summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/pkispawn
diff options
context:
space:
mode:
Diffstat (limited to 'base/deploy/src/pkispawn')
-rwxr-xr-xbase/deploy/src/pkispawn72
1 files changed, 54 insertions, 18 deletions
diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn
index f64d795..d0ad5a4 100755
--- a/base/deploy/src/pkispawn
+++ b/base/deploy/src/pkispawn
@@ -1,4 +1,4 @@
-#!/usr/bin/python -t
+#!/usr/bin/python -tu
# Authors:
# Matthew Harmsen <mharmsen@redhat.com>
#
@@ -52,6 +52,10 @@ error was:
def main(argv):
"main entry point"
+ print "PKI Subsystem Installation"
+ print "--------------------------"
+ print
+
config.pki_deployment_executable = os.path.basename(argv[0])
# Only run this program as "root".
@@ -96,7 +100,7 @@ def main(argv):
parser.mandatory.add_argument('-f',
dest='user_deployment_cfg', action='store',
- nargs=1, required=True, metavar='<file>',
+ nargs=1, metavar='<file>',
help='configuration filename '
'(MUST specify complete path)')
@@ -106,15 +110,57 @@ def main(argv):
args = parser.process_command_line_arguments(argv)
+ interactive = False
config.default_deployment_cfg = config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE
# -f <user deployment config>
- config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']')
+ if not args.user_deployment_cfg is None:
+ config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']')
# -u
config.pki_update_flag = args.pki_update_flag
- parser.validate()
+ # -s <subsystem>
+ if args.pki_subsystem is None:
+ interactive = True
+ config.pki_subsystem = parser.read_text('Subsystem type', default='CA')
+ else:
+ config.pki_subsystem = str(args.pki_subsystem).strip('[\']')
+
+ parser.initialize()
+
+ if config.user_deployment_cfg is None:
+ interactive = True
+ parser.read_text('Instance name', 'DEFAULT', 'pki_instance_name')
+ parser.read_text('Tomcat HTTP port', config.pki_subsystem, 'pki_http_port')
+ parser.read_text('Tomcat secure HTTP port', config.pki_subsystem, 'pki_https_port')
+ parser.read_text('Tomcat AJP port', config.pki_subsystem, 'pki_ajp_port')
+ parser.read_text('Tomcat server port', config.pki_subsystem, 'pki_tomcat_server_port')
+ parser.read_text(config.pki_subsystem + ' admin UID', config.pki_subsystem, 'pki_admin_uid')
+
+ admin_password = parser.read_password(config.pki_subsystem + ' admin password', config.pki_subsystem, 'pki_admin_password')
+ parser.pki_config.set(config.pki_subsystem, 'pki_backup_password', admin_password)
+ parser.pki_config.set(config.pki_subsystem, 'pki_client_database_password', admin_password)
+ parser.pki_config.set(config.pki_subsystem, 'pki_client_pkcs12_password', admin_password)
+
+ parser.read_text(config.pki_subsystem + ' admin certificate', config.pki_subsystem, 'pki_client_admin_cert')
+
+ parser.read_text('Directory server hostname', config.pki_subsystem, 'pki_ds_hostname')
+ parser.read_text('Directory server port', config.pki_subsystem, 'pki_ds_ldap_port')
+ parser.read_text('Directory server base DN', config.pki_subsystem, 'pki_ds_base_dn')
+ parser.read_text('Directory server bind DN', config.pki_subsystem, 'pki_ds_bind_dn')
+ parser.read_password('Directory server password', config.pki_subsystem, 'pki_ds_password')
+
+ parser.read_text('Security domain name', config.pki_subsystem, 'pki_security_domain_name')
+ if config.pki_subsystem != "CA":
+ parser.read_text('Security domain hostname', config.pki_subsystem, 'pki_security_domain_hostname')
+ parser.read_text('Security domain secure HTTP port', config.pki_subsystem, 'pki_security_domain_https_port')
+ parser.read_text('Security domain user', config.pki_subsystem, 'pki_security_domain_user')
+ parser.read_password('Security domain password', config.pki_subsystem, 'pki_security_domain_password')
+ parser.read_text('Security domain certificate', config.pki_subsystem, 'pki_admin_cert_file')
+
+ if interactive:
+ print
if not os.path.exists(config.PKI_DEPLOYMENT_SOURCE_ROOT +\
"/" + config.pki_subsystem.lower()):
@@ -161,20 +207,6 @@ def main(argv):
extra=config.PKI_INDENTATION_LEVEL_0)
sys.exit(1)
- # NEVER print out 'sensitive' name/value pairs!!!
- config.pki_log.debug(log.PKI_DICTIONARY_DEFAULT,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pkilogging.format(config.pki_default_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pkilogging.format(config.pki_web_server_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM,
- extra=config.PKI_INDENTATION_LEVEL_0)
- config.pki_log.debug(pkilogging.format(config.pki_subsystem_dict),
- extra=config.PKI_INDENTATION_LEVEL_0)
-
# Read in the PKI slots configuration file.
parser.compose_pki_slots_dictionary()
config.pki_log.debug(log.PKI_DICTIONARY_SLOTS,
@@ -184,6 +216,7 @@ def main(argv):
# Combine the various sectional dictionaries into a PKI master dictionary
parser.compose_pki_master_dictionary()
+
if not config.pki_update_flag:
config.pki_master_dict['pki_spawn_log'] = config.pki_log_dir + "/" +\
config.pki_log_name
@@ -214,6 +247,9 @@ def main(argv):
config.pki_log.debug(pkilogging.format(config.pki_master_dict),
extra=config.PKI_INDENTATION_LEVEL_0)
+ print
+ print "Installation complete."
+
# PKI Deployment Entry Point
if __name__ == "__main__":