diff options
Diffstat (limited to 'base/deploy/src/pkispawn')
-rwxr-xr-x | base/deploy/src/pkispawn | 72 |
1 files changed, 54 insertions, 18 deletions
diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn index f64d79575..d0ad5a495 100755 --- a/base/deploy/src/pkispawn +++ b/base/deploy/src/pkispawn @@ -1,4 +1,4 @@ -#!/usr/bin/python -t +#!/usr/bin/python -tu # Authors: # Matthew Harmsen <mharmsen@redhat.com> # @@ -52,6 +52,10 @@ error was: def main(argv): "main entry point" + print "PKI Subsystem Installation" + print "--------------------------" + print + config.pki_deployment_executable = os.path.basename(argv[0]) # Only run this program as "root". @@ -96,7 +100,7 @@ def main(argv): parser.mandatory.add_argument('-f', dest='user_deployment_cfg', action='store', - nargs=1, required=True, metavar='<file>', + nargs=1, metavar='<file>', help='configuration filename ' '(MUST specify complete path)') @@ -106,15 +110,57 @@ def main(argv): args = parser.process_command_line_arguments(argv) + interactive = False config.default_deployment_cfg = config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE # -f <user deployment config> - config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']') + if not args.user_deployment_cfg is None: + config.user_deployment_cfg = str(args.user_deployment_cfg).strip('[\']') # -u config.pki_update_flag = args.pki_update_flag - parser.validate() + # -s <subsystem> + if args.pki_subsystem is None: + interactive = True + config.pki_subsystem = parser.read_text('Subsystem type', default='CA') + else: + config.pki_subsystem = str(args.pki_subsystem).strip('[\']') + + parser.initialize() + + if config.user_deployment_cfg is None: + interactive = True + parser.read_text('Instance name', 'DEFAULT', 'pki_instance_name') + parser.read_text('Tomcat HTTP port', config.pki_subsystem, 'pki_http_port') + parser.read_text('Tomcat secure HTTP port', config.pki_subsystem, 'pki_https_port') + parser.read_text('Tomcat AJP port', config.pki_subsystem, 'pki_ajp_port') + parser.read_text('Tomcat server port', config.pki_subsystem, 'pki_tomcat_server_port') + parser.read_text(config.pki_subsystem + ' admin UID', config.pki_subsystem, 'pki_admin_uid') + + admin_password = parser.read_password(config.pki_subsystem + ' admin password', config.pki_subsystem, 'pki_admin_password') + parser.pki_config.set(config.pki_subsystem, 'pki_backup_password', admin_password) + parser.pki_config.set(config.pki_subsystem, 'pki_client_database_password', admin_password) + parser.pki_config.set(config.pki_subsystem, 'pki_client_pkcs12_password', admin_password) + + parser.read_text(config.pki_subsystem + ' admin certificate', config.pki_subsystem, 'pki_client_admin_cert') + + parser.read_text('Directory server hostname', config.pki_subsystem, 'pki_ds_hostname') + parser.read_text('Directory server port', config.pki_subsystem, 'pki_ds_ldap_port') + parser.read_text('Directory server base DN', config.pki_subsystem, 'pki_ds_base_dn') + parser.read_text('Directory server bind DN', config.pki_subsystem, 'pki_ds_bind_dn') + parser.read_password('Directory server password', config.pki_subsystem, 'pki_ds_password') + + parser.read_text('Security domain name', config.pki_subsystem, 'pki_security_domain_name') + if config.pki_subsystem != "CA": + parser.read_text('Security domain hostname', config.pki_subsystem, 'pki_security_domain_hostname') + parser.read_text('Security domain secure HTTP port', config.pki_subsystem, 'pki_security_domain_https_port') + parser.read_text('Security domain user', config.pki_subsystem, 'pki_security_domain_user') + parser.read_password('Security domain password', config.pki_subsystem, 'pki_security_domain_password') + parser.read_text('Security domain certificate', config.pki_subsystem, 'pki_admin_cert_file') + + if interactive: + print if not os.path.exists(config.PKI_DEPLOYMENT_SOURCE_ROOT +\ "/" + config.pki_subsystem.lower()): @@ -161,20 +207,6 @@ def main(argv): extra=config.PKI_INDENTATION_LEVEL_0) sys.exit(1) - # NEVER print out 'sensitive' name/value pairs!!! - config.pki_log.debug(log.PKI_DICTIONARY_DEFAULT, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_default_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_web_server_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM, - extra=config.PKI_INDENTATION_LEVEL_0) - config.pki_log.debug(pkilogging.format(config.pki_subsystem_dict), - extra=config.PKI_INDENTATION_LEVEL_0) - # Read in the PKI slots configuration file. parser.compose_pki_slots_dictionary() config.pki_log.debug(log.PKI_DICTIONARY_SLOTS, @@ -184,6 +216,7 @@ def main(argv): # Combine the various sectional dictionaries into a PKI master dictionary parser.compose_pki_master_dictionary() + if not config.pki_update_flag: config.pki_master_dict['pki_spawn_log'] = config.pki_log_dir + "/" +\ config.pki_log_name @@ -214,6 +247,9 @@ def main(argv): config.pki_log.debug(pkilogging.format(config.pki_master_dict), extra=config.PKI_INDENTATION_LEVEL_0) + print + print "Installation complete." + # PKI Deployment Entry Point if __name__ == "__main__": |