diff options
| -rw-r--r-- | base/ca/src/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | base/common/shared/conf/pki.policy | 30 | ||||
| -rw-r--r-- | base/common/shared/conf/tomcat.conf | 7 | ||||
| -rw-r--r-- | base/common/src/CMakeLists.txt | 9 | ||||
| -rw-r--r-- | base/deploy/CMakeLists.txt | 13 | ||||
| -rw-r--r-- | base/deploy/etc/pki.conf | 2 | ||||
| -rw-r--r-- | base/deploy/scripts/operations | 21 | ||||
| -rw-r--r-- | base/deploy/src/scriptlets/configuration.py | 4 | ||||
| -rw-r--r-- | base/deploy/src/scriptlets/pkiconfig.py | 14 | ||||
| -rw-r--r-- | base/deploy/src/scriptlets/pkihelper.py | 58 | ||||
| -rw-r--r-- | base/deploy/src/scriptlets/pkijython.py | 81 | ||||
| -rw-r--r-- | base/deploy/src/scriptlets/pkimessages.py | 3 | ||||
| -rw-r--r-- | base/deploy/src/scriptlets/pkiparser.py | 17 | ||||
| -rwxr-xr-x | base/java-tools/pki | 11 | ||||
| -rw-r--r-- | base/java-tools/src/CMakeLists.txt | 9 | ||||
| -rw-r--r-- | base/kra/src/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | base/ocsp/src/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | base/setup/scripts/functions | 6 | ||||
| -rw-r--r-- | base/tks/src/CMakeLists.txt | 3 | ||||
| -rw-r--r-- | specs/pki-core.spec | 23 |
20 files changed, 132 insertions, 188 deletions
diff --git a/base/ca/src/CMakeLists.txt b/base/ca/src/CMakeLists.txt index aa19cc42b..e5ef9e530 100644 --- a/base/ca/src/CMakeLists.txt +++ b/base/ca/src/CMakeLists.txt @@ -28,8 +28,7 @@ find_file(JAXRS_API_JAR NAMES jaxrs-api.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) # build pki-ca diff --git a/base/common/shared/conf/pki.policy b/base/common/shared/conf/pki.policy index b9d79fe58..4ae2de734 100644 --- a/base/common/shared/conf/pki.policy +++ b/base/common/shared/conf/pki.policy @@ -106,43 +106,23 @@ grant codeBase "file:/usr/share/java/log4j.jar" { permission java.security.AllPermission; }; -grant codeBase "file:/usr/share/java/resteasy/jaxrs-api.jar" { +grant codeBase "file:${RESTEASY_LIB}/jaxrs-api.jar" { permission java.security.AllPermission; }; -grant codeBase "file:/usr/share/java/resteasy/resteasy-atom-provider.jar" { +grant codeBase "file:${RESTEASY_LIB}/resteasy-atom-provider.jar" { permission java.security.AllPermission; }; -grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxb-provider.jar" { +grant codeBase "file:${RESTEASY_LIB}/resteasy-jaxb-provider.jar" { permission java.security.AllPermission; }; -grant codeBase "file:/usr/share/java/resteasy/resteasy-jaxrs.jar" { +grant codeBase "file:${RESTEASY_LIB}/resteasy-jaxrs.jar" { permission java.security.AllPermission; }; -grant codeBase "file:/usr/share/java/resteasy/resteasy-jettison-provider.jar" { - permission java.security.AllPermission; -}; - -grant codeBase "file:/usr/share/java/resteasy-base/jaxrs-api.jar" { - permission java.security.AllPermission; -}; - -grant codeBase "file:/usr/share/java/resteasy-base/resteasy-atom-provider.jar" { - permission java.security.AllPermission; -}; - -grant codeBase "file:/usr/share/java/resteasy-base/resteasy-jaxb-provider.jar" { - permission java.security.AllPermission; -}; - -grant codeBase "file:/usr/share/java/resteasy-base/resteasy-jaxrs.jar" { - permission java.security.AllPermission; -}; - -grant codeBase "file:/usr/share/java/resteasy-base/resteasy-jettison-provider.jar" { +grant codeBase "file:${RESTEASY_LIB}/resteasy-jettison-provider.jar" { permission java.security.AllPermission; }; diff --git a/base/common/shared/conf/tomcat.conf b/base/common/shared/conf/tomcat.conf index 54d67e4b4..7b8f87cb5 100644 --- a/base/common/shared/conf/tomcat.conf +++ b/base/common/shared/conf/tomcat.conf @@ -14,6 +14,10 @@ # (see, for instance, /etc/sysconfig/tomcat) # +if [ -f /etc/pki/pki.conf ] ; then + . /etc/pki/pki.conf +fi + # Where your java installation lives #JAVA_HOME="/usr/lib/jvm/jre" @@ -32,6 +36,9 @@ CATALINA_TMPDIR=[PKI_TMPDIR] # Enable the following JAVA_OPTS to run a java debugger (e. g. - 'eclipse') #JAVA_OPTS="-Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n -Djava.awt.headless=true -Xmx128M" +# RESTEasy +JAVA_OPTS="$JAVA_OPTS -DRESTEASY_LIB=${RESTEASY_LIB}" + # What user should run tomcat TOMCAT_USER="[PKI_USER]" diff --git a/base/common/src/CMakeLists.txt b/base/common/src/CMakeLists.txt index e21f13ce6..c010bedfe 100644 --- a/base/common/src/CMakeLists.txt +++ b/base/common/src/CMakeLists.txt @@ -87,24 +87,21 @@ find_file(JAXRS_API_JAR NAMES jaxrs-api.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) find_file(RESTEASY_JAXRS_JAR NAMES resteasy-jaxrs.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) find_file(RESTEASY_ATOM_PROVIDER_JAR NAMES resteasy-atom-provider.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) find_file(HTTPCLIENT_JAR diff --git a/base/deploy/CMakeLists.txt b/base/deploy/CMakeLists.txt index d63176f1a..3b1d9f583 100644 --- a/base/deploy/CMakeLists.txt +++ b/base/deploy/CMakeLists.txt @@ -67,6 +67,19 @@ install( etc/ DESTINATION ${SYSCONF_INSTALL_DIR}/pki + PATTERN "pki.conf" EXCLUDE +) + +configure_file( + ${CMAKE_CURRENT_SOURCE_DIR}/etc/pki.conf + ${CMAKE_CURRENT_BINARY_DIR}/etc/pki.conf +) + +install( + FILES + ${CMAKE_CURRENT_BINARY_DIR}/etc/pki.conf + DESTINATION + ${SYSCONF_INSTALL_DIR}/pki/ ) find_package(PythonInterp REQUIRED) diff --git a/base/deploy/etc/pki.conf b/base/deploy/etc/pki.conf new file mode 100644 index 000000000..3e5a5e154 --- /dev/null +++ b/base/deploy/etc/pki.conf @@ -0,0 +1,2 @@ +# RESTEasy library +RESTEASY_LIB=${RESTEASY_LIB} diff --git a/base/deploy/scripts/operations b/base/deploy/scripts/operations index 0a768fb1b..336f847e6 100644 --- a/base/deploy/scripts/operations +++ b/base/deploy/scripts/operations @@ -30,6 +30,10 @@ # 200-254 reserved # +if [ -f /etc/pki/pki.conf ] ; then + . /etc/pki/pki.conf +fi + # PKI subsystem-level directory and file values for locks lockfile="/var/lock/subsys/${SERVICE_NAME}" @@ -945,13 +949,6 @@ verify_symlinks() pki_systemd_service="pki-${PKI_WEB_SERVER_TYPE}d@.service" systemd_dir="/lib/systemd/system" - grep "Red Hat Enterprise Linux" /etc/redhat-release - if [ $? == 0 ]; then - resteasy_java_dir="/usr/share/java/resteasy-base" - else - resteasy_java_dir="/usr/share/java/resteasy" - fi - # Dogtag 10 Symbolic Link Variables