diff options
| author | Matthew Harmsen <mharmsen@redhat.com> | 2012-03-06 12:03:39 -0800 |
|---|---|---|
| committer | Matthew Harmsen <mharmsen@redhat.com> | 2012-03-06 12:06:17 -0800 |
| commit | 12fbb32b4aff239caf616f28333285167bbab9e6 (patch) | |
| tree | 258513f8eb38eff841e4c4dbf5700e6a9f5eb30d /pki | |
| parent | 7364a11df617ee2ceabe7a686a4ad5d8e19f9dac (diff) | |
| download | pki-12fbb32b4aff239caf616f28333285167bbab9e6.tar.gz pki-12fbb32b4aff239caf616f28333285167bbab9e6.tar.xz pki-12fbb32b4aff239caf616f28333285167bbab9e6.zip | |
Revert "Initial attempt at 'http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment'."
This reverts commit b5219f534cf0b60452346b31a84b9eddd881f614.
This patch was accidently committed to origin as part of a previous push.
Conflicts:
pki/specs/pki-core.spec
Diffstat (limited to 'pki')
| -rw-r--r-- | pki/base/CMakeLists.txt | 1 | ||||
| -rw-r--r-- | pki/base/deploy/CMakeLists.txt | 137 | ||||
| -rw-r--r-- | pki/base/deploy/LICENSE | 291 | ||||
| -rw-r--r-- | pki/base/deploy/config/pkideployment.cfg | 26 | ||||
| -rwxr-xr-x | pki/base/deploy/src/pkidestroy | 141 | ||||
| -rwxr-xr-x | pki/base/deploy/src/pkispawn | 164 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/instance.py | 105 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkiconfig.py | 95 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkihelper.py | 212 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkilogging.py | 46 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkimessages.py | 98 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkiscriptlet.py | 47 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/security_databases.py | 78 | ||||
| -rwxr-xr-x | pki/scripts/compose_pki_core_packages | 2 | ||||
| -rw-r--r-- | pki/specs/pki-core.spec | 67 |
15 files changed, 1 insertions, 1509 deletions
diff --git a/pki/base/CMakeLists.txt b/pki/base/CMakeLists.txt index 1c6e909ad..8a40e4247 100644 --- a/pki/base/CMakeLists.txt +++ b/pki/base/CMakeLists.txt @@ -3,7 +3,6 @@ project(base) # The order is important! if (APPLICATION_FLAVOR_PKI_CORE) add_subdirectory(test) - add_subdirectory(deploy) add_subdirectory(setup) add_subdirectory(symkey) add_subdirectory(native-tools) diff --git a/pki/base/deploy/CMakeLists.txt b/pki/base/deploy/CMakeLists.txt deleted file mode 100644 index 11d70c55d..000000000 --- a/pki/base/deploy/CMakeLists.txt +++ /dev/null @@ -1,137 +0,0 @@ -project(deploy) - -install( - FILES - src/pkispawn - src/pkidestroy - DESTINATION - ${BIN_INSTALL_DIR} - PERMISSIONS - OWNER_EXECUTE OWNER_WRITE OWNER_READ - GROUP_EXECUTE GROUP_READ - WORLD_EXECUTE WORLD_READ -) - -install( - FILES - config/pkideployment.cfg - DESTINATION - ${DATA_INSTALL_DIR}/deployment/config - PERMISSIONS - OWNER_WRITE OWNER_READ - GROUP_READ - WORLD_READ -) - -find_package(PythonInterp REQUIRED) -execute_process( - COMMAND - ${PYTHON_EXECUTABLE} -c - "from distutils.sysconfig import get_python_lib; print get_python_lib()" - OUTPUT_VARIABLE - PYTHON_SITE_PACKAGES - OUTPUT_STRIP_TRAILING_WHITESPACE -) -install( - FILES - src/scriptlets/instance.py - src/scriptlets/pkiconfig.py - src/scriptlets/pkihelper.py - src/scriptlets/pkimessages.py - src/scriptlets/pkilogging.py - src/scriptlets/pkiscriptlet.py - src/scriptlets/security_databases.py - DESTINATION - ${PYTHON_SITE_PACKAGES}/pki/deployment - PERMISSIONS - OWNER_WRITE OWNER_READ - GROUP_READ - WORLD_READ -) -install( - CODE - "execute_process( - COMMAND - ${CMAKE_COMMAND} -E touch - \"\$ENV{DESTDIR}${PYTHON_SITE_PACKAGES}/pki/__init__.py\")" -) -install( - CODE - "execute_process( - COMMAND - ${CMAKE_COMMAND} -E touch - \"\$ENV{DESTDIR}${PYTHON_SITE_PACKAGES}/pki/deployment/__init__.py\")" -) - -#install( -# FILES -# jars/resteasy-jettison-provider-2.3-RC1.jar -# DESTINATION -# ${JAVA_JAR_INSTALL_DIR} -# PERMISSIONS -# OWNER_EXECUTE OWNER_WRITE OWNER_READ -# GROUP_EXECUTE GROUP_READ -# WORLD_EXECUTE WORLD_READ -#) - -# install empty directories -#install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${VAR_INSTALL_DIR}/lock/pki)") -#install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${VAR_INSTALL_DIR}/run/pki)") - -# install subsystem directories for pkispawn -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/ca)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/kra)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/ocsp)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/ra)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/tks)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/tps)") - -# install subsystem directories for pkidestroy -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/destroy/ca)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/destroy/kra)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/destroy/ocsp)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/destroy/ra)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/destroy/tks)") -install(CODE "file(MAKE_DIRECTORY \$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/destroy/tps)") - -# generate and install symbolic links for pkispawn CA -install( - CODE - "execute_process( - COMMAND - ${CMAKE_COMMAND} -E create_symlink - \"${PYTHON_SITE_PACKAGES}/pki/deployment/instance.py\" - \"\$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/ca/0010_instance\")" -) -install( - CODE - "execute_process( - COMMAND - ${CMAKE_COMMAND} -E create_symlink - \"${PYTHON_SITE_PACKAGES}/pki/deployment/security_databases.py\" - \"\$ENV{DESTDIR}${DATA_INSTALL_DIR}/deployment/spawn/ca/0020_security_databases\")" -) - -# generate and install symbolic links for pkispawn KRA - -# generate and install symbolic links for pkispawn OCSP - -# generate and install symbolic links for pkispawn RA - -# generate and install symbolic links for pkispawn TKS - -# generate and install symbolic links for pkispawn TPS - - -# generate and install symbolic links for pkidestroy CA - -# generate and install symbolic links for pkidestroy KRA - -# generate and install symbolic links for pkidestroy OCSP - -# generate and install symbolic links for pkidestroy RA - -# generate and install symbolic links for pkidestroy TKS - -# generate and install symbolic links for pkidestroy TPS - diff --git a/pki/base/deploy/LICENSE b/pki/base/deploy/LICENSE deleted file mode 100644 index e281f4362..000000000 --- a/pki/base/deploy/LICENSE +++ /dev/null @@ -1,291 +0,0 @@ -This Program is free software; you can redistribute it and/or modify -it under the terms of the GNU General Public License as published -by the Free Software Foundation; version 2 of the License. - -This Program is distributed in the hope that it will be useful, but -WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY -or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License -for more details. - -You should have received a copy of the GNU General Public License -along with this Program; if not, write to the Free Software -Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA. - - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. diff --git a/pki/base/deploy/config/pkideployment.cfg b/pki/base/deploy/config/pkideployment.cfg deleted file mode 100644 index dc0cbeaad..000000000 --- a/pki/base/deploy/config/pkideployment.cfg +++ /dev/null @@ -1,26 +0,0 @@ -[Common] -pki_instance_root=/var/lib/pki -pki_instance_name=instance -pki_user=pkiuser -pki_group=pkiuser -pki_audit_group=pkiaudit -[Apache] -pki_http_port=80 -pki_https_port=443 -[Tomcat] -pki_http_port=8080 -pki_https_port=8443 -pki_ajp_port=8009 -pki_security_manager=true -[CA] -pki_subsystem=CA -[KRA] -pki_subsystem=KRA -[OCSP] -pki_subsystem=OCSP -[RA] -pki_subsystem=RA -[TKS] -pki_subsystem=TKS -[TPS] -pki_subsystem=TPS diff --git a/pki/base/deploy/src/pkidestroy b/pki/base/deploy/src/pkidestroy deleted file mode 100755 index c767584de..000000000 --- a/pki/base/deploy/src/pkidestroy +++ /dev/null @@ -1,141 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import sys -if not hasattr(sys, "hexversion") or sys.hexversion < 0x020700f0: - print "Python version %s.%s.%s is too old." % sys.version_info[:3] - print "Please upgrade to at least Python 2.7.0." - sys.exit(1) -try: - import argparse - import logging - import os - import pprint - from pki.deployment import pkiconfig - from pki.deployment import pkihelper - from pki.deployment import pkilogging - from pki.deployment import pkimessages as log -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - - -# PKI Deployment Functions -def main(argv): - "main entry point" - - # Only run this program as "root". - if not os.geteuid() == 0: - sys.exit("'%s' must be run as root!" % argv[0]) - - # Initialize 'pretty print' for objects - pp = pprint.PrettyPrinter(indent=4) - - # Read and process command-line arguments. - pkihelper.process_command_line_arguments(argv) - - # Enable 'pkidestroy' logging. - pkiconfig.pki_log_dir = pkiconfig.pki_root_prefix +\ - pkiconfig.PKIDESTROY_LOG_PATH - pkiconfig.pki_log_name = pkiconfig.PKIDESTROY_LOG_PREFIX +\ - pkiconfig.pki_subsystem.lower() +\ - pkiconfig.PKIDESTROY_LOG_SUFFIX - rv = pkilogging.enable_pki_logger(pkiconfig.pki_log_dir, - pkiconfig.pki_log_name, - pkiconfig.pki_log_level, - pkiconfig.pki_console_log_level, - pkiconfig.PKIDESTROY_LOGGER) - if rv != OSError: - pkiconfig.pki_log = rv - else: - print log.PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 % pkiconfig.pki_log_dir - sys.exit(1) - - # Read the specified PKI configuration file. - rv = pkihelper.read_pki_configuration_file() - if rv != 0: - pkiconfig.