diff options
| author | jdennis <jdennis@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-19 20:57:59 +0000 |
|---|---|---|
| committer | jdennis <jdennis@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2010-11-19 20:57:59 +0000 |
| commit | 41fc6aa29725ffe7ce058b4c72168dfd55feef22 (patch) | |
| tree | 37ebaa094b75f1a003f3c998ac59c654e1e08b43 /pki/base/setup | |
| parent | 55a41855c2cde9eaba8ff748a7c680275a621ffd (diff) | |
| download | pki-41fc6aa29725ffe7ce058b4c72168dfd55feef22.tar.gz pki-41fc6aa29725ffe7ce058b4c72168dfd55feef22.tar.xz pki-41fc6aa29725ffe7ce058b4c72168dfd55feef22.zip | |
Unify the message stream
Some messages were being directly written to stdout or stderr
bypassing the message mechanism, the emit() function. That meant those
messages were not recorded in the log and hence were lost. This patch
uses the emit() function for more messages.
The patch also adds a "warning" level to the message category.
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1564 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki/base/setup')
| -rwxr-xr-x | pki/base/setup/pkicommon | 98 | ||||
| -rwxr-xr-x | pki/base/setup/pkicreate | 54 | ||||
| -rwxr-xr-x | pki/base/setup/pkiremove | 60 |
3 files changed, 62 insertions, 150 deletions
diff --git a/pki/base/setup/pkicommon b/pki/base/setup/pkicommon index 74d0034b9..9d72a8f50 100755 --- a/pki/base/setup/pkicommon +++ b/pki/base/setup/pkicommon @@ -48,8 +48,7 @@ die $perl_version_error_message if $] < $MINIMUM_PERL_VERSION; my $cwd = `/bin/pwd`; chomp $cwd; if ($cwd eq "") { - print(STDERR "Cannot invoke '$0' from non-existent directory!\n"); - print(STDOUT "\n"); + emit("Cannot invoke '$0' from non-existent directory!\n", "error"); exit 255; } @@ -117,10 +116,7 @@ if ($^O eq "linux") { $default_system_user_libraries = "/usr/lib64"; $default_system_jni_java_path = "/usr/lib/java"; } else { - print(STDERR - "ERROR: Unsupported '$^O' hardware platform " - . "'$default_hardware_platform'!\n"); - print("\n"); + emit("Unsupported '$^O' hardware platform '$default_hardware_platform'!", "error"); exit 255; } @@ -134,9 +130,7 @@ if ($^O eq "linux") { $hostname = hostname; } } else { - print(STDERR - "ERROR: Unsupported platform '$^O'!\n"); - print("\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } @@ -777,18 +771,14 @@ sub check_for_root_UID if (!is_Windows()) { if (($< != $ROOTUID) && ($> != $ROOTUID)) { - print(STDERR - "ERROR: This script must be run as root!\n"); - print(STDOUT "\n"); + emit("This script must be run as root!\n", "error"); $result = 0; } else { # Success -- running script as root $result = 1; } } else { - print(STDERR - "ERROR: Root UID makes no sense on Windows machines!\n"); - print(STDOUT "\n"); + emit("Root UID makes no sense on Windows machines!\n", "error"); $result = 0; } @@ -970,10 +960,8 @@ sub user_disallows_shell $result = 1; } else { # issue a warning and continue - print(STDERR - "WARNING: Potential security hole - user '$username' is\n" - . " using '$shell' instead of '$sans_shell'!\n"); - print("\n"); + emit("WARNING: Potential security hole - user '$username' is\n" + . " using '$shell' instead of '$sans_shell'!\n", "warning"); } return $result; @@ -1163,52 +1151,37 @@ sub IsLocalPortAvailable # retrieve the UID given the username $uid = get_UID_from_username($user); if ($uid == -1) { - print("\n"); - print(STDERR - "User '$user' is NOT in the password file!\n"); - print("\n"); + emit("User '$user' is NOT in the password file!\n", "error"); return 0; } # insure that well-known ports cannot be used by a non-root user if (($port <= $MAX_WELL_KNOWN_PORT) && ($uid != $ROOTUID)) { - print("\n"); - print(STDERR - "ERROR: User '$user' is not allowed to bind to well-known " - . "port $port!\n"); - print("\n"); + emit("User '$user' is not allowed to bind to well-known " + . "port $port!\n", "error"); return 0; } # insure that reserved ports cannot be used by a non-root user if (($port <= $MAX_RESERVED_PORT) && ($uid != $ROOTUID)) { - print("\n"); - print(STDERR - "ERROR: User '$user' is not allowed to bind to reserved " - . "port $port!