summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--base/deploy/src/scriptlets/configuration.py8
-rw-r--r--base/deploy/src/scriptlets/finalization.py42
-rw-r--r--base/deploy/src/scriptlets/infrastructure_layout.py10
-rw-r--r--base/deploy/src/scriptlets/initialization.py3
-rw-r--r--base/deploy/src/scriptlets/instance_layout.py167
-rw-r--r--base/deploy/src/scriptlets/security_databases.py7
-rw-r--r--base/deploy/src/scriptlets/slot_substitution.py53
-rw-r--r--base/deploy/src/scriptlets/subsystem_layout.py75
-rw-r--r--base/deploy/src/scriptlets/webapp_deployment.py35
9 files changed, 0 insertions, 400 deletions
diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py
index 6208db46a..f2d3ab1b1 100644
--- a/base/deploy/src/scriptlets/configuration.py
+++ b/base/deploy/src/scriptlets/configuration.py
@@ -138,14 +138,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.CONFIGURATION_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- if util.file.exists(master['pki_client_password_conf']):
- util.file.modify(master['pki_client_password_conf'],
- uid=0, gid=0)
- if util.file.exists(master['pki_client_pkcs12_password_conf']):
- util.file.modify(master['pki_client_pkcs12_password_conf'],
- uid=0, gid=0)
- # ALWAYS Restart this Apache/Tomcat PKI Process
- util.systemd.restart()
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/finalization.py b/base/deploy/src/scriptlets/finalization.py
index f327ffb04..a86ffff28 100644
--- a/base/deploy/src/scriptlets/finalization.py
+++ b/base/deploy/src/scriptlets/finalization.py
@@ -89,48 +89,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.FINALIZATION_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- # Save a copy of the configuration file used by this process
- # (which may be used later by 'pkidestroy')
- util.file.copy(master['pki_deployment_cfg'],
- master['pki_deployment_cfg_replica'],
- overwrite_flag=True)
- # Also, for debugging/auditing purposes, save a timestamped copy of
- # this configuration file in the subsystem archive
- util.file.copy(master['pki_deployment_cfg_replica'],
- master['pki_deployment_cfg_respawn_archive'])
- # Save a copy of the updated manifest file
- config.pki_log.info(log.PKI_MANIFEST_MESSAGE_1, master['pki_manifest'],
- extra=config.PKI_INDENTATION_LEVEL_2)
- # for record in manifest.database:
- # print tuple(record)
- if not config.pki_dry_run_flag:
- manifest.file.register(master['pki_manifest'])
- manifest.file.write()
- util.file.modify(master['pki_manifest'], silent=True)
- # Also, for debugging/auditing purposes, save a timestamped copy of
- # this installation manifest file
- util.file.copy(master['pki_manifest'],
- master['pki_manifest_respawn_archive'])
- # Optionally, programmatically 'restart' the configured PKI instance
- if config.str2bool(master['pki_restart_configured_instance']):
- util.systemd.restart()
- # Optionally, 'purge' the entire temporary client infrastructure
- # including the client NSS security databases and password files
- #
- # WARNING: If the PKCS #12 file containing the Admin Cert was
- # placed under this infrastructure, it may accidentally
- # be deleted!