pki_common_jar_dir="${PKI_INSTANCE_PATH}/common/lib" pki_registry_dir="/etc/sysconfig/pki/${PKI_WEB_SERVER_TYPE}/${PKI_INSTANCE_ID}" @@ -1053,15 +1050,15 @@ verify_symlinks() [httpclient.jar]=${java_dir}/httpcomponents/httpclient.jar [httpcore.jar]=${java_dir}/httpcomponents/httpcore.jar [javassist.jar]=${java_dir}/javassist.jar - [jaxrs-api.jar]=${resteasy_java_dir}/jaxrs-api.jar + [jaxrs-api.jar]=${RESTEASY_LIB}/jaxrs-api.jar [jettison.jar]=${java_dir}/jettison.jar [jss4.jar]=${jni_dir}/jss4.jar [ldapjdk.jar]=${java_dir}/ldapjdk.jar [pki-tomcat.jar]=${java_dir}/pki/pki-tomcat.jar - [resteasy-atom-provider.jar]=${resteasy_java_dir}/resteasy-atom-provider.jar - [resteasy-jaxb-provider.jar]=${resteasy_java_dir}/resteasy-jaxb-provider.jar - [resteasy-jaxrs.jar]=${resteasy_java_dir}/resteasy-jaxrs.jar - [resteasy-jettison-provider.jar]=${resteasy_java_dir}/resteasy-jettison-provider.jar + [resteasy-atom-provider.jar]=${RESTEASY_LIB}/resteasy-atom-provider.jar + [resteasy-jaxb-provider.jar]=${RESTEASY_LIB}/resteasy-jaxb-provider.jar + [resteasy-jaxrs.jar]=${RESTEASY_LIB}/resteasy-jaxrs.jar + [resteasy-jettison-provider.jar]=${RESTEASY_LIB}/resteasy-jettison-provider.jar [scannotation.jar]=${java_dir}/scannotation.jar [tomcatjss.jar]=${java_dir}/tomcat7jss.jar [velocity.jar]=${java_dir}/velocity.jar diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py index 16b63122f..d105590a2 100644 --- a/base/deploy/src/scriptlets/configuration.py +++ b/base/deploy/src/scriptlets/configuration.py @@ -92,7 +92,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): util.systemd.restart() # Pass control to the Java servlet via Jython 2.2 'configuration.jy' - util.jython.invoke(master['pki_jython_configuration_scriptlet']) + util.jython.invoke( + master['pki_jython_configuration_scriptlet'], + master['RESTEASY_LIB']) return self.rv def respawn(self): diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py index 4bbf92e91..7b20e474a 100644 --- a/base/deploy/src/scriptlets/pkiconfig.py +++ b/base/deploy/src/scriptlets/pkiconfig.py @@ -20,16 +20,6 @@ # import re -def is_rhel(): - try: - f = open("/etc/redhat-release") - for line in f: - if re.search("Red Hat Enterprise Linux", line): - return True - except IOError, e: - pass - return False - # PKI Deployment Constants PKI_DEPLOYMENT_DEFAULT_CLIENT_DIR_PERMISSIONS = 00755 PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS = 00770 @@ -71,10 +61,6 @@ PKI_DEPLOYMENT_JAR_SOURCE_ROOT = "/usr/share/java" PKI_DEPLOYMENT_HTTPCOMPONENTS_JAR_SOURCE_ROOT = "/usr/share/java/httpcomponents" PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT = "/usr/share/java/pki" -PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT = "/usr/share/java/resteasy" -if is_rhel(): - PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT = "/usr/share/java/resteasy-base" - PKI_DEPLOYMENT_SOURCE_ROOT = "/usr/share/pki" PKI_DEPLOYMENT_SYSTEMD_ROOT = "/lib/systemd/system" PKI_DEPLOYMENT_SYSTEMD_CONFIGURATION_ROOT = "/etc/systemd/system" diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py index 5d89a1201..1eb7b51e6 100644 --- a/base/deploy/src/scriptlets/pkihelper.py +++ b/base/deploy/src/scriptlets/pkihelper.py @@ -2522,33 +2522,63 @@ class systemd: # PKI Deployment 'jython' Class class jython: - def invoke(self, scriptlet, critical_failure=True): + def invoke(self, scriptlet, resteasy_lib, critical_failure=True): try: + # JSS JNI Jars + # + # NOTE: Always load 64-bit JNI 'jss4.jar' + # PRIOR to 32-bit JNI 'jss4.jar' + # + classpath = "/usr/lib64/java/jss4.jar" +\ + ":/usr/lib/java/jss4.jar" +\ + ":/usr/share/java/httpcomponents/httpclient.jar" +\ + ":/usr/share/java/httpcomponents/httpcore.jar" +\ + ":/usr/share/java/apache-commons-cli.jar" +\ + ":/usr/share/java/apache-commons-codec.jar" +\ + ":/usr/share/java/apache-commons-logging.jar" +\ + ":/usr/share/java/istack-commons-runtime.jar" +\ + ":/usr/share/java/glassfish-jaxb/jaxb-impl.jar" +\ + ":/usr/share/java/scannotation.jar" + + # RESTEasy Jars + classpath = classpath +\ + ":" + resteasy_lib + "/jaxrs-api.jar" +\ + ":" + resteasy_lib + "/resteasy-atom-provider.jar" +\ + ":" + resteasy_lib + "/resteasy-jaxb-provider.jar" +\ + ":" + resteasy_lib + "/resteasy-jaxrs.jar" +\ + ":" + resteasy_lib + "/resteasy-jettison-provider.jar" + + # PKI Jars + classpath = classpath +\ + ":/usr/share/java/pki/pki-certsrv.jar" +\ + ":/usr/share/java/pki/pki-client.jar" +\ + ":/usr/share/java/pki/pki-cmsutil.jar" +\ + ":/usr/share/java/pki/pki-nsutil.jar" + + properties = "" + # From 'http://www.jython.org/archive/22/userfaq.html': # Setting this to false will allow Jython to provide access to # non-public fields, methods, and constructors of Java objects. - property = "-Dpython.security.respectJavaAccessibility=false" - # comment the next line out to use the "property" defined above - property = "" + # properties = properties + " -Dpython.security.respectJavaAccessibility=false" + # Compose this "jython" command data = pickle.dumps(master) - ld_library_path = "LD_LIBRARY_PATH" if master['pki_architecture'] == 64: - ld_library_path = ld_library_path + "=" +\ - "/usr/lib64/jss:/usr/lib64:/lib64:" +\ + ld_library_path = "/usr/lib64/jss:/usr/lib64:/lib64:" +\ "/usr/lib/jss:/usr/lib:/lib" else: - ld_library_path = ld_library_path + "=" +\ - "/usr/lib/jss:/usr/lib:/lib" - command = "export" + " " + ld_library_path + ";" + "jython" + " " +\ - property + " " + scriptlet + " " + "\"" + data + "\"" + ld_library_path = "/usr/lib/jss:/usr/lib:/lib" + command = "export LD_LIBRARY_PATH=" + ld_library_path +\ + ";export CLASSPATH=" + classpath +\ + ";jython " + properties + " " + scriptlet # Display this "jython" command config.pki_log.info( - log.PKIHELPER_INVOKE_JYTHON_3, - ld_library_path, property, scriptlet, + log.PKIHELPER_INVOKE_JYTHON_1, + command, extra=config.PKI_INDENTATION_LEVEL_2) # Invoke this "jython" command - subprocess.call(command, shell=True) + subprocess.call(command + " \"" + data + "\"", shell=True) except subprocess.CalledProcessError as exc: config.pki_log.error(log.PKI_SUBPROCESS_ERROR_1, exc, extra=config.PKI_INDENTATION_LEVEL_2) diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index b832abac8..e6a4a915e 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -35,89 +35,10 @@ pki_python_module_path = os.path.join(sys.prefix, sys.path.append(pki_python_module_path) -# http://www.jython.org/jythonbook/en/1.0/appendixB.html#working-with-classpath -############################################################################### -# from http://forum.java.sun.com/thread.jspa?threadID=300557 -# -# Author: SG Langer Jan 2007 translated the above Java to this Jython class -# Purpose: Allow runtime additions of new Class/jars either from local files -# or URL -############################################################################### -class classPathHacker: - import java.lang.reflect.Method - import java.io.File - import java.net.URL - import java.net.URLClassLoader - import jarray - - def addFile(self, s): - ################################################## - # Purpose: If adding a file/jar call this first - # with s = path_to_jar - ################################################## - - # make a URL out of 's' - f = self.java.io.File (s) - u = f.toURL () - a = self.addURL (u) - return a - - def addURL(self, u): - ########################################### - # Purpose: Call this with u= URL for the - # new Class/jar to be loaded - ########################################### - - parameters = self.jarray.array([self.java.net.URL], - self.java.lang.Class) - sysloader = self.java.lang.ClassLoader.getSystemClassLoader() - sysclass = self.java.net.URLClassLoader - method = sysclass.getDeclaredMethod("addURL", parameters) - a = method.setAccessible(1) - jar_a = self.jarray.array([u], self.java.lang.Object) - b = method.invoke(sysloader, jar_a) - return u - # PKI Python Imports import pkiconfig as config import pkimessages as log -# Dynamically Load Additional Java Jars ('append' to existing classpath) -jarLoad = classPathHacker() -# Webserver Jars -jarLoad.addFile("/usr/share/java/httpcomponents/httpclient.jar") -jarLoad.addFile("/usr/share/java/httpcomponents/httpcore.jar") -jarLoad.addFile("/usr/share/java/apache-commons-cli.jar") -jarLoad.addFile("/usr/share/java/apache-commons-codec.jar") -jarLoad.addFile("/usr/share/java/apache-commons-logging.jar") -jarLoad.addFile("/usr/share/java/istack-commons-runtime.jar") - -# Resteasy Jars -RESTEASY_ROOT = "resteasy" -if config.is_rhel(): - RESTEASY_ROOT = "resteasy-base" - -jarLoad.addFile("/usr/share/java/glassfish-jaxb/jaxb-impl.jar") -jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/jaxrs-api.jar") -jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-atom-provider.jar") -jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jaxb-provider.jar") -jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jaxrs.jar") -jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jettison-provider.jar") -jarLoad.addFile("/usr/share/java/scannotation.jar") -# PKI Jars -jarLoad.addFile("/usr/share/java/pki/pki-certsrv.jar") -jarLoad.addFile("/usr/share/java/pki/pki-client.jar") -jarLoad.addFile("/usr/share/java/pki/pki-cmsutil.jar") -jarLoad.addFile("/usr/share/java/pki/pki-nsutil.jar") -# JSS JNI Jars -# -# NOTE: Always load 64-bit JNI 'jss4.jar' -# PRIOR to 32-bit JNI 'jss4.jar' -# -jarLoad.addFile("/usr/lib64/java/jss4.jar") -jarLoad.addFile("/usr/lib/java/jss4.jar") - - # Apache