\n"); - print("\n"); + emit("User '$user' is not allowed to bind to reserved " + . "port $port!\n", "error"); return 0; } # insure that the user has not specified a port greater than # the number of dynamic/private ports if ($port > $MAX_DYNAMIC_PORT) { - print("\n"); - print(STDERR - "ERROR: User '$user' is not allowed to bind to a " - . "port greater than $MAX_DYNAMIC_PORT!\n"); - print("\n"); + emit("User '$user' is not allowed to bind to a " + . "port greater than $MAX_DYNAMIC_PORT!\n", "error"); return 0; } # if the user has specified a port greater than the number # of registered ports, issue a warning and continue if ($port > $MAX_REGISTERED_PORT) { - print("\n"); - print(STDERR - "WARNING: User '$user' is binding to port $port; use of " - . "a dynamic/private port is discouraged!\n"); - print("\n"); + emit("WARNING: User '$user' is binding to port $port; use of " + . "a dynamic/private port is discouraged!\n", "warning"); } } @@ -1232,16 +1205,10 @@ sub IsLocalPortAvailable # this port is inactive $rv = 1; } elsif ($status eq "Address already in use") { - print("\n"); - print(STDERR - "ERROR: Unable to bind to local port $port : $status\n"); - print("\n"); + emit("Unable to bind to local port $port : $status\n", "error"); $rv = 0; } else { - print("\n"); - print(STDERR - "ERROR: Unable to bind to local port $port : $status\n"); - print("\n"); + emit("Unable to bind to local port $port : $status\n", "error"); $rv = 0; } @@ -1266,11 +1233,7 @@ sub IsServerReachable $result = check_for_valid_url_prefix($prefix); if (!$result) { - print("\n"); - print(STDERR - "ERROR: Specified unknown url prefix\n" - . " '$prefix'!\n"); - print("\n"); + emit("Specified unknown url prefix '$prefix'!\n", "error"); return $result; } @@ -1284,12 +1247,7 @@ sub IsServerReachable # retrieve the remote host IP address my $iaddr = inet_aton($host) or $status = $!; if ($status ne "ACTIVE") { - print("\n"); - print(STDERR - "ERROR: Unable to contact the Server at\n" - . " '$url' :\n" - . " $status\n"); - print("\n"); + emit("Unable to contact the Server at '$url' ($status)", "error"); return $rv; } @@ -1309,12 +1267,7 @@ sub IsServerReachable # this '$host:$port' is reachable $rv = 1; } else { - print("\n"); - print(STDERR - "WARNING: Unable to contact the Server at\n" - . " '$url' :\n" - . " $status\n"); - print("\n"); + emit("WARNING: Unable to contact the Server at '$url' ($status)", "warning"); } # close local client socket @@ -1986,25 +1939,26 @@ sub emit $type = "debug" if !defined($type); - if ($type eq "error" || $type eq "info") { + if ($type eq "error" || $type eq "warning" || $type eq "info") { $force_emit = 1; } return if !$string; + chomp($string); my $stamp = get_time_stamp(); if ($verbose || $force_emit) { # print to stdout if ($type ne "log") { - print(STDOUT "[$stamp] [$type] $string"); + print(STDERR "[$type] $string\n"); } } # If a log file exists, write all types # ("debug", "error", "info", or "log") # to this specified log file - $log_entry = "[$stamp] [$type] $string"; + $log_entry = "[$stamp] [$type] $string\n"; print_to_logfile($logfile, $log_entry); return; @@ -3066,7 +3020,7 @@ if ($^O eq "linux") { $result = 1; $command = "/sbin/chkconfig --add $pki_instance_name"; if (run_command($command)) { - emit("Registered '$pki_instance_name' with '/sbin/chkconfig'.\n"); + emit("Registered '$pki_instance_name' with '/sbin/chkconfig'.\n"); } else { $result = 0; emit("Failed to register '$pki_instance_name' with '/sbin/chkconfig'.\n", 'error'); diff --git a/pki/base/setup/pkicreate b/pki/base/setup/pkicreate index 5d35f68cb..d1accddbc 100755 --- a/pki/base/setup/pkicreate +++ b/pki/base/setup/pkicreate @@ -71,8 +71,7 @@ umask 00002; my $cwd = `/bin/pwd`; chomp $cwd; if ($cwd eq "") { - print(STDERR "Cannot invoke '$0' from non-existent directory!\n"); - print(STDOUT "\n"); + emit("Cannot invoke '$0' from non-existent directory!