diff options
| -rw-r--r-- | base/ra/apache/conf/httpd.conf | 8 | ||||
| -rw-r--r-- | base/setup/scripts/functions | 22 | ||||
| -rw-r--r-- | base/tps/apache/conf/httpd.conf | 8 | ||||
| -rw-r--r-- | base/tps/src/engine/RA.cpp | 2 |
4 files changed, 22 insertions, 18 deletions
diff --git a/base/ra/apache/conf/httpd.conf b/base/ra/apache/conf/httpd.conf index 180c08de0..754dcebee 100644 --- a/base/ra/apache/conf/httpd.conf +++ b/base/ra/apache/conf/httpd.conf @@ -130,6 +130,11 @@ MaxRequestsPerChild 0 # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadsPerChild: constant number of worker threads in each server process # MaxRequestsPerChild: maximum number of requests a server process serves + +# MPM worker module is a loadable module as of 2.4 +# Module must be loaded before the configuration stanza +LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so + <IfModule worker.c> ServerLimit 1 StartServers 1 @@ -232,9 +237,6 @@ Listen [PORT] # LoadModule foo_module modules/mod_foo.so # -# MPM worker module is a loadable module as of 2.4 -LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so - LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so [FORTITUDE_AUTH_MODULES] # Module for User and Group diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions index 308f2ca80..058022efc 100644 --- a/base/setup/scripts/functions +++ b/base/setup/scripts/functions @@ -897,6 +897,7 @@ verify_symlinks() declare -A common_jar_symlinks declare -A webapps_jar_symlinks declare -A systemd_symlinks + declare -A tus_symlinks # Dogtag 9 Conditional Variables if [ ${ARCHITECTURE} == "x86_64" ]; then @@ -949,6 +950,9 @@ verify_symlinks() # '${PKI_INSTANCE_PATH}/lib' symlinks perl_symlinks[perl]=/usr/share/pki/${PKI_SUBSYSTEM_TYPE}/lib/perl + # '${PKI_INSTANCE_PATH}/docroot' symlinks + tus_symlinks[tus]="${PKI_INSTANCE_PATH}/docroot/tokendb" + # '${pki_common_jar_dir}' symlinks common_jar_symlinks=( [apache-commons-logging.jar]=/usr/share/java/apache-commons-logging.jar @@ -1017,20 +1021,16 @@ verify_symlinks() fi if [ "${PKI_SUBSYSTEM_TYPE}" == "tps" ]; then - # ALWAYS recreate this "convenience" link and 'chown' it - # NOTE: Ignore 'chown' errors. - cd ${PKI_INSTANCE_PATH}/docroot ; - ln -s tokendb tus ; + # Detect and correct 'tus_symlinks' + tus_symlinks_string=$(declare -p tus_symlinks) + eval "declare -A symlinks=${tus_symlinks_string#*=}" + check_symlinks ${PKI_INSTANCE_PATH}/docroot ${PKI_USER} ${PKI_GROUP} rv=$? - if [ $rv -eq 0 ]; then - chown -h ${PKI_USER}:${PKI_GROUP} tus - # echo "SUCCESS: Created 'tus' -> 'tokendb'" - else - echo "ERROR: Failed to create 'tus' -> 'tokendb' convenience" - echo " symbolic link for '${PKI_INSTANCE_ID}'!" - return 1 + if [ $rv -ne 0 ]; then + return $rv fi fi + elif [ "${PKI_SUBSYSTEM_TYPE}" == "ca" ] || [ "${PKI_SUBSYSTEM_TYPE}" == "kra" ] || [ "${PKI_SUBSYSTEM_TYPE}" == "ocsp" ] || diff --git a/base/tps/apache/conf/httpd.conf b/base/tps/apache/conf/httpd.conf index a9410849c..bf5864174 100644 --- a/base/tps/apache/conf/httpd.conf +++ b/base/tps/apache/conf/httpd.conf @@ -130,6 +130,11 @@ MaxRequestsPerChild 0 # MaxSpareThreads: maximum number of worker threads which are kept spare # ThreadsPerChild: constant number of worker threads in each server process # MaxRequestsPerChild: maximum number of requests a server process serves + +# MPM worker module is a loadable module as of 2.4 +# Module must be loaded before the configuration stanza +LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so + <IfModule worker.c> ServerLimit 1 StartServers 1 @@ -232,9 +237,6 @@ Listen [PORT] # LoadModule foo_module modules/mod_foo.so # -# MPM worker module is a loadable module as of 2.4 -LoadModule mpm_worker_module /etc/httpd/modules/mod_mpm_worker.so - LoadModule authz_core_module /etc/httpd/modules/mod_authz_core.so [FORTITUDE_AUTH_MODULES] # Module for User and Group diff --git a/base/tps/src/engine/RA.cpp b/base/tps/src/engine/RA.cpp index 436225045..82f53c161 100644 --- a/base/tps/src/engine/RA.cpp +++ b/base/tps/src/engine/RA.cpp @@ -3483,7 +3483,7 @@ TPS_PUBLIC bool RA::verifySystemCertByNickname(const char *nickname, const char */ TPS_PUBLIC bool RA::verifySystemCerts() { bool verifyResult = false; - bool rv = false; /* final return value */ + bool rv = true; /* final return value */ char configname[256]; char configname_nn[256]; char configname_cu[256]; |