Commons Java Imports from org.apache.commons.cli import CommandLine from org.apache.commons.cli import CommandLineParser @@ -126,7 +47,6 @@ from org.apache.commons.cli import Options from org.apache.commons.cli import ParseException from org.apache.commons.cli import PosixParser - # JSS Java Imports from org.mozilla.jss import CryptoManager from org.mozilla.jss.asn1 import ASN1Util @@ -148,7 +68,6 @@ from org.mozilla.jss.pkix.primitive import Name from org.mozilla.jss.pkix.primitive import SubjectPublicKeyInfo from org.mozilla.jss.util import Password - # PKI Java Imports from com.netscape.certsrv.system import SystemConfigClient from com.netscape.certsrv.system import SystemCertData diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py index 7b0d02c78..5b1448f65 100644 --- a/base/deploy/src/scriptlets/pkimessages.py +++ b/base/deploy/src/scriptlets/pkimessages.py @@ -189,8 +189,7 @@ PKIHELPER_GROUP_ADD_GID_KEYERROR_1 = "KeyError: pki_gid %s" PKIHELPER_GROUP_ADD_KEYERROR_1 = "KeyError: pki_group %s" PKIHELPER_INVALID_SELINUX_CONTEXT_FOR_PORT = "port %s has invalid selinux "\ "context %s" -PKIHELPER_INVOKE_JYTHON_3 = "executing 'export %s;"\ - "jython %s %s <master_dictionary>'" +PKIHELPER_INVOKE_JYTHON_1 = "executing '%s'" PKIHELPER_IS_A_DIRECTORY_1 = "'%s' is a directory" PKIHELPER_IS_A_FILE_1 = "'%s' is a file" PKIHELPER_IS_A_SYMLINK_1 = "'%s' is a symlink" diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py index 0a77a4985..558873ded 100644 --- a/base/deploy/src/scriptlets/pkiparser.py +++ b/base/deploy/src/scriptlets/pkiparser.py @@ -26,6 +26,7 @@ import logging import os import random import string +import subprocess import sys import time @@ -270,6 +271,12 @@ class PKIConfigParser: config.pki_master_dict.update(config.pki_subsystem_dict) config.pki_master_dict.update(__name__="PKI Master Dictionary") + # RESTEasy + config.pki_master_dict['RESTEASY_LIB'] =\ + subprocess.check_output( + 'source /etc/pki/pki.conf && echo $RESTEASY_LIB', + shell=True).strip() + # IMPORTANT: A "PKI instance" no longer corresponds to a single # pki subystem, but rather to a unique # "Tomcat web instance" or a unique "Apache web instance". @@ -618,7 +625,7 @@ class PKIConfigParser: os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT, "javassist.jar") config.pki_master_dict['pki_resteasy_jaxrs_api_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT, + os.path.join(config.pki_master_dict['RESTEASY_LIB'], "jaxrs-api.jar") config.pki_master_dict['pki_jettison_jar'] =\ os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT, @@ -648,16 +655,16 @@ class PKIConfigParser: os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT, "pki-tomcat.jar") config.pki_master_dict['pki_resteasy_atom_provider_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT, + os.path.join(config.pki_master_dict['RESTEASY_LIB'], "resteasy-atom-provider.jar") config.pki_master_dict['pki_resteasy_jaxb_provider_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT, + os.path.join(config.pki_master_dict['RESTEASY_LIB'], "resteasy-jaxb-provider.jar") config.pki_master_dict['pki_resteasy_jaxrs_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT, + os.path.join(config.pki_master_dict['RESTEASY_LIB'], "resteasy-jaxrs.jar") config.pki_master_dict['pki_resteasy_jettison_provider_jar'] =\ - os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT, + os.path.join(config.pki_master_dict['RESTEASY_LIB'], "resteasy-jettison-provider.jar") config.pki_master_dict['pki_scannotation_jar'] =\ os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT, diff --git a/base/java-tools/pki b/base/java-tools/pki index e465fa926..07194c9ed 100755 --- a/base/java-tools/pki +++ b/base/java-tools/pki @@ -71,6 +71,9 @@ if( $ARCHITECTURE eq "i386" ) { ## order this command wrapper uses to find jar files. ## ############################################################################### +my $RESTEASY_LIB = `source /etc/pki/pki.conf && echo \$RESTEASY_LIB`; +chomp($RESTEASY_LIB); + $ENV{CLASSPATH} = "/usr/share/java/${PRODUCT}/pki-certsrv.jar:" . "/usr/share/java/${PRODUCT}/pki-nsutil.jar:" . "/usr/share/java/${PRODUCT}/pki-tools.jar:" @@ -82,10 +85,10 @@ $ENV{CLASSPATH} = "/usr/share/java/${PRODUCT}/pki-certsrv.jar:" . "/usr/share/java/httpcomponents/httpclient.jar:" . "/usr/share/java/httpcomponents/httpcore.jar:" . "/usr/share/java/jaxb-api.jar:" - . "/usr/share/java/resteasy/jaxrs-api.jar:" - . "/usr/share/java/resteasy/resteasy-atom-provider.jar:" - . "/usr/share/java/resteasy/resteasy-jaxb-provider.jar:" - . "/usr/share/java/resteasy/resteasy-jaxrs.jar:" + . "${RESTEASY_LIB}/jaxrs-api.jar:" + . "${RESTEASY_LIB}/resteasy-atom-provider.jar:" + . "${RESTEASY_LIB}/resteasy-jaxb-provider.jar:" + . "${RESTEASY_LIB}/resteasy-jaxrs.jar:" . "/usr/share/java/servlet.jar:"; if( $ARCHITECTURE eq "x86_64" ) { diff --git a/base/java-tools/src/CMakeLists.txt b/base/java-tools/src/CMakeLists.txt index 96aae5c30..6ea69cae9 100644 --- a/base/java-tools/src/CMakeLists.txt +++ b/base/java-tools/src/CMakeLists.txt @@ -49,24 +49,21 @@ find_file(JAXRS_API_JAR NAMES jaxrs-api.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) find_file(RESTEASY_JAXRS_JAR NAMES resteasy-jaxrs.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) find_file(RESTEASY_ATOM_PROVIDER_JAR NAMES resteasy-atom-provider.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) find_file(HTTPCLIENT_JAR diff --git a/base/kra/src/CMakeLists.txt b/base/kra/src/CMakeLists.txt index d9ab25cd2..99088ce06 100644 --- a/base/kra/src/CMakeLists.txt +++ b/base/kra/src/CMakeLists.txt @@ -50,8 +50,7 @@ find_file(JAXRS_API_JAR NAMES jaxrs-api.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) # '${JAVA_LIB_INSTALL_DIR}' jars diff --git a/base/ocsp/src/CMakeLists.txt b/base/ocsp/src/CMakeLists.txt index 39468cadd..d3bdf0ed2 100644 --- a/base/ocsp/src/CMakeLists.txt +++ b/base/ocsp/src/CMakeLists.txt @@ -50,8 +50,7 @@ find_file(JAXRS_API_JAR NAMES jaxrs-api.