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv) - sys.exit(1) - else: - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_common_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_web_server_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_subsystem_dict)) - - # Override PKI configuration file values with 'custom' command-line values. - if not pkiconfig.pki_instance_name is None: - pkiconfig.pki_common_dict['pki_instance_name'] =\ - pkiconfig.pki_instance_name - if not pkiconfig.pki_http_port is None: - pkiconfig.pki_web_server_dict['pki_http_port'] =\ - pkiconfig.pki_http_port - if not pkiconfig.pki_https_port is None: - pkiconfig.pki_web_server_dict['pki_https_port'] =\ - pkiconfig.pki_https_port - if not pkiconfig.pki_ajp_port is None: - pkiconfig.pki_web_server_dict['pki_ajp_port'] =\ - pkiconfig.pki_ajp_port - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_common_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_web_server_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_subsystem_dict)) - - # Remove the specified PKI subsystem. - pki_scriptlets_path = pkiconfig.pki_root_prefix +\ - pkiconfig.PKIDESTROY_PATH +\ - "/" + pkiconfig.pki_subsystem.lower() - if not os.path.exists(pki_scriptlets_path) or\ - not os.path.isdir(pki_scriptlets_path): - pkiconfig.pki_log.error(log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - pki_scriptlets_path) - sys.exit(1) - pki_subsystem_scriptlets = os.listdir(pki_scriptlets_path) - pki_subsystem_scriptlets.sort() - - # Process the various "scriptlets" for the specified PKI subsystem. - rv = 0 - pkiconfig.pki_log.info(log.PKIDESTROY_BEGIN_MESSAGE_2, - pkiconfig.pki_subsystem, - pkiconfig.pki_common_dict['pki_instance_name']) - for pki_scriptlet in pki_subsystem_scriptlets: - scriptlet = __import__(pkiconfig.PKI_DEPLOYMENT_SCRIPTLETS_MODULE +\ - '.' + pki_scriptlet[5:], - fromlist = [pki_scriptlet[5:]]) - instance = scriptlet.PkiScriptlet() - rv = instance.destroy() - if rv != 0: - sys.exit(1) - pkiconfig.pki_log.info(log.PKIDESTROY_END_MESSAGE_2, - pkiconfig.pki_subsystem, - pkiconfig.pki_common_dict['pki_instance_name']) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_common_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_web_server_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_subsystem_dict)) - - -# PKI Deployment Entry Point -if __name__ == "__main__": - main(sys.argv) - diff --git a/pki/base/deploy/src/pkispawn b/pki/base/deploy/src/pkispawn deleted file mode 100755 index d293dfd0e..000000000 --- a/pki/base/deploy/src/pkispawn +++ /dev/null @@ -1,164 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import sys -if not hasattr(sys, "hexversion") or sys.hexversion < 0x020700f0: - print "Python version %s.%s.%s is too old." % sys.version_info[:3] - print "Please upgrade to at least Python 2.7.0." - sys.exit(1) -try: - import argparse - import logging - import os - import pprint - from pki.deployment import pkiconfig - from pki.deployment import pkihelper - from pki.deployment import pkilogging - from pki.deployment import pkimessages as log -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - - -# PKI Deployment Functions -def main(argv): - "main entry point" - - # Only run this program as "root". - if not os.geteuid() == 0: - sys.exit("'%s' must be run as root!" % argv[0]) - - # Set the umask - os.umask(pkiconfig.PKI_DEPLOYMENT_DEFAULT_UMASK) - - # Initialize 'pretty print' for objects - pp = pprint.PrettyPrinter(indent=4) - - # Read and process command-line arguments. - pkihelper.process_command_line_arguments(argv) - - # Enable 'pkispawn' logging. - rv = 0 - if not pkiconfig.pki_update_flag: - pki_deployment_begin = log.PKISPAWN_BEGIN_MESSAGE_2 - pki_deployment_end = log.PKISPAWN_END_MESSAGE_2 - pkiconfig.pki_log_dir = pkiconfig.pki_root_prefix +\ - pkiconfig.PKISPAWN_LOG_PATH - pkiconfig.pki_log_name = pkiconfig.PKISPAWN_LOG_PREFIX +\ - pkiconfig.pki_subsystem.lower() +\ - pkiconfig.PKISPAWN_LOG_SUFFIX - rv = pkilogging.enable_pki_logger(pkiconfig.pki_log_dir, - pkiconfig.pki_log_name, - pkiconfig.pki_log_level, - pkiconfig.pki_console_log_level, - pkiconfig.PKISPAWN_LOGGER) - else: - pki_deployment_begin = log.PKIRESPAWN_BEGIN_MESSAGE_2 - pki_deployment_end = log.PKIRESPAWN_END_MESSAGE_2 - pkiconfig.pki_log_dir = pkiconfig.pki_root_prefix +\ - pkiconfig.PKIRESPAWN_LOG_PATH - pkiconfig.pki_log_name = pkiconfig.PKIRESPAWN_LOG_PREFIX +\ - pkiconfig.pki_subsystem.lower() +\ - pkiconfig.PKIRESPAWN_LOG_SUFFIX - rv = pkilogging.enable_pki_logger(pkiconfig.pki_log_dir, - pkiconfig.pki_log_name, - pkiconfig.pki_log_level, - pkiconfig.pki_console_log_level, - pkiconfig.PKIRESPAWN_LOGGER) - if rv != OSError: - pkiconfig.pki_log = rv - else: - print log.PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 % pkiconfig.pki_log_dir - sys.exit(1) - - # Read the specified PKI configuration file. - rv = pkihelper.read_pki_configuration_file() - if rv != 0: - pkiconfig.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv) - sys.exit(1) - else: - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_common_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_web_server_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_subsystem_dict)) - - # Override PKI configuration file values with 'custom' command-line values. - if not pkiconfig.pki_instance_name is None: - pkiconfig.pki_common_dict['pki_instance_name'] =\ - pkiconfig.pki_instance_name - if not pkiconfig.pki_http_port is None: - pkiconfig.pki_web_server_dict['pki_http_port'] =\ - pkiconfig.pki_http_port - if not pkiconfig.pki_https_port is None: - pkiconfig.pki_web_server_dict['pki_https_port'] =\ - pkiconfig.pki_https_port - if not pkiconfig.pki_ajp_port is None: - pkiconfig.pki_web_server_dict['pki_ajp_port'] =\ - pkiconfig.pki_ajp_port - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_common_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_web_server_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_subsystem_dict)) - - # Install and configure the specified PKI subsystem. - pki_scriptlets_path = pkiconfig.pki_root_prefix +\ - pkiconfig.PKISPAWN_PATH +\ - "/" + pkiconfig.pki_subsystem.lower() - if not os.path.exists(pki_scriptlets_path) or\ - not os.path.isdir(pki_scriptlets_path): - pkiconfig.pki_log.error(log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - pki_scriptlets_path) - sys.exit(1) - pki_subsystem_scriptlets = os.listdir(pki_scriptlets_path) - pki_subsystem_scriptlets.sort() - - # Process the various "scriptlets" for the specified PKI subsystem. - rv = 0 - pkiconfig.pki_log.info(pki_deployment_begin, - pkiconfig.pki_subsystem, - pkiconfig.pki_common_dict['pki_instance_name']) - for pki_scriptlet in pki_subsystem_scriptlets: - scriptlet = __import__(pkiconfig.PKI_DEPLOYMENT_SCRIPTLETS_MODULE +\ - '.' + pki_scriptlet[5:], - fromlist = [pki_scriptlet[5:]]) - instance = scriptlet.PkiScriptlet() - if not pkiconfig.pki_update_flag: - rv = instance.spawn() - else: - rv = instance.respawn() - if rv != 0: - sys.exit(1) - pkiconfig.pki_log.info(pki_deployment_end, - pkiconfig.pki_subsystem, - pkiconfig.pki_common_dict['pki_instance_name']) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_common_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_web_server_dict)) - pkiconfig.pki_log.debug(pp.pformat(pkiconfig.pki_subsystem_dict)) - - -# PKI Deployment Entry Point -if __name__ == "__main__": - main(sys.argv) - diff --git a/pki/base/deploy/src/scriptlets/instance.py b/pki/base/deploy/src/scriptlets/instance.py deleted file mode 100644 index 636f63b27..000000000 --- a/pki/base/deploy/src/scriptlets/instance.py +++ /dev/null @@ -1,105 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import os -import grp -import pwd - -# PKI Deployment Imports -import pkiconfig -import pkimessages as log -import pkiscriptlet - - -# PKI Deployment Instance Population Classes -class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): - rv = 0 - pki_path = pkiconfig.pki_root_prefix +\ - pkiconfig.pki_common_dict['pki_instance_root'] - pki_instance_path = pki_path + "/" +\ - pkiconfig.pki_common_dict['pki_instance_name'] - pki_subsystem_path = pki_instance_path + "/" +\ - pkiconfig.pki_subsystem_dict['pki_subsystem'].lower() - - def spawn(self): - if not os.path.exists(self.pki_subsystem_path): - pkiconfig.pki_log.info(log.INSTANCE_SPAWN_1, __name__) - pkiconfig.pki_log.info(log.INSTANCE_SPAWN_MKDIR_1, - self.pki_subsystem_path) - if not pkiconfig.pki_dry_run_flag: - try: - pki_gid = grp.getgrnam( - pkiconfig.pki_common_dict['pki_group'])[2] - pki_uid = pwd.getpwnam( - pkiconfig.pki_common_dict['pki_user'])[2] - os.mkdir(self.pki_path, - pkiconfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS) - os.chown(self.pki_path, - pki_uid, - pki_gid) - os.mkdir(self.pki_instance_path, - pkiconfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS) - os.chown(self.pki_instance_path, - pki_uid, - pki_gid) - os.mkdir(self.pki_subsystem_path, - pkiconfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS) - os.chown(self.pki_subsystem_path, - pki_uid, - pki_gid) - except KeyError: - self.rv = KeyError - except OSError: - self.rv = OSError - elif not os.path.isdir(self.pki_subsystem_path): - pkiconfig.pki_log.error( - log.PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1, - self.pki_subsystem_path) - self.rv = -1 - else: - pkiconfig.pki_log.error(log.PKI_DIRECTORY_ALREADY_EXISTS_1, - self.pki_subsystem_path) - self.rv = -1 - return self.rv - - def respawn(self): - if not os.path.exists(self.pki_subsystem_path) or\ - not os.path.isdir(self.pki_subsystem_path): - pkiconfig.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_subsystem_path) - self.rv = -1 - else: - pkiconfig.pki_log.info(log.INSTANCE_RESPAWN_1, __name__) - return self.rv - - def destroy(self): - if not os.path.exists(self.pki_subsystem_path) or\ - not os.path.isdir(self.pki_subsystem_path): - pkiconfig.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_subsystem_path) - self.rv = -1 - else: - pkiconfig.pki_log.info(log.INSTANCE_DESTROY_1, __name__) - return self.rv - diff --git a/pki/base/deploy/src/scriptlets/pkiconfig.py b/pki/base/deploy/src/scriptlets/pkiconfig.py deleted file mode 100644 index 3c2eb70a8..000000000 --- a/pki/base/deploy/src/scriptlets/pkiconfig.py +++ /dev/null @@ -1,95 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import logging - - -# PKI Deployment Constants -PKI_DEPLOYMENT_PATH = "/usr/share/pki/deployment" -PKI_DEPLOYMENT_CONFIG_PATH = PKI_DEPLOYMENT_PATH + "/" + "config" -PKI_DEPLOYMENT_SCRIPTLETS_MODULE = "pki.deployment" -PKI_DEPLOYMENT_VERBOSITY=\ -"VERBOSITY FLAGS CONSOLE MESSAGE LEVEL LOG MESSAGE LEVEL\n"\ -"=======================================================================\n"\ -" NONE error|warning error|warning|info\n"\ -" -v error|warning|info error|warning|info\n"\ -" -vv error|warning|info