summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--base/ra/apache/conf/httpd.conf8
-rw-r--r--base/setup/scripts/functions22
-rw-r--r--base/tps/apache/conf/httpd.conf8
-rw-r--r--base/tps/src/engine/RA.cpp2
4 files changed, 22 insertions, 18 deletions
diff --git a/base/ra/apache/conf/httpd.conf b/base/ra/apache/conf/httpd.conf
index 180c08de0..754dcebee 100644
--- a/base/ra/apache/conf/httpd.conf
+++ b/base/ra/apache/conf/httpd.conf
@@ -130,6 +130,11 @@ MaxRequestsPerChild 0
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
+
+# MPM worker module is a loadable module as of 2.4
+# Module must be loaded before the configuration stanza
+LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
+
<IfModule worker.c>
ServerLimit 1
StartServers 1
@@ -232,9 +237,6 @@ Listen [PORT]
# LoadModule foo_module modules/mod_foo.so
#
-# MPM worker module is a loadable module as of 2.4
-LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
-
LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so
[FORTITUDE_AUTH_MODULES]
# Module for User and Group
diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions
index 308f2ca80..058022efc 100644
--- a/base/setup/scripts/functions
+++ b/base/setup/scripts/functions
@@ -897,6 +897,7 @@ verify_symlinks()
declare -A common_jar_symlinks
declare -A webapps_jar_symlinks
declare -A systemd_symlinks
+ declare -A tus_symlinks
# Dogtag 9 Conditional Variables
if [ ${ARCHITECTURE} == "x86_64" ]; then
@@ -949,6 +950,9 @@ verify_symlinks()
# '${PKI_INSTANCE_PATH}/lib' symlinks
perl_symlinks[perl]=/usr/share/pki/${PKI_SUBSYSTEM_TYPE}/lib/perl
+ # '${PKI_INSTANCE_PATH}/docroot' symlinks
+ tus_symlinks[tus]="${PKI_INSTANCE_PATH}/docroot/tokendb"
+
# '${pki_common_jar_dir}' symlinks
common_jar_symlinks=(
[apache-commons-logging.jar]=/usr/share/java/apache-commons-logging.jar
@@ -1017,20 +1021,16 @@ verify_symlinks()
fi
if [ "${PKI_SUBSYSTEM_TYPE}" == "tps" ]; then
- # ALWAYS recreate this "convenience" link and 'chown' it
- # NOTE: Ignore 'chown' errors.
- cd ${PKI_INSTANCE_PATH}/docroot ;
- ln -s tokendb tus ;
+ # Detect and correct 'tus_symlinks'
+ tus_symlinks_string=$(declare -p tus_symlinks)
+ eval "declare -A symlinks=${tus_symlinks_string#*=}"
+ check_symlinks ${PKI_INSTANCE_PATH}/docroot ${PKI_USER} ${PKI_GROUP}
rv=$?
- if [ $rv -eq 0 ]; then
- chown -h ${PKI_USER}:${PKI_GROUP} tus
- # echo "SUCCESS: Created 'tus' -> 'tokendb'"
- else
- echo "ERROR: Failed to create 'tus' -> 'tokendb' convenience"
- echo " symbolic link for '${PKI_INSTANCE_ID}'!"
- return 1
+ if [ $rv -ne 0 ]; then
+ return $rv
fi
fi
+
elif [ "${PKI_SUBSYSTEM_TYPE}" == "ca" ] ||
[ "${PKI_SUBSYSTEM_TYPE}" == "kra" ] ||
[ "${PKI_SUBSYSTEM_TYPE}" == "ocsp" ] ||
diff --git a/base/tps/apache/conf/httpd.conf b/base/tps/apache/conf/httpd.conf
index a9410849c..bf5864174 100644
--- a/base/tps/apache/conf/httpd.conf
+++ b/base/tps/apache/conf/httpd.conf
@@ -130,6 +130,11 @@ MaxRequestsPerChild 0
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
+
+# MPM worker module is a loadable module as of 2.4
+# Module must be loaded before the configuration stanza
+LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
+
<IfModule worker.c>
ServerLimit 1
StartServers 1
@@ -232,9 +237,6 @@ Listen [PORT]
# LoadModule foo_module modules/mod_foo.so
#
-# MPM worker module is a loadable module as of 2.4
-LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so
-
LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so
[FORTITUDE_AUTH_MODULES]
# Module for User and Group
diff --git a/base/tps/src/engine/RA.cpp b/base/tps/src/engine/RA.cpp
index 436225045..82f53c161 100644
--- a/base/tps/src/engine/RA.cpp
+++ b/base/tps/src/engine/RA.cpp
@@ -3483,7 +3483,7 @@ TPS_PUBLIC bool RA::verifySystemCertByNickname(const char *nickname, const char
*/
TPS_PUBLIC bool RA::verifySystemCerts() {
bool verifyResult = false;
- bool rv = false; /* final return value */
+ bool rv = true; /* final return value */
char configname[256];
char configname_nn[256];
char configname_cu[256];