Fix issues discovered during testing

During testing with Ade several issues were discovered which needed
fixing, these included:

Remove connectionTimeout on JSS connectors in the server.xml files due
to JSS bug. We will reenable the timeouts when JSS is fixed.

pki_apache_initscript had chmod & chown wrapped in an echo command
which prevented them from executing, an artifact inadverantly left in
the file during a debug session. The role parameter to runcon which
had been added to facilitate test/debug was removed.

The logfile variables shared between pkicommon, pkicreate and
pkiremove were awkward and resulted in warnings about the use of
uninitialized variables in some circumstances. Some functions were
tweaked and some variables removed to enforce better data hiding and
eliminate the warnings with respect to the logfile.

If the pkicreate script aborted before it completed it would fail to
write the installation manifest which made it impossible to remove the
partial installation via pkiremove. A hander was added so it would run
if Perl executed a "die" (e.g. aborted). The handler writes the
manifest before final exit. The subroutine used to write the manifest
was bullet proofed to avoid referencing uninitialized variables in the
case of non-normal exit.

The copy_directory() subroutine failed to preserve symbolic links in
the source, instead it traversed the source link and copied the target
of the link. copy_directory() and it's support routines were enhanced
to preserve symbolic links. A new subrotine copy_symlink() was added.

pkicreate failed to create a symbolic link to the symkey.jar file, it
now creates the link to symkey.jar.

The passwords written into the two password files were not terminated
with a newline character, now they are.

pkiremove would enter an infinate loop if the -force option was
specified, this is now fixed.

The tomcat6.conf file had been inadvertantly omitted from the tks
subsystem.

References to the deprecated apachectl file were expunged.


git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@1577 c9f7a03b-bd48-0410-a16d-cbbf54688b0b

2 files changed, 57 insertions, 2 deletions

diff --git a/pki/base/tks/shared/conf/server.xml b/pki/base/tks/shared/conf/server.xml
index e26d09dc3..856c2c2a5 100644
--- a/pki/base/tks/shared/conf/server.xml
+++ b/pki/base/tks/shared/conf/server.xml
@@ -119,7 +119,7 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
     <Connector name="[PKI_SECURE_PORT_CONNECTOR_NAME]" port="[PKI_SECURE_PORT]" protocol="HTTP/1.1" SSLEnabled="true" sslProtocol="SSL" scheme="https" secure="true"
 	       maxHttpHeaderSize="8192"
 	       acceptCount="100" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
-	       enableLookups="false" connectionTimeout="20000" disableUploadTimeout="true"
+	       enableLookups="false" disableUploadTimeout="true"
 	       SSLImplementation="org.apache.tomcat.util.net.jss.JSSImplementation"
 	       enableOCSP="false"
 	       ocspResponderURL="http://[PKI_MACHINE_NAME]:9080/ca/ocsp"
@@ -161,7 +161,7 @@ Tomcat Port         = [TOMCAT_SERVER_PORT] (for shutdown)
     <Connector name="[PKI_EE_SECURE_PORT_CONNECTOR_NAME]" port="[PKI_EE_SECURE_PORT]" SSLEnabled="true" sslProtocol="SSL" scheme="https" secure="true"
 	       maxHttpHeaderSize="8192"
 	       acceptCount="100" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
-	       enableLookups="false" connectionTimeout="20000" disableUploadTimeout="true"
+	       enableLookups="false" disableUploadTimeout="true"
 	       SSLImplementation="org.apache.tomcat.util.net.jss.JSSImplementation"
 	       clientAuth="false"
 	       sslOptions="[TOMCAT_SSL_OPTIONS]"
diff --git a/pki/base/tks/shared/conf/tomcat6.conf b/pki/base/tks/shared/conf/tomcat6.conf
new file mode 100644
index 000000000..31385567d
--- /dev/null
+++ b/pki/base/tks/shared/conf/tomcat6.conf
@@ -0,0 +1,55 @@
+# Service-specific configuration file for tomcat6. This will be sourced by
+# the SysV init script after the global configuration file
+# /etc/tomcat6/tomcat6.conf, thus allowing values to be overridden in
+# a per-service manner.
+#
+# NEVER change the init script itself. To change values for all services make
+# your changes in /etc/tomcat6/tomcat6.conf
+#
+# To change values for a specific service make your edits here.
+# To create a new service create a link from /etc/init.d/<your new service> to
+# /etc/init.d/tomcat6 (do not copy the init script) and make a copy of the
+# /etc/sysconfig/tomcat6 file to /etc/sysconfig/<your new service> and change
+# the property values so the two services won't conflict. Register the new
+# service in the system as usual (see chkconfig and similars).
+#
+
+# Where your java installation lives
+#JAVA_HOME="/usr/lib/jvm/java"
+
+# Where your tomcat installation lives
+CATALINA_BASE="[PKI_INSTANCE_PATH]"
+#CATALINA_HOME="/usr/share/tomcat6"
+#JASPER_HOME="/usr/share/tomcat6"
+#CATALINA_TMPDIR="/var/cache/tomcat6/temp"
+
+# You can pass some parameters to java here if you wish to
+#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3"
+
+# Use JAVA_OPTS to set java.library.path for libtcnative.so
+#JAVA_OPTS="-Djava.library.path=/usr/lib64"
+
+# What user should run tomcat
+TOMCAT_USER="[PKI_USER]"
+
+# You can change your tomcat locale here
+#LANG="en_US"
+
+# Run tomcat under the Java Security Manager
+#SECURITY_MANAGER="false"
+
+# Time to wait in seconds, before killing process
+#SHUTDOWN_WAIT="30"
+
+# Whether to annoy the user with "attempting to shut down" messages or not
+#SHUTDOWN_VERBOSE="false"
+
+# Set the TOMCAT_PID location
+CATALINA_PID="[TOMCAT_PIDFILE]"
+
+# Connector port is 8080 for this tomcat6 instance
+#CONNECTOR_PORT="8080"
+
+# If you wish to further customize your tomcat environment,
+# put your own definitions here
+# (i.e. LD_LIBRARY_PATH for some jdbc drivers)