error|warning|info|debug\n"\ -" -vvv error|warning|info|debug error|warning|info|debug\n"\ -" " -PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS = 00770 -PKI_DEPLOYMENT_DEFAULT_EXE_PERMISSIONS = 00770 -PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS = 00660 -PKI_DEPLOYMENT_DEFAULT_UMASK = 00002 - -PKIDESTROY_PATH = PKI_DEPLOYMENT_PATH + "/" + "destroy" -PKIDESTROY_LOG_PATH = "/var/log" -PKIDESTROY_LOG_PREFIX = "pki-" -PKIDESTROY_LOG_SUFFIX = "-destroy.log" -PKIDESTROY_LOGGER = "pkidestroy" - -PKIRESPAWN_PATH = PKI_DEPLOYMENT_PATH + "/" + "spawn" -PKIRESPAWN_LOG_PATH = "/var/log" -PKIRESPAWN_LOG_PREFIX = "pki-" -PKIRESPAWN_LOG_SUFFIX = "-respawn.log" -PKIRESPAWN_LOGGER = "pkirespawn" - -PKISPAWN_PATH = PKI_DEPLOYMENT_PATH + "/" + "spawn" -PKISPAWN_LOG_PATH = "/var/log" -PKISPAWN_LOG_PREFIX = "pki-" -PKISPAWN_LOG_SUFFIX = "-spawn.log" -PKISPAWN_LOGGER = "pkispawn" - -PKI_SECURITY_DATABASE_DIR = "alias" -PKI_SUBSYSTEMS = ["CA","KRA","OCSP","RA","TKS","TPS"] -PKI_APACHE_SUBSYSTEMS = ["RA","TPS"] -PKI_TOMCAT_SUBSYSTEMS = ["CA","KRA","OCSP","TKS"] - - -# PKI Deployment "Mandatory" Command-Line Variables -pki_subsystem = None - -# PKI Deployment "Optional" Command-Line Variables -pkideployment_cfg = PKI_DEPLOYMENT_CONFIG_PATH + "/" + "pkideployment.cfg" -pki_dry_run_flag = False -pki_root_prefix = None -pki_update_flag = False - -# PKI Deployment "Custom" Command-Line Variables -pki_instance_name = None -pki_http_port = None -pki_https_port = None -pki_ajp_port = None - - -# PKI Deployment Logger Variables -pki_log = None -pki_log_dir = None -pki_log_name = None -pki_log_level = logging.INFO -pki_console_log_level = logging.WARNING - - -# PKI Deployment Global Dictionaries -pki_common_dict = None -pki_web_server_dict = None -pki_subsystem_dict = None - diff --git a/pki/base/deploy/src/scriptlets/pkihelper.py b/pki/base/deploy/src/scriptlets/pkihelper.py deleted file mode 100644 index 2f206f387..000000000 --- a/pki/base/deploy/src/scriptlets/pkihelper.py +++ /dev/null @@ -1,212 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import ConfigParser -import argparse -import logging -import os - - -# PKI Deployment Imports -import pkiconfig -import pkimessages as log - - -# PKI Deployment Helper Functions -def process_command_line_arguments(argv): - "Read and process command-line options" - description = None - if os.path.basename(argv[0]) == 'pkispawn': - description = 'PKI Instance Installation and Configuration' - elif os.path.basename(argv[0]) == 'pkidestroy': - description = 'PKI Instance Removal' - parser = argparse.ArgumentParser( - description=description, - add_help=False, - formatter_class=argparse.RawDescriptionHelpFormatter, - epilog=pkiconfig.PKI_DEPLOYMENT_VERBOSITY) - mandatory = parser.add_argument_group('mandatory arguments') - mandatory.add_argument('-s', - dest='pki_subsystem', action='store', - nargs=1, choices=pkiconfig.PKI_SUBSYSTEMS, - required=True, metavar='<subsystem>', - help='where <subsystem> is ' - 'CA, KRA, OCSP, RA, TKS, or TPS') - optional = parser.add_argument_group('optional arguments') - optional.add_argument('--dry_run', - dest='pki_dry_run_flag', action='store_true', - help='do not actually perform any actions') - optional.add_argument('-f', - dest='pkideployment_cfg', action='store', - nargs=1, metavar='<file>', - help='overrides default configuration filename') - optional.add_argument('-h', '--help', - dest='help', action='help', - help='show this help message and exit') - optional.add_argument('-p', - dest='pki_root_prefix', action='store', - nargs=1, metavar='<prefix>', - help='directory prefix to specify local directory') - if os.path.basename(argv[0]) == 'pkispawn': - optional.add_argument('-u', - dest='pki_update_flag', action='store_true', - help='update instance of specified subsystem') - optional.add_argument('-v', - dest='pki_verbosity', action='count', - help='display verbose information (details below)') - custom = parser.add_argument_group('custom arguments ' - '(OVERRIDES configuration file values)') - custom.add_argument('-i', - dest='pki_instance_name', action='store', - nargs=1, metavar='<instance>', - help='PKI instance name (MUST specify REQUIRED ports)') - custom.add_argument('--http_port', - dest='pki_http_port', action='store', - nargs=1, metavar='<port>', - help='HTTP port (CA, KRA, OCSP, RA, TKS, TPS)') - custom.add_argument('--https_port', - dest='pki_https_port', action='store', - nargs=1, metavar='<port>', - help='HTTPS port (CA, KRA, OCSP, RA, TKS, TPS)') - custom.add_argument('--ajp_port', - dest='pki_ajp_port', action='store', - nargs=1, metavar='<port>', - help='AJP port (CA, KRA, OCSP, TKS)') - args = parser.parse_args() - - pkiconfig.pki_subsystem = str(args.pki_subsystem).strip('[\']') - if args.pki_dry_run_flag: - pkiconfig.pki_dry_run_flag = args.pki_dry_run_flag - if not args.pkideployment_cfg is None: - pkiconfig.pkideployment_cfg = str(args.pkideployment_cfg).strip('[\']') - if not os.path.exists(pkiconfig.pkideployment_cfg) or\ - not os.path.isfile(pkiconfig.pkideployment_cfg): - print "ERROR: " +\ - log.PKI_FILE_MISSING_OR_NOT_A_FILE_1 %\ - pkiconfig.pkideployment_cfg - print - parser.print_help() - parser.exit(-1); - if not args.pki_root_prefix is None: - pkiconfig.pki_root_prefix = str(args.pki_root_prefix).strip('[\']') - if pkiconfig.pki_root_prefix is None or\ - len(pkiconfig.pki_root_prefix) == 0: - pkiconfig.pki_root_prefix = "" - elif not os.path.exists(pkiconfig.pki_root_prefix) or\ - not os.path.isdir(pkiconfig.pki_root_prefix): - print "ERROR: " +\ - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 %\ - pkiconfig.pki_root_prefix - print - parser.print_help() - parser.exit(-1); - if os.path.basename(argv[0]) == 'pkispawn': - if args.pki_update_flag: - pkiconfig.pki_update_flag = args.pki_update_flag - if args.pki_verbosity == 1: - pkiconfig.pki_console_log_level = logging.INFO - pkiconfig.pki_log_level = logging.INFO - elif args.pki_verbosity == 2: - pkiconfig.pki_console_log_level = logging.INFO - pkiconfig.pki_log_level = logging.DEBUG - elif args.pki_verbosity == 3: - pkiconfig.pki_console_log_level = logging.DEBUG - pkiconfig.pki_log_level = logging.DEBUG - elif args.pki_verbosity > 3: - print "ERROR: " + log.PKI_VERBOSITY_LEVELS_MESSAGE - print - parser.print_help() - parser.exit(-1); - if not args.pki_instance_name is None: - pkiconfig.pki_instance_name = str(args.pki_instance_name).strip('[\']') - if not args.pki_http_port is None: - pkiconfig.pki_http_port = str(args.pki_http_port).strip('[\']') - if not args.pki_https_port is None: - pkiconfig.pki_https_port = str(args.pki_https_port).strip('[\']') - if not args.pki_ajp_port is None: - if pkiconfig.pki_subsystem in pkiconfig.PKI_TOMCAT_SUBSYSTEMS: - pkiconfig.pki_ajp_port = str(args.pki_ajp_port).strip('[\']') - else: - print "ERROR: " +\ - log.PKI_CUSTOM_TOMCAT_AJP_PORT_1 %\ - pkiconfig.pki_subsystem - print - parser.print_help() - parser.exit(-1); - if not args.pki_instance_name is None or\ - not args.pki_http_port is None or\ - not args.pki_https_port is None or\ - not args.pki_ajp_port is None: - if pkiconfig.pki_subsystem in pkiconfig.PKI_APACHE_SUBSYSTEMS: - if args.pki_instance_name is None or\ - args.pki_http_port is None or\ - args.pki_https_port is None: - print "ERROR: " + log.PKI_CUSTOM_APACHE_INSTANCE_1 %\ - pkiconfig.pki_subsystem - print - parser.print_help() - parser.exit(-1); - elif pkiconfig.pki_subsystem in pkiconfig.PKI_TOMCAT_SUBSYSTEMS: - if args.pki_instance_name is None or\ - args.pki_http_port is None or\ - args.pki_https_port is None or\ - args.pki_ajp_port is None: - print "ERROR: " + log.PKI_CUSTOM_TOMCAT_INSTANCE_1 %\ - pkiconfig.pki_subsystem - print - parser.print_help() - parser.exit(-1); - - -def read_pki_configuration_file(): - "Read configuration file sections into dictionaries" - rv = 0 - try: - parser = ConfigParser.ConfigParser() - parser.read(pkiconfig.pkideployment_cfg) - pkiconfig.pki_common_dict = dict(parser._sections['Common']) - if pkiconfig.pki_subsystem == "CA": - pkiconfig.pki_web_server_dict = dict(parser._sections['Tomcat']) - pkiconfig.pki_subsystem_dict = dict(parser._sections['CA']) - elif pkiconfig.pki_subsystem == "KRA": - pkiconfig.pki_web_server_dict = dict(parser._sections['Tomcat']) - pkiconfig.pki_subsystem_dict = dict(parser._sections['KRA']) - elif pkiconfig.pki_subsystem == "OCSP": - pkiconfig.pki_web_server_dict = dict(parser._sections['Tomcat']) - pkiconfig.pki_subsystem_dict = dict(parser._sections['OCSP']) - elif pkiconfig.pki_subsystem == "RA": - pkiconfig.pki_web_server_dict = dict(parser._sections['Apache']) - pkiconfig.pki_subsystem_dict = dict(parser._sections['RA']) - elif pkiconfig.pki_subsystem == "TKS": - pkiconfig.pki_web_server_dict = dict(parser._sections['Tomcat']) - pkiconfig.pki_subsystem_dict = dict(parser._sections['TKS']) - elif pkiconfig.pki_subsystem == "TPS": - pkiconfig.pki_web_server_dict = dict(parser._sections['Apache']) - pkiconfig.pki_subsystem_dict = dict(parser._sections['TPS']) - # Insert empty record into dictionaries for "pretty print" statements - pkiconfig.pki_common_dict[0] = None - pkiconfig.pki_web_server_dict[0] = None - pkiconfig.pki_subsystem_dict[0] = None - except ConfigParser.ParsingError, err: - rv = err - return rv - diff --git a/pki/base/deploy/src/scriptlets/pkilogging.py b/pki/base/deploy/src/scriptlets/pkilogging.py deleted file mode 100644 index 776677cfd..000000000 --- a/pki/base/deploy/src/scriptlets/pkilogging.py +++ /dev/null @@ -1,46 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import logging -import os - - -# PKI Deployment Logging Functions -def enable_pki_logger(log_dir, log_name, log_level, console_log_level, logger): - if not os.path.isdir(log_dir): - try: - os.makedirs(log_dir) - except OSError: - return OSError - logging.basicConfig(level=log_level, - format='%(asctime)s %(name)-12s ' +\ - '%(levelname)-8s %(message)s', - datefmt='%Y-%m-%d %H:%M:%S', - filename=log_dir + "/" + log_name, - filemode='w') - console = logging.StreamHandler() - console.setLevel(console_log_level) - formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s') - console.setFormatter(formatter) - logging.getLogger('').addHandler(console) - return