- #
- if config.str2bool(master['pki_client_database_purge']):
- if util.directory.exists(master['pki_client_dir']):
- util.directory.delete(master['pki_client_dir'])
- # Log final process messages
- config.pki_log.info(log.PKIRESPAWN_END_MESSAGE_2,
- master['pki_subsystem'],
- master['pki_instance_id'],
- extra=config.PKI_INDENTATION_LEVEL_0)
- if not config.pki_dry_run_flag:
- util.file.modify(master['pki_respawn_log'], silent=True)
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/infrastructure_layout.py b/base/deploy/src/scriptlets/infrastructure_layout.py
index 3faa0b9b9..d4dc264fd 100644
--- a/base/deploy/src/scriptlets/infrastructure_layout.py
+++ b/base/deploy/src/scriptlets/infrastructure_layout.py
@@ -84,16 +84,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.ADMIN_DOMAIN_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- # update top-level infrastructure base
- util.directory.modify(master['pki_path'])
- # update top-level infrastructure logs
- util.directory.modify(master['pki_log_path'])
- # update top-level infrastructure configuration
- if master['pki_configuration_path'] !=\
- config.PKI_DEPLOYMENT_CONFIGURATION_ROOT:
- util.directory.modify(master['pki_configuration_path'])
- # update top-level infrastructure registry
- util.directory.modify(master['pki_registry_path'])
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py
index 6c41ef642..a0298f740 100644
--- a/base/deploy/src/scriptlets/initialization.py
+++ b/base/deploy/src/scriptlets/initialization.py
@@ -75,9 +75,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
# verify that this type of "subsystem" currently EXISTS
# for this "instance"
util.instance.verify_subsystem_exists()
- # establish 'uid' and 'gid'
- util.identity.set_uid(master['pki_user'])
- util.identity.set_gid(master['pki_group'])
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/instance_layout.py b/base/deploy/src/scriptlets/instance_layout.py
index b4d1a5068..0df418165 100644
--- a/base/deploy/src/scriptlets/instance_layout.py
+++ b/base/deploy/src/scriptlets/instance_layout.py
@@ -241,173 +241,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.INSTANCE_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- # update instance base
- util.directory.modify(master['pki_instance_path'])
- # update instance logs
- util.directory.modify(master['pki_instance_log_path'])
- # update instance configuration
- util.directory.modify(master['pki_instance_configuration_path'])
- # update instance registry
- util.directory.modify(master['pki_instance_type_registry_path'])
- util.directory.modify(master['pki_instance_registry_path'])
- # update Apache/Tomcat specific instance
- if master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
- # update Tomcat instance base
- util.directory.modify(master['pki_tomcat_common_path'])
- util.directory.modify(master['pki_tomcat_common_lib_path'])
- util.directory.modify(master['pki_instance_lib'])
- util.directory.modify(master['pki_instance_lib_log4j_properties'])
- util.directory.modify(master['pki_tomcat_webapps_path'])
-
- common_images = os.path.join(
- master['pki_tomcat_webapps_common_path'],
- "images")
-
- # Copy /usr/share/pki/common-ui/admin/console/img
- # to <instance>/webapp/pki/images
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "common-ui",
- "admin",
- "console",
- "img"),
- common_images,
- overwrite_flag=True)
-
- # Copy /usr/share/pki/common-ui/css
- # to <instance>/webapp/pki/css
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "common-ui",
- "css"),
- os.path.join(
- master['pki_tomcat_webapps_common_path'],
- "css"),
- overwrite_flag=True)
-
- # Copy /usr/share/pki/common-ui/img
- # to <instance>/webapp/pki/images
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "common-ui",
- "img"),
- common_images,
- overwrite_flag=True)
-
- # Copy /usr/share/pki/<subsystem>-ui/webapps/<subsystem>/admin/graphics
- # to <instance>/webapp/pki/images
- dir = os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- master['pki_subsystem'].lower() + "-ui",
- "webapps",
- master['pki_subsystem'].lower(),
- "admin",
- "graphics")
- if (util.directory.exists(dir)):
- util.directory.copy(
- dir,
- common_images,
- overwrite_flag=True)
-
- # Copy /usr/share/pki/<subsystem>-ui/webapps/<subsystem>/agent/graphics
