diff options
Diffstat (limited to 'base/deploy/src/pkispawn')
-rwxr-xr-x | base/deploy/src/pkispawn | 62 |
1 files changed, 45 insertions, 17 deletions
diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn index f64d79575..a6985fe48 100755 --- a/base/deploy/src/pkispawn +++ b/base/deploy/src/pkispawn @@ -52,6 +52,10 @@ error was: def main(argv): "main entry point" + print "PKI Subsystem Installation" + print "--------------------------" + print + config.pki_deployment_executable = os.path.basename(argv[0]) # Only run this program as "root". @@ -96,7 +100,7 @@ def main(argv): parser.mandatory.add_argument('-f', dest='user_deployment_cfg', action='store', - nargs=1, required=True, metavar='<file>', + nargs=1, metavar='<file>', help='configuration filename ' '(MUST specify complete path)') @@ -109,12 +113,46 @@ def main(argv): config.default_deployment_cfg = config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE # -f <user deployment config> - config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']') + if not args.user_deployment_cfg is None: + config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']') # -u config.pki_update_flag = args.pki_update_flag - parser.validate() + if config.user_deployment_cfg is None: + config.pki_subsystem = 'CA' + value = raw_input('Subsystem type [' + config.pki_subsystem + ']: ') + if len(value) > 0: + config.pki_subsystem = value + + parser.initialize() + + if config.user_deployment_cfg is None: + parser.read_text('DEFAULT', 'pki_instance_name', 'Instance name') + parser.read_text(config.pki_subsystem, 'pki_http_port', 'HTTP Port') + parser.read_text(config.pki_subsystem, 'pki_https_port', 'Secure HTTP port') + parser.read_text(config.pki_subsystem, 'pki_admin_uid', config.pki_subsystem + ' admin UID') + + admin_password = parser.read_password(config.pki_subsystem, 'pki_admin_password', config.pki_subsystem + ' admin password') + parser.pki_config.set(config.pki_subsystem, 'pki_backup_password', admin_password) + parser.pki_config.set(config.pki_subsystem, 'pki_client_database_password', admin_password) + parser.pki_config.set(config.pki_subsystem, 'pki_client_pkcs12_password', admin_password) + + parser.read_text(config.pki_subsystem, 'pki_client_admin_cert', config.pki_subsystem + ' admin certificate') + + parser.read_text(config.pki_subsystem, 'pki_ds_hostname', 'Directory server hostname') + parser.read_text(config.pki_subsystem, 'pki_ds_ldap_port', 'Directory server port') + parser.read_text(config.pki_subsystem, 'pki_ds_base_dn', 'Directory server base DN') + parser.read_text(config.pki_subsystem, 'pki_ds_bind_dn', 'Directory server bind DN') + parser.read_password(config.pki_subsystem, 'pki_ds_password', 'Directory server password') + + parser.read_text(config.pki_subsystem, 'pki_security_domain_name', 'Security domain name') + if config.pki_subsystem != "CA": + parser.read_text(config.pki_subsystem, 'pki_security_domain_hostname', 'Security domain hostname') + parser.read_text(config.pki_subsystem, 'pki_security_domain_https_port', 'Security domain secure HTTP port') + parser.read_text(config.pki_subsystem, 'pki_security_domain_user', 'Security domain user') + parser.read_password(config.pki_subsystem, 'pki_security_domain_password', 'Security domain password') + parser.read_text(config.pki_subsystem, 'pki_admin_cert_file', 'Security domain certificate') if not os.path.exists(config.PKI_DEPLOYMENT_SOURCE_ROOT +\ "/" + config.pki_subsystem.lower()): @@ -161,20 +199,6 @@ def main(argv): extra=config.PKI_INDENTATION_LEVEL_0) sys.exit(1) - # NEVER print out 'sensitive' name/value pairs!!! - config.pki_log.debug(log.PKI_DICTIONARY_DEFAULT, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_default_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_web_server_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_subsystem_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - # Read in the PKI slots configuration file. parser.compose_pki_slots_dictionary() config.pki_log.debug(log.PKI_DICTIONARY_SLOTS, @@ -184,6 +208,7 @@ def main(argv): # Combine the various sectional dictionaries into a PKI master dictionary parser.compose_pki_master_dictionary() + if not config.pki_update_flag: config.pki_master_dict['pki_spawn_log'] = config.pki_log_dir + "/" +\ config.pki_log_name @@ -214,6 +239,9 @@ def main(argv): config.pki_log.debug(pkilogging.format(config.pki_master_dict), extra=config.PKI_INDENTATION_LEVEL_0) + print + print "Installation complete." + # PKI Deployment Entry Point if __name__ == "__main__": |