7265924f0b656a1851970612a1c56e8c4.tar.xz pki-a4fca6b7265924f0b656a1851970612a1c56e8c4.zip |
More formatting changes
Improve the layout of strings in pkimessages and fix
a couple more PEP 8 issues.
Diffstat (limited to 'base/server')
-rw-r--r-- | base/server/python/pki/server/deployment/pkihelper.py | 13 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/pkimessages.py | 358 | ||||
-rw-r--r-- | base/server/python/pki/server/deployment/scriptlets/selinux_setup.py | 13 | ||||
-rwxr-xr-x | base/server/sbin/pkispawn | 9 |
4 files changed, 203 insertions, 190 deletions
diff --git a/base/server/python/pki/server/deployment/pkihelper.py b/base/server/python/pki/server/deployment/pkihelper.py index 713e7a381..6e230ba1a 100644 --- a/base/server/python/pki/server/deployment/pkihelper.py +++ b/base/server/python/pki/server/deployment/pkihelper.py @@ -485,7 +485,7 @@ class ConfigurationFile: print log.PKI_CONFIGURATION_URL_1 % self.mdict['pki_configuration_url'] print print log.PKI_CONFIGURATION_RESTART_1 % \ - self.mdict['pki_registry_initscript_command'] + self.mdict['pki_registry_initscript_command'] print def confirm_external(self): @@ -921,8 +921,8 @@ class Instance: instance)) and not\ os.path.islink( os.path.join( - self.mdict['pki_instance_type_registry_path'], - instance)): + self.mdict['pki_instance_type_registry_path'], + instance)): rv += 1 config.pki_log.debug(log.PKIHELPER_APACHE_INSTANCES_2, self.mdict['pki_instance_type_registry_path'], @@ -984,8 +984,8 @@ class Instance: # shouldn't be any stray files or symbolic links at this level, # simply count the number of PKI 'tomcat' instances (directories) # present within the PKI 'tomcat' registry directory - for instance in\ - os.listdir(self.mdict['pki_instance_type_registry_path']): + for instance in os.listdir( + self.mdict['pki_instance_type_registry_path']): if os.path.isdir( os.path.join( self.mdict['pki_instance_type_registry_path'], @@ -1052,8 +1052,7 @@ class Instance: try: client = pki.system.SystemStatusClient(connection) response = client.get_status() - config.pki_log.debug(response, - extra=config.PKI_INDENTATION_LEVEL_3) + config.pki_log.debug(response, extra=config.PKI_INDENTATION_LEVEL_3) root = ET.fromstring(response) status = root.findtext("Status") diff --git a/base/server/python/pki/server/deployment/pkimessages.py b/base/server/python/pki/server/deployment/pkimessages.py index 2e518d8df..6ffe2e72c 100644 --- a/base/server/python/pki/server/deployment/pkimessages.py +++ b/base/server/python/pki/server/deployment/pkimessages.py @@ -20,85 +20,91 @@ # # PKI Deployment Engine Messages -PKI_DICTIONARY_DEFAULT = "\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI DEFAULT DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_MASTER = "\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI MASTER DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_SLOTS = "\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI SLOTS DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_SUBSYSTEM = "\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI SUBSYSTEM DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_WEB_SERVER = "\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI WEB SERVER DICTIONARY\n"\ -"=====================================================" +PKI_DICTIONARY_DEFAULT = ''' +===================================================== + DISPLAY CONTENTS OF PKI DEFAULT DICTIONARY +===================================================== +''' +PKI_DICTIONARY_MASTER = ''' +===================================================== + DISPLAY CONTENTS OF PKI MASTER DICTIONARY +===================================================== +''' +PKI_DICTIONARY_SLOTS = ''' +===================================================== + DISPLAY CONTENTS OF PKI SLOTS DICTIONARY +===================================================== +''' +PKI_DICTIONARY_SUBSYSTEM = ''' +===================================================== + DISPLAY CONTENTS OF PKI SUBSYSTEM DICTIONARY +===================================================== +''' +PKI_DICTIONARY_WEB_SERVER = ''' +===================================================== + DISPLAY CONTENTS OF PKI WEB SERVER DICTIONARY +===================================================== +''' # NEVER print out 'sensitive' data dictionary!!! # PKI Deployment Log Messages -PKI_VERBOSITY = \ -"VERBOSITY FLAGS CONSOLE MESSAGE LEVEL LOG MESSAGE LEVEL\n"\ -"=======================================================================\n"\ -" NONE error|warning error|warning|info|debug\n"\ -" -v error|warning|info error|warning|info|debug\n"\ -" -vv error|warning|info|debug error|warning|info|debug\n"\ -" " +PKI_VERBOSITY = ''' +VERBOSITY FLAGS CONSOLE MESSAGE LEVEL LOG MESSAGE LEVEL +======================================================================= + NONE error|warning error|warning|info|debug + -v error|warning|info error|warning|info|debug + -vv error|warning|info|debug error|warning|info|debug + +''' # PKI Deployment Error Messages PKI_BADZIPFILE_ERROR_1 = "zipfile.BadZipFile: %s!" -PKI_CONFIGURATION_RESTART_1 = " After configuration, the server can be "\ - "operated by the command:\n %s" -PKI_CONFIGURATION_STANDALONE_1 = " Please obtain the necessary "\ - "certificates for this stand-alone %s,\n"\ - " and re-run the configuration for "\ - "step two." +PKI_CONFIGURATION_RESTART_1 = ''' + After configuration, the server can be operated by the command: + %s +''' +PKI_CONFIGURATION_STANDALONE_1 = ''' + Please obtain the necessary certificates for this stand-alone %s, + and re-run the configuration for step two. +''' PKI_CONFIGURATION_URL_1 = \ " Please start the configuration by accessing:\n %s" -PKI_CONFIGURATION_WIZARD_RESTART_1 = "After configuration, the server can be "\ - "operated by the command:\n%s" +PKI_CONFIGURATION_WIZARD_RESTART_1 = \ + "After configuration, the server can be operated by the command:\n%s" PKI_CONFIGURATION_WIZARD_URL_1 = "Configuration Wizard listening on\n%s" PKI_DIRECTORY_ALREADY_EXISTS_1 = "Directory '%s' already exists!" -PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1 = "Directory '%s' already "\ - "exists BUT it is NOT a "\ - "directory!" -PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 = "Directory '%s' is either "\ - "missing or is NOT a directory!" -PKI_DNS_DOMAIN_NOT_SET = "A valid DNS domain name MUST be established "\ - "to use PKI services!" +PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1 = \ + "Directory '%s' already exists BUT it is NOT a directory!" +PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 = \ + "Directory '%s' is either