- # to <instance>/webapp/pki/images
- dir = os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- master['pki_subsystem'].lower() + "-ui",
- "webapps",
- master['pki_subsystem'].lower(),
- "agent",
- "graphics")
- if (util.directory.exists(dir)):
- util.directory.copy(
- dir,
- common_images,
- overwrite_flag=True)
-
- # Copy /usr/share/pki/<subsystem>-ui/webapps/<subsystem>/ee/graphics
- # to <instance>/webapp/pki/images
- dir = os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- master['pki_subsystem'].lower() + "-ui",
- "webapps",
- master['pki_subsystem'].lower(),
- "ee",
- "graphics")
- if (util.directory.exists(dir)):
- util.directory.copy(
- dir,
- common_images,
- overwrite_flag=True)
-
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "server",
- "webapps",
- "ROOT"),
- master['pki_tomcat_webapps_root_path'],
- overwrite_flag=True)
- util.directory.modify(master['pki_tomcat_webapps_root_path'])
- util.directory.modify(master['pki_tomcat_webapps_root_webinf_path'])
- util.directory.modify(master['pki_tomcat_work_path'])
- util.directory.modify(master['pki_tomcat_work_catalina_path'])
- util.directory.modify(master['pki_tomcat_work_catalina_host_path'])
- util.directory.modify(
- master['pki_tomcat_work_catalina_host_run_path'])
- util.directory.modify(
- master['pki_tomcat_work_catalina_host_subsystem_path'])
- # update Tomcat instance logs
- # update Tomcat instance configuration
- # update Tomcat instance registry
- # update Tomcat instance convenience symbolic links
- util.symlink.modify(master['pki_tomcat_bin_link'])
- util.symlink.modify(master['pki_instance_systemd_link'],
- uid=0, gid=0)
- # update Tomcat instance common lib jar symbolic links
-
- util.symlink.modify(
- master['pki_apache_commons_collections_jar_link'])
- util.symlink.modify(master['pki_apache_commons_lang_jar_link'])
- util.symlink.modify(master['pki_apache_commons_logging_jar_link'])
- util.symlink.modify(master['pki_commons_codec_jar_link'])
- util.symlink.modify(master['pki_httpclient_jar_link'])
- util.symlink.modify(master['pki_httpcore_jar_link'])
- util.symlink.modify(master['pki_javassist_jar_link'])
- util.symlink.modify(master['pki_resteasy_jaxrs_api_jar_link'])
- util.symlink.modify(master['pki_jettison_jar_link'])
- util.symlink.modify(master['pki_jss_jar_link'])
- util.symlink.modify(master['pki_ldapjdk_jar_link'])
- util.symlink.modify(master['pki_certsrv_jar_link'])
- util.symlink.modify(master['pki_cmsbundle_jar_link'])
- util.symlink.modify(master['pki_cmscore_jar_link'])
- util.symlink.modify(master['pki_cms_jar_link'])
- util.symlink.modify(master['pki_cmsutil_jar_link'])
- util.symlink.modify(master['pki_nsutil_jar_link'])
- util.symlink.modify(master['pki_resteasy_atom_provider_jar_link'])
- util.symlink.modify(master['pki_resteasy_jaxb_provider_jar_link'])
- util.symlink.modify(master['pki_resteasy_jaxrs_jar_link'])
- util.symlink.modify(
- master['pki_resteasy_jettison_provider_jar_link'])
- util.symlink.modify(master['pki_scannotation_jar_link'])
- if master['pki_subsystem'] == 'TKS':
- util.symlink.modify(master['pki_symkey_jar_link'])
- util.symlink.modify(master['pki_tomcatjss_jar_link'])
- util.symlink.modify(master['pki_velocity_jar_link'])
- util.symlink.modify(master['pki_xerces_j2_jar_link'])
- util.symlink.modify(master['pki_xml_commons_apis_jar_link'])
- util.symlink.modify(master['pki_xml_commons_resolver_jar_link'])
- # update shared NSS security databases for this instance
- util.directory.modify(master['pki_database_path'])
- # update instance convenience symbolic links
- util.symlink.modify(master['pki_instance_database_link'])
- util.symlink.modify(master['pki_instance_conf_link'])
- util.directory.copy(master['pki_source_server_path'],
- master['pki_instance_configuration_path'],
- overwrite_flag=True)
- util.symlink.modify(master['pki_instance_logs_link'])
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/security_databases.py b/base/deploy/src/scriptlets/security_databases.py
index f8de0c78c..f46f9180a 100644
--- a/base/deploy/src/scriptlets/security_databases.py
+++ b/base/deploy/src/scriptlets/security_databases.py
@@ -148,13 +148,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.SECURITY_DATABASES_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- util.file.modify(master['pki_shared_password_conf'])