\n", "error"); exit 255; } @@ -84,8 +83,7 @@ if ($cwd eq "") { # option to not run this script. if (defined($ENV{'DONT_RUN_PKICREATE'})) { if ($ENV{'DONT_RUN_PKICREATE'} == 1) { - print(STDERR "Env. variable DONT_RUN_PKICREATE is set. Exiting.\n"); - print(STDOUT "\n"); + emit("Env. variable DONT_RUN_PKICREATE is set. Exiting.\n", "error"); exit 0; } } @@ -115,9 +113,7 @@ my $pki_flavor = ""; if ($^O eq "linux") { $pki_flavor = "pki"; } else { - print(STDERR - "ERROR: Unsupported platform '$^O'!\n"); - print(STDOUT "\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } @@ -128,20 +124,14 @@ my $pki_subsystem_common_area = "/usr/share/$pki_flavor"; my $common_path = "/usr/share/$pki_flavor/scripts"; if (! -d $common_path) { - print(STDERR - "ERROR: The path '$common_path' does not exist!\n" - . " Unable to load shared Common Perl Data " - . "and Subroutines!\n"); - print(STDOUT "\n"); + emit("The path '$common_path' does not exist! " + . "Unable to load shared Common Perl Data and Subroutines!\n", "error"); exit 255; } if (! -e "$common_path/pkicommon") { - print(STDERR - "ERROR: The file '$common_path/pkicommon' does not exist!\n" - . " Unable to load shared Common Perl Data " - . "and Subroutines!\n"); - print(STDOUT "\n"); + emit("The file '$common_path/pkicommon' does not exist! " + . "Unable to load shared Common Perl Data and Subroutines!\n", "error"); exit 255; } @@ -622,9 +612,7 @@ if ($^O eq "linux") { $root_user = "root"; $root_group = "root"; } else { - print(STDERR - "ERROR: Unsupported platform '$^O'!\n"); - print(STDOUT "\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } @@ -654,16 +642,11 @@ if ($^O eq "linux") { "/opt/nfast/toolkits/pkcs11/libcknfast.so" ); } else { - print(STDERR - "ERROR: Unsupported '$^O' hardware platform " - . "'$default_hardware_platform'!\n"); - print("\n"); + emit("Unsupported '$^O' hardware platform '$default_hardware_platform'!\n", "error"); exit 255; } } else { - print(STDERR - "ERROR: Unsupported platform '$^O'!\n"); - print("\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } @@ -2891,14 +2874,11 @@ sub add_selinux_port if ($status == $SELINUX_PORT_UNDEFINED) { emit("Setting selinux context $setype for $seport\n"); - if (!run_command("$semanage port -a -t $setype -p tcp $seport\n")) { - print STDERR "Error in setting selinux context $setype for $seport\n"; - print STDOUT "\n"; + if (!run_command("$semanage port -a -t $setype -p tcp $seport")) { + emit("Failed setting selinux context $setype for $seport\n", "error"); } - } - elsif ($status == $SELINUX_PORT_WRONGLY_DEFINED) { - print STDERR "Error in setting selinux context $setype for $seport\n"; - print STDOUT "\n"; + } elsif ($status == $SELINUX_PORT_WRONGLY_DEFINED) { + emit("Failed setting selinux context $setype for $seport\n", "error"); } } @@ -2923,8 +2903,7 @@ sub add_selinux_file_context $result = run_command("$semanage fcontext -a -t $fcontext $fname"); } if (!$result) { - print STDERR "Error in setting selinux file context $fcontext for $fname\n"; - print STDOUT ("\n"); + emit("Failed setting selinux file context $fcontext for $fname", "error"); } } @@ -3118,8 +3097,7 @@ sub main chdir("/tmp"); - print(STDOUT - "PKI instance creation Utility ...\n\n"); + print(STDOUT "PKI instance creation Utility ...\n\n"); # On Linux/UNIX, insure that this script is being run as "root". $result = check_for_root_UID(); diff --git a/pki/base/setup/pkiremove b/pki/base/setup/pkiremove index 68045eb2c..8e180899b 100755 --- a/pki/base/setup/pkiremove +++ b/pki/base/setup/pkiremove @@ -60,8 +60,7 @@ die $perl_version_error_message if $] < $MINIMUM_PERL_VERSION; my $cwd = `/bin/pwd`; chomp $cwd; if ($cwd eq "") { - print(STDERR "Cannot invoke '$0' from non-existent directory!\n"); - print(STDOUT "\n"); + emit("Cannot invoke '$0' from non-existent directory!\n", "error"); exit 255; } @@ -96,8 +95,7 @@ if ($^O eq "linux") { } elsif ($^O eq "solaris") { $pki_flavor = "pki"; } else { - print(STDERR "ERROR: Unsupported platform '$^O'!