missing or is NOT a directory!" +PKI_DNS_DOMAIN_NOT_SET = \ + "A valid DNS domain name MUST be established to use PKI services!" PKI_FILE_ALREADY_EXISTS_1 = "File '%s' already exists!" -PKI_FILE_ALREADY_EXISTS_NOT_A_FILE_1 = "File '%s' already "\ - "exists BUT it is NOT a "\ - "file!" -PKI_FILE_MISSING_OR_NOT_A_FILE_1 = "File '%s' is either missing "\ - "or is NOT a regular file!" +PKI_FILE_ALREADY_EXISTS_NOT_A_FILE_1 = \ + "File '%s' already exists BUT it is NOT a file!" +PKI_FILE_MISSING_OR_NOT_A_FILE_1 = \ + "File '%s' is either missing or is NOT a regular file!" PKI_FILE_NOT_A_WAR_FILE_1 = "File '%s' is NOT a war file!" PKI_INSTANCE_DOES_NOT_EXIST_1 = "PKI instance '%s' does NOT exist!" -PKI_SECURITY_DATABASES_ALREADY_EXIST_3 = "Security databases '%s', '%s', "\ - "and/or '%s' already exist!" -PKI_SECURITY_DATABASES_DO_NOT_EXIST_3 = "Security databases '%s', '%s', "\ - "and/or '%s' do NOT exist!" +PKI_SECURITY_DATABASES_ALREADY_EXIST_3 = \ + "Security databases '%s', '%s', and/or '%s' already exist!" +PKI_SECURITY_DATABASES_DO_NOT_EXIST_3 = \ + "Security databases '%s', '%s', and/or '%s' do NOT exist!" PKI_SUBSYSTEM_NOT_INSTALLED_1 = "Package pki-%s is NOT installed!" -PKI_SUBSYSTEM_ALREADY_EXISTS_2 = "PKI subsystem '%s' for instance '%s' "\ - "already exists!" -PKI_SUBSYSTEM_DOES_NOT_EXIST_2 = "PKI subsystem '%s' for instance '%s' "\ - "does NOT exist!" -PKI_EXTERNAL_UNSUPPORTED_1 = "PKI '%s' subsystems do NOT support "\ - "the 'pki_external' parameter!" -PKI_EXTERNAL_STEP_TWO_UNSUPPORTED_1 = "PKI '%s' subsystems do NOT support "\ - "the 'pki_external_step_two' parameter!" -PKI_STANDALONE_UNSUPPORTED_1 = "PKI '%s' subsystems do NOT support "\ - "the 'pki_standalone' parameter!" -PKI_SUBORDINATE_UNSUPPORTED_1 = "PKI '%s' subsystems do NOT support "\ - "the 'pki_subordinate' parameter!" +PKI_SUBSYSTEM_ALREADY_EXISTS_2 = \ + "PKI subsystem '%s' for instance '%s' already exists!" +PKI_SUBSYSTEM_DOES_NOT_EXIST_2 = \ + "PKI subsystem '%s' for instance '%s' does NOT exist!" +PKI_EXTERNAL_UNSUPPORTED_1 = \ + "PKI '%s' subsystems do NOT support the 'pki_external' parameter!" +PKI_EXTERNAL_STEP_TWO_UNSUPPORTED_1 = \ + "PKI '%s' subsystems do NOT support the 'pki_external_step_two' parameter!" +PKI_STANDALONE_UNSUPPORTED_1 = \ + "PKI '%s' subsystems do NOT support the 'pki_standalone' parameter!" +PKI_SUBORDINATE_UNSUPPORTED_1 = \ + "PKI '%s' subsystems do NOT support the 'pki_subordinate' parameter!" PKI_IOERROR_1 = "IOError: %s!" PKI_KEYERROR_1 = "KeyError: %s!" @@ -108,95 +114,97 @@ PKI_OSERROR_1 = "OSError: %s!" PKI_SHUTIL_ERROR_1 = "shutil.Error: %s!" PKI_SUBPROCESS_ERROR_1 = "subprocess.CalledProcessError: %s!" PKI_SYMLINK_ALREADY_EXISTS_1 = "Symlink '%s' already exists!" -PKI_SYMLINK_ALREADY_EXISTS_NOT_A_SYMLINK_1 = "Symlink '%s' already "\ - "exists BUT it is NOT a "\ - "symlink!" -PKI_SYMLINK_MISSING_OR_NOT_A_SYMLINK_1 = "Symlink '%s' is either missing "\ - "or is NOT a symbolic link!" +PKI_SYMLINK_ALREADY_EXISTS_NOT_A_SYMLINK_1 = \ + "Symlink '%s' already exists BUT it is NOT a symlink!" +PKI_SYMLINK_MISSING_OR_NOT_A_SYMLINK_1 = \ + "Symlink '%s' is either missing or is NOT a symbolic link!" PKI_UNABLE_TO_PARSE_1 = "'Could not parse: '%s'" PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 = "Could not create log directory '%s'!" # PKI Deployment 'pkispawn' and 'pkidestroy' Messages -PKIDESTROY_BEGIN_MESSAGE_2 = "BEGIN destroying subsystem '%s' of "\ - "instance '%s' . . ." -PKIDESTROY_END_MESSAGE_2 = "END destroying subsystem '%s' of "\ - "instance '%s'" -PKIDESTROY_EPILOG = \ -"REMINDER:\n\n"\ -" The default PKI instance path will be calculated and placed in front\n"\ -" of the mandatory '-i <instance>' parameter, and the values that reside\n"\ -" in deployment configuration file that was most recently used\n"\ -" by this instance's 'pkispawn' (or 'pkispawn -u') command will be\n"\ -" utilized by 'pkidestroy' to remove this instance.\n\n"\ -" Finally, if an optional '-p <prefix>' is defined, this value WILL be\n"\ -" prepended to the default PKI instance path which is placed in front\n"\ -" of the specified '-i <instance>' parameter.\n\n" + \ -PKI_VERBOSITY -PKISPAWN_BEGIN_MESSAGE_2 = "BEGIN spawning subsystem '%s' of "\ - "instance '%s' . . ." -PKISPAWN_END_MESSAGE_2 = "END spawning subsystem '%s' of "\ - "instance '%s'" -PKISPAWN_EPILOG = \ -"REMINDER:\n\n"\ -" If two or more Apache or Tomcat PKI 'instances' are specified via\n"\ -" separate configuration files, remember that the following parameters\n"\ -" MUST differ between PKI 'instances':\n\n"\ -" Apache: 'pki_instance_name', 'pki_http_port', and 'pki_https_port'\n"\ -" Tomcat: 'pki_instance_name', 'pki_http_port', 'pki_https_port',\n"\ -" 'pki_ajp_port', and 'pki_tomcat_server_port'\n\n"\ -" Finally, if an optional '-p <prefix>' is defined, this value WILL NOT\n"\ -" be prepended in front of the mandatory '-f <configuration_file>'.\n\n" + \ -PKI_VERBOSITY +PKIDESTROY_BEGIN_MESSAGE_2 = \ + "BEGIN destroying subsystem '%s' of instance '%s' . . ." +PKIDESTROY_END_MESSAGE_2 = "END destroying subsystem '%s' of instance '%s'" +PKIDESTROY_EPILOG = ''' +REMINDER: + + The default PKI instance path will be calculated and placed in front + of the mandatory '-i <instance>' parameter, and the values that reside + in deployment configuration file that was most recently used + by this instance's 'pkispawn' (or 'pkispawn -u') command will be + utilized by 'pkidestroy' to remove this instance. + + Finally, if an optional '-p <prefix>' is defined, this value WILL be + prepended to the default PKI instance path which is placed in front + of the specified '-i <instance>' parameter. +''' + PKI_VERBOSITY +PKISPAWN_BEGIN_MESSAGE_2 = \ + "BEGIN spawning subsystem '%s' of instance '%s' . . ." +PKISPAWN_END_MESSAGE_2 = \ + "END spawning subsystem '%s' of instance '%s'" +PKISPAWN_EPILOG = """ +REMINDER: + + If two or more Apache or Tomcat PKI 'instances' are specified via + separate configuration files, remember that the following parameters + MUST differ between PKI 'instances': + + Apache: 'pki_instance_name', 'pki_http_port', and 'pki_https_port' + Tomcat: 'pki_instance_name', 'pki_http_port', 'pki_https_port', + 'pki_ajp_port', and 'pki_tomcat_server_port' + + Finally, if an optional '-p <prefix>' is defined, this value WILL NOT + be prepended in front of the mandatory '-f <configuration_file>'. +""" + PKI_VERBOSITY # PKI Deployment "Helper" Messages -PKIHELPER_APACHE_INSTANCE_SUBSYSTEMS_2 = "instance '%s' contains '%d' "\ - "Apache PKI subsystems" -PKIHELPER_APACHE_INSTANCES_2 = "PKI Apache registry '%s' contains '%d' "\ - "Apache PKI instances" -PKIHELPER_APPLY_SLOT_SUBSTITUTION_1 = "applying in-place "\ - "slot substitutions on '%s'" +PKIHELPER_APACHE_INSTANCE_SUBSYSTEMS_2 = \ + "instance '%s' contains '%d' Apache PKI subsystems" +PKIHELPER_APACHE_INSTANCES_2 = \ + "PKI Apache registry '%s' contains '%d' Apache PKI instances" +PKIHELPER_APPLY_SLOT_SUBSTITUTION_1 = \ + "applying in-place slot substitutions on '%s'" PKIHELPER_CERTUTIL_GENERATE_CSR_1 = "executing '%s'" -PKIHELPER_CERTUTIL_MISSING_INPUT_FILE = "certutil: Missing "\ - "'-i input-file' option!" -PKIHELPER_CERTUTIL_MISSING_ISSUER_NAME = "certutil: Missing "\ - "'-c issuer-name' option!" -PKIHELPER_CERTUTIL_MISSING_NICKNAME = "certutil: Missing "\ - "'-n nickname' option!" -PKIHELPER_CERTUTIL_MISSING_NOISE_FILE = "certutil: Missing "\ - "'-z noise-file' option!" -PKIHELPER_CERTUTIL_MISSING_PASSWORD_FILE = "certutil: Missing "\ - "'-f password-file' option!" +PKIHELPER_CERTUTIL_MISSING_INPUT_FILE = \ + "certutil: Missing '-i input-file' option!" +PKIHELPER_CERTUTIL_MISSING_ISSUER_NAME = \ + "certutil: Missing '-c issuer-name' option!" +PKIHELPER_CERTUTIL_MISSING_NICKNAME = \ + "certutil: Missing '-n nickname' option!" +PKIHELPER_CERTUTIL_MISSING_NOISE_FILE = \ + "certutil: Missing '-z noise-file' option!" +PKIHELPER_CERTUTIL_MISSING_PASSWORD_FILE = \ + "certutil: Missing '-f password-file' option!" PKIHELPER_CERTUTIL_MISSING_PATH = "certutil: Missing '-d path' option!" -PKIHELPER_CERTUTIL_MISSING_SERIAL_NUMBER = "certutil: Missing "\ - "'-m serial-number' option!" +PKIHELPER_CERTUTIL_MISSING_SERIAL_NUMBER = \ + "certutil: Missing '-m serial-number' option!" PKIHELPER_CERTUTIL_MISSING_SUBJECT = "certutil: Missing '-s subject' option!" PKIHELPER_CERTUTIL_MISSING_TOKEN = "certutil: Missing '-h token' option!" -PKIHELPER_CERTUTIL_MISSING_TRUSTARGS = "certutil: Missing "\ - "'-t trustargs' option!" -PKIHELPER_CERTUTIL_MISSING_VALIDITY_PERIOD = "certutil: Missing "\ - "'-v months-valid' option!" +PKIHELPER_CERTUTIL_MISSING_TRUSTARGS = \ + "certutil: Missing '-t trustargs' option!" +PKIHELPER_CERTUTIL_MISSING_VALIDITY_PERIOD = \ + "certutil: Missing '-v months-valid' option!" PKIHELPER_CERTUTIL_SELF_SIGNED_CERTIFICATE_1 = "executing '%s'" PKIHELPER_CHMOD_2 = "chmod %o %s" PKIHELPER_CHOWN_3 = "chown %s:%s %s" PKIHELPER_CHOWN_H_3 = "chown -h %s:%s %s" -PKIHELPER_COMMAND_LINE_PARAMETER_MISMATCH_2 = "the command-line parameter "\ - "'%s' DOES NOT match the "\ - "configuration file value '%s'!" -PKIHELPER_COPY_WITH_SLOT_SUBSTITUTION_2 = "copying '%s' --> '%s' "\ - "with slot substitution" +PKIHELPER_COMMAND_LINE_PARAMETER_MISMATCH_2 = \ + "the command-line parameter '%s' DOES NOT match the "\ + "configuration file value '%s'!" +PKIHELPER_COPY_WITH_SLOT_SUBSTITUTION_2 = \ + "copying '%s' --> '%s' with slot substitution" PKIHELPER_CP_P_2 = "cp -p %s %s" PKIHELPER_CP_RP_2 = "cp -rp %s %s" PKIHELPER_CREATE_SECURITY_DATABASES_1 = "executing '%s'" PKIHELPER_DANGLING_SYMLINK_2 = "Dangling symlink '%s'-->'%s'" -PKIHELPER_DICTIONARY_MASTER_MISSING_KEY_1 = "KeyError: Master dictionary "\ - "is missing the key called '%s'!" -PKIHELPER_DICTIONARY_INTERPOLATION_1 = "Deployment file could not be parsed "\ - "correctly. This might be because of "\ - "unescaped '%%' characters. You must "\ - "escape '%%' characters