- util.file.modify(master['pki_cert_database'],
- perms=config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS)
- util.file.modify(master['pki_key_database'],
- perms=config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS)
- util.file.modify(master['pki_secmod_database'],
- perms=config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS)
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/slot_substitution.py b/base/deploy/src/scriptlets/slot_substitution.py
index dcd367ac6..055908b5b 100644
--- a/base/deploy/src/scriptlets/slot_substitution.py
+++ b/base/deploy/src/scriptlets/slot_substitution.py
@@ -95,59 +95,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.SLOT_ASSIGNMENT_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- util.file.copy_with_slot_substitution(master['pki_source_cs_cfg'],
- master['pki_target_cs_cfg'],
- overwrite_flag=True)
- util.file.copy_with_slot_substitution(master['pki_source_registry'],
- master['pki_target_registry'],
- uid=0, gid=0, overwrite_flag=True)
- if master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
- util.file.copy_with_slot_substitution(
- master['pki_source_catalina_properties'],
- master['pki_target_catalina_properties'],
- overwrite_flag=True)
- util.file.copy_with_slot_substitution(
- master['pki_source_servercertnick_conf'],
- master['pki_target_servercertnick_conf'],
- overwrite_flag=True)
- util.file.copy_with_slot_substitution(
- master['pki_source_server_xml'],
- master['pki_target_server_xml'],
- overwrite_flag=True)
- util.file.copy_with_slot_substitution(
- master['pki_source_context_xml'],
- master['pki_target_context_xml'],
- overwrite_flag=True)
- util.file.copy_with_slot_substitution(
- master['pki_source_tomcat_conf'],
- master['pki_target_tomcat_conf_instance_id'],
- uid=0, gid=0, overwrite_flag=True)
- util.file.copy_with_slot_substitution(
- master['pki_source_tomcat_conf'],
- master['pki_target_tomcat_conf'],
- overwrite_flag=True)
- util.file.apply_slot_substitution(
- master['pki_target_auth_properties'])
- util.file.apply_slot_substitution(
- master['pki_target_velocity_properties'])
- util.file.apply_slot_substitution(
- master['pki_target_subsystem_web_xml'])
- # Strip "<filter>" section from subsystem "web.xml"
- # This is ONLY necessary because XML comments cannot be "nested"!
- #util.file.copy(master['pki_target_subsystem_web_xml'],
- # master['pki_target_subsystem_web_xml_orig'])
- #util.file.delete(master['pki_target_subsystem_web_xml'])
- #util.xml_file.remove_filter_section_from_web_xml(
- # master['pki_target_subsystem_web_xml_orig'],
- # master['pki_target_subsystem_web_xml'])
- #util.file.delete(master['pki_target_subsystem_web_xml_orig'])
- if master['pki_subsystem'] == "CA":
- util.file.copy_with_slot_substitution(
- master['pki_source_proxy_conf'],
- master['pki_target_proxy_conf'],
- overwrite_flag=True)
- util.file.apply_slot_substitution(
- master['pki_target_profileselect_template'])
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/subsystem_layout.py b/base/deploy/src/scriptlets/subsystem_layout.py
index fde69b093..c4c4c2283 100644
--- a/base/deploy/src/scriptlets/subsystem_layout.py
+++ b/base/deploy/src/scriptlets/subsystem_layout.py
@@ -104,81 +104,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
def respawn(self):
config.pki_log.info(log.SUBSYSTEM_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- # update instance-based subsystem base
- util.directory.modify(master['pki_subsystem_path'])
- # update instance-based subsystem logs
- util.directory.modify(master['pki_subsystem_log_path'])
- util.directory.modify(master['pki_subsystem_archive_log_path'])
- if master['pki_subsystem'] in config.PKI_SIGNED_AUDIT_SUBSYSTEMS:
- util.directory.modify(master['pki_subsystem_signed_audit_log_path'])
- # update instance-based subsystem configuration
- util.directory.modify(master['pki_subsystem_configuration_path'])
- # util.directory.copy(master['pki_source_conf_path'],
- # master['pki_subsystem_configuration_path'])
- # overwrite_flag=True)
- # update instance-based subsystem registry
- util.directory.modify(master['pki_subsystem_registry_path'])
- # establish instance-based Apache/Tomcat specific subsystems