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) # '${JAVA_LIB_INSTALL_DIR}' jars diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions index 058022efc..3f7f9553d 100644 --- a/base/setup/scripts/functions +++ b/base/setup/scripts/functions @@ -30,6 +30,10 @@ # 200-254 reserved # +if [ -f /etc/pki/pki.conf ] ; then + . /etc/pki/pki.conf +fi + # PKI subsystem-level directory and file values for locks lockfile="/var/lock/subsys/${SERVICE_NAME}" @@ -980,7 +984,7 @@ verify_symlinks() [xml-commons-apis.jar]=/usr/share/java/xml-commons-apis.jar [xml-commons-resolver.jar]=/usr/share/java/xml-commons-resolver.jar # dogtag 9 -> dogtag 10 - [resteasy-jaxrs.jar]=/usr/share/java/resteasy/resteasy-jaxrs.jar) + [resteasy-jaxrs.jar]=${RESTEASY_LIB}/resteasy-jaxrs.jar) if [ "${PKI_SUBSYSTEM_TYPE}" == "tks" ]; then webapps_jar_symlinks[symkey.jar]=${jni_dir}/symkey.jar diff --git a/base/tks/src/CMakeLists.txt b/base/tks/src/CMakeLists.txt index 0ff69ae3c..9d0d3a70a 100644 --- a/base/tks/src/CMakeLists.txt +++ b/base/tks/src/CMakeLists.txt @@ -50,8 +50,7 @@ find_file(JAXRS_API_JAR NAMES jaxrs-api.jar PATHS - /usr/share/java/resteasy - /usr/share/java/resteasy-base + ${RESTEASY_LIB} ) diff --git a/specs/pki-core.spec b/specs/pki-core.spec index 8c3c7913e..f7481548c 100644 --- a/specs/pki-core.spec +++ b/specs/pki-core.spec @@ -14,7 +14,7 @@ distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} Name: pki-core Version: 10.0.0 -Release: %{?relprefix}54%{?prerel}%{?dist} +Release: %{?relprefix}55%{?prerel}%{?dist} Summary: Certificate System - PKI Core Components URL: http://pki.fedoraproject.org/ License: GPLv2 @@ -462,7 +462,6 @@ This package is a part of the PKI Core used by the Certificate System. %clean %{__rm} -rf %{buildroot} - %build %{__mkdir_p} build cd build @@ -471,6 +470,11 @@ cd build -DBUILD_PKI_CORE:BOOL=ON \ -DJAVA_LIB_INSTALL_DIR=%{_jnidir} \ -DSYSTEMD_LIB_INSTALL_DIR=%{_unitdir} \ +%if 0%{?rhel} + -DRESTEASY_LIB=/usr/share/java/resteasy-base \ +%else + -DRESTEASY_LIB=/usr/share/java/resteasy \ +%endif %{?_without_javadoc:-DWITH_JAVADOC:BOOL=OFF} \ %if ! 0%{?rhel} && 0%{?fedora} <= 17 -DBUILD_PKI_SELINUX:BOOL=ON \ @@ -809,7 +813,7 @@ fi %files -n pki-server %defattr(-,root,root,-) %doc base/deploy/LICENSE -%{_sysconfdir}/pki/default.cfg +%{_sysconfdir}/pki/ %{_sbindir}/pkispawn %{_sbindir}/pkidestroy #%{_bindir}/pki-setup-proxy @@ -820,6 +824,9 @@ fi %{_datadir}/pki/deployment/config/ %dir %{_datadir}/pki/scripts %{_datadir}/pki/scripts/operations +%{_datadir}/pki/scripts/pkicommon.pm +%{_datadir}/pki/scripts/functions +%{_datadir}/pki/scripts/pki_apache_initscript %dir %{_localstatedir}/lock/pki %dir %{_localstatedir}/run/pki %{_bindir}/pkidaemon @@ -837,13 +844,7 @@ fi %{_bindir}/pkiremove %{_bindir}/pki-setup-proxy %{_bindir}/pkisilent -%dir %{_datadir}/pki/scripts -%{_datadir}/pki/scripts/pkicommon.pm -%{_datadir}/pki/scripts/functions -%{_datadir}/pki/scripts/pki_apache_initscript %{_datadir}/pki/silent/ -%dir %{_localstatedir}/lock/pki -%dir %{_localstatedir}/run/pki %{_bindir}/pkicontrol # Details: @@ -959,6 +960,10 @@ fi %changelog +* Thu Dec 6 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.55.b3 +- Added system-wide configuration /etc/pki/pki.conf. +- Removed redundant lines in %files. + * Tue Dec 4 2012 Endi S. Dewata <edewata@redhat.com> 10.0.0-0.54.b3 - Moved default deployment configuration to /etc/pki. |