in deployment "\ - "files (example - 'setting=foo%%%%bar')." +PKIHELPER_DICTIONARY_MASTER_MISSING_KEY_1 = \ + "KeyError: Master dictionary is missing the key called '%s'!" +PKIHELPER_DICTIONARY_INTERPOLATION_1 = \ + "Deployment file could not be parsed correctly. This might be because of "\ + "unescaped '%%' characters. You must escape '%%' characters in deployment"\ + " files (example - 'setting=foo%%%%bar')." PKIHELPER_DICTIONARY_INTERPOLATION_2 = "Interpolation error (%s)" PKIHELPER_DIRECTORY_IS_EMPTY_1 = "directory '%s' is empty" PKIHELPER_DIRECTORY_IS_NOT_EMPTY_1 = "directory '%s' is NOT empty" @@ -206,8 +214,8 @@ PKIHELPER_GROUP_ADD_2 = "adding GID '%s' for group '%s' . . ." PKIHELPER_GROUP_ADD_DEFAULT_2 = "adding default GID '%s' for group '%s' . . ." PKIHELPER_GROUP_ADD_GID_KEYERROR_1 = "KeyError: pki_gid %s" PKIHELPER_GROUP_ADD_KEYERROR_1 = "KeyError: pki_group %s" -PKIHELPER_INVALID_SELINUX_CONTEXT_FOR_PORT = "port %s has invalid selinux "\ - "context %s" +PKIHELPER_INVALID_SELINUX_CONTEXT_FOR_PORT = \ + "port %s has invalid selinux context %s" PKIHELPER_IS_A_DIRECTORY_1 = "'%s' is a directory" PKIHELPER_IS_A_FILE_1 = "'%s' is a file" PKIHELPER_IS_A_SYMLINK_1 = "'%s' is a symlink" @@ -215,34 +223,30 @@ PKIHELPER_JAR_XF_C_2 = "jar -xf %s -C %s" PKIHELPER_KRACONNECTOR_UPDATE_CONTACT = \ "contacting the CA to update the KRA connector" PKIHELPER_KRACONNECTOR_UPDATE_FAILURE = "Failed to update KRA connector on CA" -PKIHELPER_KRACONNECTOR_UPDATE_FAILURE_2 = "Failed to update KRA connector for %s:%s" +PKIHELPER_KRACONNECTOR_UPDATE_FAILURE_2 = \ + "Failed to update KRA connector for %s:%s" PKIHELPER_LINK_S_2 = "ln -s %s %s" PKIHELPER_MKDIR_1 = "mkdir -p %s" PKIHELPER_MODIFY_DIR_1 = "modifying '%s'" PKIHELPER_MODIFY_FILE_1 = "modifying '%s'" PKIHELPER_MODIFY_SYMLINK_1 = "modifying '%s'" -PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_EXTERNAL_CA = "cloned CAs and external "\ - "CAs MUST be MUTUALLY "\ - "EXCLUSIVE in '%s'" -PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_EXTERNAL_SUB_CA = "cloned CAs, external "\ - "CAs, and subordinate CAs"\ - "MUST ALL be MUTUALLY "\ - "EXCLUSIVE in '%s'" -PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_STANDALONE_PKI = "cloned PKIs and "\ - "stand-alone PKIs MUST be "\ - "MUTUALLY EXCLUSIVE in '%s'" -PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_SUB_CA = "cloned CAs and subordinate "\ - "CAs MUST be MUTUALLY "\ - "EXCLUSIVE in '%s'" -PKIHELPER_MUTUALLY_EXCLUSIVE_EXTERNAL_SUB_CA = "external CAs and subordinate "\ - "CAs MUST be MUTUALLY "\ - "EXCLUSIVE in '%s'" -PKIHELPER_NAMESPACE_COLLISION_2 = "PKI instance '%s' would produce a "\ - "namespace collision with '%s'!" -PKIHELPER_NAMESPACE_RESERVED_NAME_2 = "PKI instance '%s' is already a "\ - "reserved name under '%s'!" -PKIHELPER_NOISE_FILE_2 = "generating noise file called '%s' and "\ - "filling it with '%d' random bytes" +PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_EXTERNAL_CA = \ + "cloned CAs and external CAs MUST be MUTUALLY EXCLUSIVE in '%s'" +PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_EXTERNAL_SUB_CA = \ + "cloned CAs, external CAs, and subordinate CAs MUST ALL be MUTUALLY "\ + "EXCLUSIVE in '%s'" +PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_STANDALONE_PKI = \ + "cloned