logging.getLogger(logger) - diff --git a/pki/base/deploy/src/scriptlets/pkimessages.py b/pki/base/deploy/src/scriptlets/pkimessages.py deleted file mode 100644 index 0b9d36ce3..000000000 --- a/pki/base/deploy/src/scriptlets/pkimessages.py +++ /dev/null @@ -1,98 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# PKI Deployment Engine Messages -PKI_CUSTOM_APACHE_INSTANCE_1 = "When a custom '%s' subsystem is being "\ - "deployed, the 'instance', 'http_port', and "\ - "'https_port' must ALL be specified!" -PKI_CUSTOM_TOMCAT_INSTANCE_1 = "When a custom '%s' subsystem is being "\ - "deployed, the 'instance', 'http_port', "\ - "'https_port', and 'ajp_port' must ALL be "\ - "specified!" -PKI_CUSTOM_TOMCAT_AJP_PORT_1 = "When a custom '%s' subsystem is being "\ - "deployed, ONLY the 'instance', "\ - "'http_port', and 'https_port' MUST be "\ - "specified; NO 'ajp_port' should be requested!" -PKI_DIRECTORY_ALREADY_EXISTS_1 = "Directory '%s' already exists!" -PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1 = "Directory '%s' already "\ - "exists BUT it is NOT a "\ - "directory!" -PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 = "Directory '%s' is either "\ - "missing or is NOT a directory!" -PKI_FILE_MISSING_OR_NOT_A_FILE_1 = "File '%s' is either missing "\ - "or is NOT a regular file!" -PKI_UNABLE_TO_PARSE_1 = "'Could not parse: '%s'" -PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 = "Could not create log directory '%s'!" -PKI_VERBOSITY_LEVELS_MESSAGE = "Only up to 3 levels of verbosity are supported!" - - -# PKI Deployment 'pkispawn' and 'pkidestroy' Messages -PKIDESTROY_BEGIN_MESSAGE_2 = "BEGIN destroying subsystem '%s' of "\ - "instance '%s' . . ." -PKIDESTROY_END_MESSAGE_2 = "END destroying subsystem '%s' of "\ - "instance '%s'." -PKIRESPAWN_BEGIN_MESSAGE_2 = "BEGIN respawning subsystem '%s' of "\ - "instance '%s' . . ." -PKIRESPAWN_END_MESSAGE_2 = "END respawning subsystem '%s' of "\ - "instance '%s'." -PKISPAWN_BEGIN_MESSAGE_2 = "BEGIN spawning subsystem '%s' of "\ - "instance '%s' . . ." -PKISPAWN_END_MESSAGE_2 = "END spawning subsystem '%s' of "\ - "instance '%s'." - - -PKI_DIRECTORY_ALREADY_EXISTS_1 = "Directory '%s' already exists!" -PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1 = "Directory '%s' already "\ - "exists BUT it is NOT a "\ - "directory!" -PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 = "Directory '%s' is either "\ - "missing or is NOT a directory!" -PKI_FILE_MISSING_OR_NOT_A_FILE_1 = "File '%s' is either missing "\ - "or is NOT a regular file!" -PKI_UNABLE_TO_PARSE_1 = "'Could not parse: '%s'" -PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 = "Could not create log directory '%s'!" -PKI_VERBOSITY_LEVELS_MESSAGE = "Only up to 3 levels of verbosity are supported!" - - -# PKI Deployment 'pkispawn' and 'pkidestroy' Messages -PKIDESTROY_BEGIN_MESSAGE_2 = "BEGIN destroying subsystem '%s' of "\ - "instance '%s' . . ." -PKIDESTROY_END_MESSAGE_2 = "END destroying subsystem '%s' of "\ - "instance '%s'." -PKIRESPAWN_BEGIN_MESSAGE_2 = "BEGIN respawning subsystem '%s' of "\ - "instance '%s' . . ." -PKIRESPAWN_END_MESSAGE_2 = "END respawning subsystem '%s' of "\ - "instance '%s'." -PKISPAWN_BEGIN_MESSAGE_2 = "BEGIN spawning subsystem '%s' of "\ - "instance '%s' . . ." -PKISPAWN_END_MESSAGE_2 = "END spawning subsystem '%s' of "\ - "instance '%s'." - - -# PKI Deployment "Scriptlet" Messages -INSTANCE_DESTROY_1 = " depopulating '%s'" -INSTANCE_RESPAWN_1 = " repopulating '%s'" -INSTANCE_SPAWN_1 = " populating '%s'" -INSTANCE_SPAWN_MKDIR_1 = " mkdir '%s'" -SECURITY_DATABASES_DESTROY_1 = " removing '%s'" -SECURITY_DATABASES_RESPAWN_1 = " regenerating '%s'" -SECURITY_DATABASES_SPAWN_1 = " generating '%s'" - diff --git a/pki/base/deploy/src/scriptlets/pkiscriptlet.py b/pki/base/deploy/src/scriptlets/pkiscriptlet.py deleted file mode 100644 index a66b6b8e2..000000000 --- a/pki/base/deploy/src/scriptlets/pkiscriptlet.py +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import abc - - -# PKI Deployment Classes -class AbstractBasePkiScriptlet(object): - __metaclass__ = abc.ABCMeta - - @abc.abstractmethod - def spawn(self): - """Retrieve data from the specified dictionaries and - use it to install a new PKI instance.""" - return - - @abc.abstractmethod - def respawn(self): - """Retrieve data from the specified dictionaries and - use it to update an existing PKI instance.""" - return - - @abc.abstractmethod - def destroy(self): - """Retrieve data from the specified dictionaries and - use it to destroy an existing PKI instance.""" - return - diff --git a/pki/base/deploy/src/scriptlets/security_databases.py b/pki/base/deploy/src/scriptlets/security_databases.py deleted file mode 100644 index ce67256e7..000000000 --- a/pki/base/deploy/src/scriptlets/security_databases.py +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import os - -# PKI Deployment Imports -import pkiconfig -import pkimessages as log -import pkiscriptlet - - -# PKI Deployment Security Database Classes -class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): - rv = 0 - pki_path = pkiconfig.pki_root_prefix +\ - pkiconfig.pki_common_dict['pki_instance_root'] - pki_instance_path = pki_path + "/" +\ - pkiconfig.pki_common_dict['pki_instance_name'] - pki_subsystem_path = pki_instance_path + "/" +\ - pkiconfig.pki_subsystem_dict['pki_subsystem'].lower() - pki_database_path = pki_subsystem_path + "/" +\ - pkiconfig.PKI_SECURITY_DATABASE_DIR - - def spawn(self): - if not os.path.exists(self.pki_database_path): - pkiconfig.pki_log.info(log.SECURITY_DATABASES_SPAWN_1, __name__) - elif not os.path.isdir(self.pki_database_path): - pkiconfig.pki_log.error( - log.PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1, - self.pki_database_path) - self.rv = -1 - else: - pkiconfig.pki_log.error(log.PKI_DIRECTORY_ALREADY_EXISTS_1, - self.pki_database_path) - self.rv = -1 - return self.rv - - def respawn(self): - if not os.path.exists(self.pki_database_path) or\ - not os.path.isdir(self.pki_database_path): - pkiconfig.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_database_path) - self.rv = -1 - else: - pkiconfig.pki_log.info(log.SECURITY_DATABASES_RESPAWN_1, __name__) - return self.rv - - def destroy(self): - if not os.path.exists(self.pki_database_path) or\ - not os.path.isdir(self.pki_database_path): - pkiconfig.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_database_path) - self.rv = -1 - else: - pkiconfig.pki_log.info(log.SECURITY_DATABASES_DESTROY_1, __name__) - return self.rv - diff --git a/pki/scripts/compose_pki_core_packages b/pki/scripts/compose_pki_core_packages index 8e8395180..f45c691ce 100755 --- a/pki/scripts/compose_pki_core_packages +++ b/pki/scripts/compose_pki_core_packages @@ -39,7 +39,7 @@ PKI_CORE_VERSION="10.0.0.a1" ## PKI_SPECS_FILE="${PKI_DIR}/specs/${PKI_CORE}.spec" -PKI_COMPONENT_LIST="test deploy setup symkey native-tools util java-tools common selinux ca kra ocsp tks silent" +PKI_COMPONENT_LIST="test setup symkey native-tools util java-tools common selinux ca kra ocsp tks silent" ## diff --git a/pki/specs/pki-core.spec b/pki/specs/pki-core.spec index c828fdcda..6e19c008a 100644 --- a/pki/specs/pki-core.spec +++ b/pki/specs/pki-core.spec @@ -5,13 +5,6 @@ # also need the relprefix field for a pre-release e.g. .0 - also comment out for official release %global relprefix 0. -%if ! (0%{?fedora} > 12 || 0%{?rhel} > 5) -%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from -distutils.sysconfig import get_python_lib; print(get_python_lib())")} -%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from -distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} -%endif - Name: pki-core Version: 10.0.0 Release: %{?relprefix}7%{?prerel}%{?dist} @@ -103,17 +96,6 @@ to manage enterprise Public Key Infrastructure (PKI) deployments. \ \ PKI Core contains ALL top-level java-based Tomcat PKI components: \ \ - * pki-deploy \ - * pki-setup \ - * pki-symkey \ - * pki-native-tools \ - * pki-util \ - * pki-util-javadoc \ - * pki-java-tools \ - * pki-java-tools-javadoc \ - * pki-common \ - * pki-common-javadoc \ - * pki-selinux \ * pki-ca \ * pki-kra \ * pki-ocsp \ @@ -161,20 +143,6 @@ ONLY ONE of the following "Mutually-Exclusive" PKI Theme packages: \ %description %{overview} -%package -n pki-deploy -Summary: Certificate System - PKI Instance Deployment Scripts -Group: System Environment/Base - -BuildArch: noarch - -%description -n pki-deploy -PKI deployment scripts are used to create and remove instances from PKI deployments. - -This package is a part of the PKI Core used by the Certificate System. - -%{overview} - - %package -n pki-setup Summary: Certificate System - PKI Instance Creation & Removal Scripts Group: System Environment/Base @@ -344,7 +312,6 @@ Requires: javassist Requires: jettison Requires: pki-common-theme >= 9.0.0 Requires: pki-java-tools = %{version}-%{release} -Requires: pki-deploy = %{version}-%{release} Requires: pki-setup = %{version}-%{release} Requires: %{_javadir}/ldapjdk.jar Requires: %{_javadir}/velocity.jar @@ -1023,40 +990,6 @@ fi %endif -%files -n pki-deploy -%defattr(-,root,root,-) -%doc base/deploy/LICENSE -%{_bindir}/pkispawn -%{_bindir}/pkidestroy -#%{_bindir}/pki-setup-proxy -%dir %{python_sitelib}/pki -%{python_sitelib}/pki/_* -%{python_sitelib}/pki/deployment/ -%dir %{_datadir}/pki -%dir %{_datadir}/pki/deployment -%{_datadir}/pki/deployment/config/ -%dir %{_datadir}/pki/deployment/spawn -%{_datadir}/pki/deployment/spawn/ca/ -%{_datadir}/pki/deployment/spawn/kra/ -%{_datadir}/pki/deployment/spawn/ocsp/ -%{_datadir}/pki/deployment/spawn/ra/ -%{_datadir}/pki/deployment/spawn/tks/ -%{_datadir}/pki/deployment/spawn/tps/ -%dir %{_datadir}/pki/deployment/destroy -%{_datadir}/pki/deployment/destroy/ca/ -%{_datadir}/pki/deployment/destroy/kra/ -%{_datadir}/pki/deployment/destroy/ocsp/ -%{_datadir}/pki/deployment/destroy/ra/ -%{_datadir}/pki/deployment/destroy/tks/ -%{_datadir}/pki/deployment/destroy/tps/ -#%dir %{_localstatedir}/lock/pki -#%dir %{_localstatedir}/run/pki -#%if 0%{?fedora} >= 16 -#%{_bindir}/pkicontrol -#%endif -#%{_javadir}/resteasy-jettison-provider-2.3-RC1.jar - - %files -n pki-setup %defattr(-,root,root,-) %doc base/setup/LICENSE |