diff options
| author | Ade Lee <alee@redhat.com> | 2012-08-13 14:01:02 -0400 |
|---|---|---|
| committer | Ade Lee <alee@redhat.com> | 2012-08-15 15:38:45 -0400 |
| commit | 7a6b89591732f872db38821c00ec3ce89ef57e7a (patch) | |
| tree | 4580ce2c5583ba2ff96b77ebdaa02f3c1287c406 /base/setup | |
| parent | 87b5eaa5b1409bc362867e3849fe16c8f205afa9 (diff) | |
| download | pki-7a6b89591732f872db38821c00ec3ce89ef57e7a.tar.gz pki-7a6b89591732f872db38821c00ec3ce89ef57e7a.tar.xz pki-7a6b89591732f872db38821c00ec3ce89ef57e7a.zip | |
Changes to get TPS and RA running on dogtag 10
Added systemd scripts for RA and TPS. Modified init scripts
and configuration files to use correct directives for httpd 2.4.
TPS and RA subsystems are now installable using pkicreate
Diffstat (limited to 'base/setup')
| -rwxr-xr-x | base/setup/pkicreate | 21 | ||||
| -rwxr-xr-x | base/setup/scripts/pki_apache_initscript | 9 |
2 files changed, 13 insertions, 17 deletions
diff --git a/base/setup/pkicreate b/base/setup/pkicreate index cc4ee703f..e3ee5a0ab 100755 --- a/base/setup/pkicreate +++ b/base/setup/pkicreate @@ -2870,6 +2870,17 @@ sub process_pki_files_and_symlinks "${db_password}\n", $default_file_permissions, $pki_user, $pki_group); + ## Populate systemd links + if ($use_systemd) { + return 0 if !create_symlink( + "${pki_subsystem_systemd_wants_path}/${pki_instance_systemd_service_name}", + "$pki_subsystem_systemd_service_path", + $root_user, $root_group); + + # reload systemd configuration + run_command("/bin/systemctl --system daemon-reload"); + } + ## Populate instances (RA, TPS instances) if ($subsystem_type eq $RA || $subsystem_type eq $TPS) { # create an empty file called "pwcache.conf" for this @@ -2893,16 +2904,6 @@ sub process_pki_files_and_symlinks # to find our tomcat6 configuration file in /etc/sysconfig return 0 if !create_symlink($pki_instance_initscript_path, $tomcat6_initscript_path, $root_user, $root_group); - if ($use_systemd) { - return 0 if !create_symlink( - "${pki_subsystem_systemd_wants_path}/${pki_instance_systemd_service_name}", - "$pki_subsystem_systemd_service_path", - $root_user, $root_group); - - # reload systemd configuration - run_command("/bin/systemctl --system daemon-reload"); - - } return 0 if !create_directory($webinf_lib_instance_path, $default_dir_permissions, $pki_user, $pki_group); diff --git a/base/setup/scripts/pki_apache_initscript b/base/setup/scripts/pki_apache_initscript index e51231065..c50c812a4 100755 --- a/base/setup/scripts/pki_apache_initscript +++ b/base/setup/scripts/pki_apache_initscript @@ -62,11 +62,6 @@ start() fi fi - touch ${pidfile} - chown ${PKI_USER}:${PKI_GROUP} ${pidfile} - chmod 00600 ${pidfile} - [ -x /sbin/restorecon ] && /sbin/restorecon ${pidfile} - # restore context for ncipher hsm [ -x /sbin/restorecon ] && [ -d /dev/nfast ] && /sbin/restorecon -R /dev/nfast @@ -74,13 +69,13 @@ start() rv=$? if [ ${rv} = 0 ] ; then if [ ${ARCHITECTURE} = "i386" ] ; then - LANG=${PKI_HTTPD_LANG} daemon runcon -t ${PKI_SELINUX_TYPE} -- ${httpd} ${PKI_OPTIONS} + LANG=${PKI_HTTPD_LANG} daemon runcon -t ${PKI_SELINUX_TYPE} -r system_r -- ${httpd} ${PKI_OPTIONS} rv=$? # overwrite output from "daemon" echo -n $"Starting ${prog}: " elif [ ${ARCHITECTURE} = "x86_64" ] ; then # NOTE: "daemon" is incompatible with "httpd" on 64-bit architectures - LANG=${PKI_HTTPD_LANG} runcon -t ${PKI_SELINUX_TYPE} -- ${httpd} ${PKI_OPTIONS} + LANG=${PKI_HTTPD_LANG} runcon -t ${PKI_SELINUX_TYPE} -r system_r -- ${httpd} ${PKI_OPTIONS} rv=$? fi else |