\n"); - print(STDOUT "\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } @@ -107,20 +105,14 @@ $pki_flavor =~ s/\s+$//g; my $common_path = "/usr/share/pki/scripts"; if (! -d $common_path) { - print(STDERR - "ERROR: The path '$common_path' does not exist!\n" - . " Unable to load shared Common Perl Data " - . "and Subroutines!\n"); - print(STDOUT "\n"); + emit("The path '$common_path' does not exist! " + . "Unable to load shared Common Perl Data and Subroutines!\n", "error"); exit 255; } if (! -e "$common_path/pkicommon") { - print(STDERR - "ERROR: The file '$common_path/pkicommon' does not exist!\n" - . " Unable to load shared Common Perl Data " - . "and Subroutines!\n"); - print(STDOUT "\n"); + emit("The file '$common_path/pkicommon' does not exist! " + . "Unable to load shared Common Perl Data and Subroutines!\n", "error"); exit 255; } @@ -171,8 +163,7 @@ if ($^O eq "linux") { $default_initscripts_path = '/etc/rc.d/init.d'; $default_registry_path = "/etc/sysconfig"; } else { - print(STDERR "ERROR: Unsupported platform '$^O'!\n"); - print(STDOUT "\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } @@ -306,9 +297,7 @@ sub update_domain my $errs = `pk12util -d $dbpath -o $tempfile -n "$subsystemnick" -K $intpw -W $p12pw 2>&1`; if ($? != 0) { - print STDERR $errs; - print $errs; - print STDOUT "\n"; + emit($errs, "error"); die "Could not generate pk12 file for client authentication."; } @@ -353,9 +342,7 @@ sub remove_fcontext $errs = `$semanage fcontext -d -t $fcontext $fname 2>&1` } if (($? != 0) && ($errs !~ /defined in policy, cannot be deleted/)) { - print STDERR "ERROR: Error in setting selinux file context $fcontext for $fname\n"; - print $errs; - print STDOUT "\n"; + emit("Failed setting selinux file context $fcontext for $fname ($errs)", "error"); } } @@ -523,7 +510,7 @@ ASK_AGAIN: $install_info = read_install_info_from_dir($pki_instance_path); if (!defined($install_info)) { - print(STDERR "ERROR: Can't remove instance, installation manifest does not exist!\n"); + emit("Can't remove instance, installation manifest does not exist!", "error"); return $result; } @@ -554,8 +541,7 @@ ASK_AGAIN: if (entity_exists("$default_initscripts_path/$pki_instance_name")) { $pki_registry_initscript_command = "/sbin/service $pki_instance_name stop"; } else { - print(STDERR "ERROR: Unsupported platform '$^O'!\n"); - print(STDOUT "\n"); + emit("Unsupported platform '$^O'!\n", "error"); exit 255; } } @@ -585,8 +571,7 @@ sub main my $result = 0; - print(STDOUT - "PKI instance Deletion Utility ...\n\n"); + print(STDOUT "PKI instance Deletion Utility ...\n\n"); # On Linux/UNIX, insure that this script is being run as "root". $result = check_for_root_UID(); @@ -597,8 +582,7 @@ sub main # Check for a valid number of command-line arguments. if ($ARGS < 2) { - print(STDERR - "$0: Insufficient arguments!\n\n"); + emit("$0: Insufficient arguments!", "error"); usage(); exit 255; } @@ -612,9 +596,8 @@ sub main # Always disallow root to be the pki_instance_root. if ($pki_instance_root eq "/") { - print(STDERR - "$0: Don't even think about making root " - . "the pki_instance_root!\n\n"); + emit("$0: Don't even think about making root " + . "the pki_instance_root!", "error"); usage(); exit 255; } @@ -623,16 +606,14 @@ sub main # Check for valid content of command-line arguments. if ($pki_instance_root eq "") { - print(STDERR - "$0: Must have value for -pki_instance_root!\n\n"); + emit("$0: Must have value for -pki_instance_root!", "error"); usage(); exit 255; } if ($pki_instance_name eq "") { - print(STDERR - "$0: The instance ID of the PKI instance " - . "to be removed is required!\n\n"); + emit("$0: The instance ID of the PKI instance " + . "to be removed is required!", "error"); usage(); exit 255; } @@ -640,9 +621,8 @@ sub main $pki_instance_path = "${pki_instance_root}/${pki_instance_name}"; if (!directory_exists($pki_instance_path)) { - print(STDERR - "$0: Target directory $pki_instance_path " - . "is not a legal directory.\n\n"); + emit("$0: Target directory $pki_instance_path " + . "is not a legal directory.", "error"); usage(); exit 255; } |