diff options
| author | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-06 06:07:30 +0000 |
|---|---|---|
| committer | alee <alee@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> | 2009-03-06 06:07:30 +0000 |
| commit | ed1b927174a2adfe1b54d23086824fb757165552 (patch) | |
| tree | 26e06debe27f1c2e3cb069d2d39a41e62db2f3b3 /pki | |
| parent | 63593cbd20c7d21e5152203ecbbed8a0a1e914a5 (diff) | |
| download | pki-ed1b927174a2adfe1b54d23086824fb757165552.tar.gz pki-ed1b927174a2adfe1b54d23086824fb757165552.tar.xz pki-ed1b927174a2adfe1b54d23086824fb757165552.zip | |
Bugzilla Bug 487871, 488561 - pkiremove cleanup and remove all selinux ports
git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@275 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
Diffstat (limited to 'pki')
| -rw-r--r-- | pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java | 9 | ||||
| -rwxr-xr-x | pki/base/ra/lib/perl/PKI/RA/DonePanel.pm | 5 | ||||
| -rwxr-xr-x | pki/base/setup/pkiremove | 24 | ||||
| -rwxr-xr-x | pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm | 5 |
4 files changed, 34 insertions, 9 deletions
diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java index edd309b97..7603c218f 100644 --- a/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java +++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java @@ -320,6 +320,15 @@ public class DonePanel extends WizardPanelBase { } } + // add service.securityDomainPort to CS.cfg in case pkiremove needs to remove system reference from the security domain + try { + cs.putString("service.securityDomainPort", ownsport); + cs.commit(false); + } catch (Exception e) { + CMS.debug("DonePanel: exception in adding service.securityDomainPort to CS.cfg" + e); + } + + // need to push connector information to the CA if (type.equals("KRA") && !ca_host.equals("")) { try { diff --git a/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm b/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm index 064a0540e..c909f9504 100755 --- a/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm +++ b/pki/base/ra/lib/perl/PKI/RA/DonePanel.pm @@ -96,6 +96,11 @@ sub register_ra &PKI::RA::Wizard::debug_log("DonePanel: Security Domain Info " . $url); + # add service.securityDomainPort to the config file in case pkiremove needs to + # remove system reference from the security domain + $::config->put("service.securityDomainPort", $securePort); + $::config->commit(); + my $uid = "RA-" . $machineName . "-" . $securePort; my $name = "Registration Authority Subsystem"; diff --git a/pki/base/setup/pkiremove b/pki/base/setup/pkiremove index c8cdddd9d..61af2ac33 100755 --- a/pki/base/setup/pkiremove +++ b/pki/base/setup/pkiremove @@ -220,7 +220,7 @@ sub update_domain() foreach my $line (@conf_data) { chomp($line); (my $varname, my $valname) = split(/=/, $line); - if ($varname eq "service.securePort") { $sport = $valname; } + if ($varname eq "service.securityDomainPort") { $sport = $valname; } if ($varname eq "service.non_clientauth_securePort") { $ncsport = $valname; } if ($varname eq "securitydomain.host") { $sechost = $valname; } if ($varname eq "securitydomain.httpsport") { $secport = $valname; } @@ -267,9 +267,13 @@ sub update_domain() srand(time() ^($$ + ($$ <<15))) ; my $p12pw = rand(); - my @args = ("pk12util", "-d", $dbpath, "-o" , - $tempfile, "-n", $subsystemnick , "-K", $intpw, "-W", $p12pw ); - system(@args) == 0 or die "Could not generate pk12 file for client authentication."; + my $errs = `pk12util -d $dbpath -o $tempfile -n "$subsystemnick" -K $intpw -W $p12pw 2>&1`; + if ($? != 0) { + print STDERR $errs; + print $errs; + print STDOUT "\n"; + die "Could not generate pk12 file for client authentication."; + } #update domainXML @@ -413,16 +417,18 @@ sub remove_selinux_ports() $subsystem_type = lc($typeval); if (($typeval eq "CA") || ($typeval eq "KRA") || ($typeval eq "OCSP") || ($typeval eq "TKS")) { - use XML::Simple; - my $config = XMLin($pki_instance_path . "/conf/server.xml") + use XML::LibXML; + my $parser = XML::LibXML->new(); + my $config = $parser->parse_file($pki_instance_path . "/conf/server.xml") or die "Could not read XML from server.xml to determine ports."; + + my $root = $config->getDocumentElement; my $i = 0; - while (defined ( $config->{"Service"}->{"Connector"}[$i]->{'port'} )) { - $ports[$i] = $config->{"Service"}->{"Connector"}[$i]->{'port'}; + foreach my $port ($root->findnodes('//@port')) { + $ports[$i] = $port->getValue(); $i++; } - $ports[$i] = $config->{"port"}; } else { # TPS, RA my $i =0; if (defined $secure_port) { diff --git a/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm b/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm index 796a713d7..27a35c25e 100755 --- a/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm +++ b/pki/base/tps/lib/perl/PKI/TPS/DonePanel.pm @@ -95,6 +95,11 @@ sub register_tps &PKI::TPS::Wizard::debug_log("DonePanel: Security Domain Info " . $url); + # add service.securityDomainPort to the config file in case pkiremove needs to + # remove system reference from the security domain + $::config->put("service.securityDomainPort", $securePort); + $::config->commit(); + my $uid = "TPS-" . $machineName . "-" . $securePort; my $name = "Token Processing Subsystem"; |