- if master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
- # update instance-based Tomcat PKI subsystem base
- if master['pki_subsystem'] == "CA":
- util.directory.copy(master['pki_source_emails'],
- master['pki_subsystem_emails_path'],
- overwrite_flag=True)
- util.directory.copy(master['pki_source_profiles'],
- master['pki_subsystem_profiles_path'],
- overwrite_flag=True)
- # update instance-based Tomcat PKI subsystem logs
- # update instance-based Tomcat PKI subsystem configuration
- if master['pki_subsystem'] == "CA":
- # util.file.copy(master['pki_source_flatfile_txt'],
- # master['pki_target_flatfile_txt'],
- # overwrite_flag=True)
- util.file.copy(master['pki_source_registry_cfg'],
- master['pki_target_registry_cfg'],
- overwrite_flag=True)
- # '*.profile'
- util.file.copy(master['pki_source_admincert_profile'],
- master['pki_target_admincert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_caauditsigningcert_profile'],
- master['pki_target_caauditsigningcert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_cacert_profile'],
- master['pki_target_cacert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_caocspcert_profile'],
- master['pki_target_caocspcert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_servercert_profile'],
- master['pki_target_servercert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_subsystemcert_profile'],
- master['pki_target_subsystemcert_profile'],
- overwrite_flag=True)
- elif master['pki_subsystem'] == "KRA":
- # '*.profile'
- util.file.copy(master['pki_source_servercert_profile'],
- master['pki_target_servercert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_storagecert_profile'],
- master['pki_target_storagecert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_subsystemcert_profile'],
- master['pki_target_subsystemcert_profile'],
- overwrite_flag=True)
- util.file.copy(master['pki_source_transportcert_profile'],
- master['pki_target_transportcert_profile'],
- overwrite_flag=True)
- # update instance-based Tomcat PKI subsystem registry
- # update instance-based Tomcat PKI subsystem convenience
- # symbolic links
- util.symlink.modify(master['pki_subsystem_tomcat_webapps_link'])
- # update instance-based subsystem convenience symbolic links
- util.symlink.modify(master['pki_subsystem_database_link'])
- util.symlink.modify(master['pki_subsystem_conf_link'])
- util.symlink.modify(master['pki_subsystem_logs_link'])
- util.symlink.modify(master['pki_subsystem_registry_link'])
return self.rv
def destroy(self):
diff --git a/base/deploy/src/scriptlets/webapp_deployment.py b/base/deploy/src/scriptlets/webapp_deployment.py
index 507d23c32..ad7235c18 100644
--- a/base/deploy/src/scriptlets/webapp_deployment.py
+++ b/base/deploy/src/scriptlets/webapp_deployment.py
@@ -105,41 +105,6 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
if master['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS:
config.pki_log.info(log.WEBAPP_DEPLOYMENT_RESPAWN_1, __name__,
extra=config.PKI_INDENTATION_LEVEL_1)
- # redeploy war file
- util.directory.modify(master['pki_tomcat_webapps_subsystem_path'])
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- "common-ui"),
- master['pki_tomcat_webapps_subsystem_path'],
- overwrite_flag=True)
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- master['pki_subsystem'].lower() + "-ui",
- "webapps",
- master['pki_subsystem'].lower()),
- master['pki_tomcat_webapps_subsystem_path'],
- overwrite_flag=True)
- util.directory.copy(
- os.path.join(
- config.PKI_DEPLOYMENT_SOURCE_ROOT,
- master['pki_subsystem'].lower(),
- "webapps",
- master['pki_subsystem'].lower()),
- master['pki_tomcat_webapps_subsystem_path'],
- overwrite_flag=True)
- # update Tomcat webapps subsystem WEB-INF lib symbolic links
- if master['pki_subsystem'] == "CA":
- util.symlink.modify(master['pki_ca_jar_link'])
- elif master['pki_subsystem'] == "KRA":
- util.symlink.modify(master['pki_kra_jar_link'])
- elif master['pki_subsystem'] == "OCSP":
- util.symlink.modify(master['pki_ocsp_jar_link'])
- elif master['pki_subsystem'] == "TKS":
- util.symlink.modify(master['pki_tks_jar_link'])
- # update ownerships, permissions, and acls
- util.directory.set_mode(master['pki_tomcat_webapps_subsystem_path'])
return self.rv
def destroy(self):