PKIs and stand-alone PKIs MUST be MUTUALLY EXCLUSIVE in '%s'" +PKIHELPER_MUTUALLY_EXCLUSIVE_CLONE_SUB_CA = \ + "cloned CAs and subordinate CAs MUST be MUTUALLY EXCLUSIVE in '%s'" +PKIHELPER_MUTUALLY_EXCLUSIVE_EXTERNAL_SUB_CA = \ + "external CAs and subordinate CAs MUST be MUTUALLY EXCLUSIVE in '%s'" +PKIHELPER_NAMESPACE_COLLISION_2 = \ + "PKI instance '%s' would produce a namespace collision with '%s'!" +PKIHELPER_NAMESPACE_RESERVED_NAME_2 = \ + "PKI instance '%s' is already a reserved name under '%s'!" +PKIHELPER_NOISE_FILE_2 = \ + "generating noise file called '%s' and filling it with '%d' random bytes" PKIHELPER_PASSWORD_CONF_1 = "generating '%s'" PKIHELPER_PASSWORD_NOT_FOUND_1 = "no password found for '%s'!" PKIHELPER_PK12UTIL_MISSING_DBPWFILE = \ @@ -283,21 +287,23 @@ PKIHELPER_SECURITY_DOMAIN_UPDATE_SUCCESS_2 = \ PKIHELPER_SELINUX_DISABLED = "Selinux is disabled. Not checking port contexts" PKIHELPER_SET_MODE_1 = "setting ownerships, permissions, and acls on '%s'" PKIHELPER_SLOT_SUBSTITUTION_2 = "slot substitution: '%s' ==> '%s'" -PKIHELPER_SSLGET_OUTPUT_1 = "\n"\ - "Dump of 'sslget' output:\n"\ - "=====================================================\n"\ - "%s\n"\ - "=====================================================" +PKIHELPER_SSLGET_OUTPUT_1 = ''' + Dump of 'sslget' output: + ===================================================== + %s + ===================================================== +''' PKIHELPER_SYSTEMD_COMMAND_1 = "executing '%s'" -PKIHELPER_TOMCAT_INSTANCE_SUBSYSTEMS_2 = "instance '%s' contains '%d' "\ - "Tomcat PKI subsystems" -PKIHELPER_TOMCAT_INSTANCES_2 = "PKI Tomcat registry '%s' contains '%d' "\ - "Tomcat PKI instances" +PKIHELPER_TOMCAT_INSTANCE_SUBSYSTEMS_2 = \ + "instance '%s' contains '%d' Tomcat PKI subsystems" +PKIHELPER_TOMCAT_INSTANCES_2 = \ + "PKI Tomcat registry '%s' contains '%d' Tomcat PKI instances" PKIHELPER_TOUCH_1 = "touch %s" PKIHELPER_TPSCONNECTOR_UPDATE_CONTACT = \ "contacting the TKS to update the TPS connector" PKIHELPER_TPSCONNECTOR_UPDATE_FAILURE = "Failed to update TPS connector on TKS" -PKIHELPER_TPSCONNECTOR_UPDATE_FAILURE_2 = "Failed to update TPS connector for %s:%s" +PKIHELPER_TPSCONNECTOR_UPDATE_FAILURE_2 = \ + "Failed to update TPS connector for %s:%s" PKIHELPER_UID_2 = "UID of '%s' is %s" PKIHELPER_UNDEFINED_CA_HOST_PORT = "CA Host or Port is undefined" PKIHELPER_UNDEFINED_CLIENT_DATABASE_PASSWORD_2 = \ @@ -355,8 +361,10 @@ PKI_CONFIG_JAVA_CONFIGURATION_EXCEPTION = \ PKI_CONFIG_RESPONSE_ADMIN_CERT = "adminCert:" PKI_CONFIG_RESPONSE_STATUS = "status:" PKI_CONFIG_NOT_YET_IMPLEMENTED_1 = " %s NOT YET IMPLEMENTED" -PKI_CHECK_STATUS_MESSAGE = " To check the status of the subsystem: \n"\ - " systemctl status pki-tomcatd@%s.service" +PKI_CHECK_STATUS_MESSAGE = ''' + To check the status of the subsystem: + systemctl status pki-tomcatd@%s.service +''' PKI_ACCESS_URL = " The URL for the subsystem is: \n"\ " https://%s:%s/%s" PKI_INSTANCE_RESTART_MESSAGE = \ @@ -364,11 +372,15 @@ PKI_INSTANCE_RESTART_MESSAGE = \ " systemctl restart pki-tomcatd@%s.service" -PKI_SPAWN_INFORMATION_HEADER = "\n ==========================================================================\n"\ - " INSTALLATION SUMMARY\n"\ - " ==========================================================================\n" +PKI_SPAWN_INFORMATION_HEADER = ''' + ========================================================================== + INSTALLATION SUMMARY\n"\ + ========================================================================== +''' -PKI_SPAWN_INFORMATION_FOOTER = "\n ==========================================================================\n" +PKI_SPAWN_INFORMATION_FOOTER = ''' + ========================================================================== +''' # PKI Deployment "Scriptlet" Messages diff --git a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py index b6f1fd9c3..daf41423f 100644 --- a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py +++ b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py @@ -68,7 +68,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv # add SELinux contexts when adding the first subsystem - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and \ + if deployer.mdict['pki_subsystem'] in \ + config.PKI_APACHE_SUBSYSTEMS and \ deployer.instance.apache_instance_subsystems() == 1 \ or deployer.mdict['pki_subsystem'] in \ config.PKI_TOMCAT_SUBSYSTEMS and \ @@ -165,10 +166,12 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): while True: try: # remove SELinux contexts when removing the last subsystem - if (deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and - deployer.instance.apache_instance_subsystems() == 0 or - deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and - len(deployer.instance.tomcat_instance_subsystems()) == 0): + if (deployer.mdict['pki_subsystem'] in + config.PKI_APACHE_SUBSYSTEMS and + deployer.instance.apache_instance_subsystems() == 0 or + deployer.mdict['pki_subsystem'] in + config.PKI_TOMCAT_SUBSYSTEMS and + len(deployer.instance.tomcat_instance_subsystems()) == 0): trans = seobject.semanageRecords("targeted") trans.start() diff --git a/base/server/sbin/pkispawn b/base/server/sbin/pkispawn index 41f5f5791..2f41afcce 100755 --- a/base/server/sbin/pkispawn +++ b/base/server/sbin/pkispawn @@ -537,7 +537,6 @@ def print_install_information(mdict): print log.PKI_SPAWN_INFORMATION_HEADER if skip_configuration: print log.PKI_CONFIGURATION_URL_1 % mdict['pki_configuration_url'] - print print log.PKI_CONFIGURATION_RESTART_1 % \ mdict['pki_registry_initscript_command'] else: @@ -548,9 +547,10 @@ def print_install_information(mdict): mdict['pki_client_admin_cert_p12'] if not config.str2bool(mdict['pki_client_database_purge']): print - print " Administrator's certificate nickname:\n %s" % mdict['pki_admin_nickname'] - print " Administrator's certificate database:\n %s" % mdict['pki_client_database_dir'] - print + print " Administrator's certificate nickname:\n %s"\ + % mdict['pki_admin_nickname'] + print " Administrator's certificate database:\n %s"\ + % mdict['pki_client_database_dir'] print log.PKI_CHECK_STATUS_MESSAGE % mdict['pki_instance_name'] print log.PKI_INSTANCE_RESTART_MESSAGE % mdict['pki_instance_name'] if (((config.pki_subsystem == "KRA" or @@ -558,7 +558,6 @@ def print_install_information(mdict): config.str2bool(mdict['pki_standalone'])) and not config.str2bool(mdict['pki_external_step_two'])): # Stand-alone PKI KRA/OCSP (External CA Step 1) - print print log.PKI_CONFIGURATION_STANDALONE_1 % config.pki_subsystem else: print log.PKI_ACCESS_URL % (mdict['pki_hostname'], |