summaryrefslogtreecommitdiffstats
path: root/base/deploy/src/scriptlets
diff options
context:
space:
mode:
Diffstat (limited to 'base/deploy/src/scriptlets')
-rw-r--r--base/deploy/src/scriptlets/configuration.py4
-rw-r--r--base/deploy/src/scriptlets/pkiconfig.py14
-rw-r--r--base/deploy/src/scriptlets/pkihelper.py58
-rw-r--r--base/deploy/src/scriptlets/pkijython.py81
-rw-r--r--base/deploy/src/scriptlets/pkimessages.py3
-rw-r--r--base/deploy/src/scriptlets/pkiparser.py17
6 files changed, 60 insertions, 117 deletions
diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py
index 16b63122f..d105590a2 100644
--- a/base/deploy/src/scriptlets/configuration.py
+++ b/base/deploy/src/scriptlets/configuration.py
@@ -92,7 +92,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
util.systemd.restart()
# Pass control to the Java servlet via Jython 2.2 'configuration.jy'
- util.jython.invoke(master['pki_jython_configuration_scriptlet'])
+ util.jython.invoke(
+ master['pki_jython_configuration_scriptlet'],
+ master['RESTEASY_LIB'])
return self.rv
def respawn(self):
diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py
index 4bbf92e91..7b20e474a 100644
--- a/base/deploy/src/scriptlets/pkiconfig.py
+++ b/base/deploy/src/scriptlets/pkiconfig.py
@@ -20,16 +20,6 @@
#
import re
-def is_rhel():
- try:
- f = open("/etc/redhat-release")
- for line in f:
- if re.search("Red Hat Enterprise Linux", line):
- return True
- except IOError, e:
- pass
- return False
-
# PKI Deployment Constants
PKI_DEPLOYMENT_DEFAULT_CLIENT_DIR_PERMISSIONS = 00755
PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS = 00770
@@ -71,10 +61,6 @@ PKI_DEPLOYMENT_JAR_SOURCE_ROOT = "/usr/share/java"
PKI_DEPLOYMENT_HTTPCOMPONENTS_JAR_SOURCE_ROOT = "/usr/share/java/httpcomponents"
PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT = "/usr/share/java/pki"
-PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT = "/usr/share/java/resteasy"
-if is_rhel():
- PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT = "/usr/share/java/resteasy-base"
-
PKI_DEPLOYMENT_SOURCE_ROOT = "/usr/share/pki"
PKI_DEPLOYMENT_SYSTEMD_ROOT = "/lib/systemd/system"
PKI_DEPLOYMENT_SYSTEMD_CONFIGURATION_ROOT = "/etc/systemd/system"
diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py
index 2d7b75938..ff11efd1b 100644
--- a/base/deploy/src/scriptlets/pkihelper.py
+++ b/base/deploy/src/scriptlets/pkihelper.py
@@ -2516,33 +2516,63 @@ class systemd:
# PKI Deployment 'jython' Class
class jython:
- def invoke(self, scriptlet, critical_failure=True):
+ def invoke(self, scriptlet, resteasy_lib, critical_failure=True):
try:
+ # JSS JNI Jars
+ #
+ # NOTE: Always load 64-bit JNI 'jss4.jar'
+ # PRIOR to 32-bit JNI 'jss4.jar'
+ #
+ classpath = "/usr/lib64/java/jss4.jar" +\
+ ":/usr/lib/java/jss4.jar" +\
+ ":/usr/share/java/httpcomponents/httpclient.jar" +\
+ ":/usr/share/java/httpcomponents/httpcore.jar" +\
+ ":/usr/share/java/apache-commons-cli.jar" +\
+ ":/usr/share/java/apache-commons-codec.jar" +\
+ ":/usr/share/java/apache-commons-logging.jar" +\
+ ":/usr/share/java/istack-commons-runtime.jar" +\
+ ":/usr/share/java/glassfish-jaxb/jaxb-impl.jar" +\
+ ":/usr/share/java/scannotation.jar"
+
+ # RESTEasy Jars
+ classpath = classpath +\
+ ":" + resteasy_lib + "/jaxrs-api.jar" +\
+ ":" + resteasy_lib + "/resteasy-atom-provider.jar" +\
+ ":" + resteasy_lib + "/resteasy-jaxb-provider.jar" +\
+ ":" + resteasy_lib + "/resteasy-jaxrs.jar" +\
+ ":" + resteasy_lib + "/resteasy-jettison-provider.jar"
+
+ # PKI Jars
+ classpath = classpath +\
+ ":/usr/share/java/pki/pki-certsrv.jar" +\
+ ":/usr/share/java/pki/pki-client.jar" +\
+ ":/usr/share/java/pki/pki-cmsutil.jar" +\
+ ":/usr/share/java/pki/pki-nsutil.jar"
+
+ properties = ""
+
# From 'http://www.jython.org/archive/22/userfaq.html':
# Setting this to false will allow Jython to provide access to
# non-public fields, methods, and constructors of Java objects.
- property = "-Dpython.security.respectJavaAccessibility=false"
- # comment the next line out to use the "property" defined above
- property = ""
+ # properties = properties + " -Dpython.security.respectJavaAccessibility=false"
+
# Compose this "jython" command
data = pickle.dumps(master)
- ld_library_path = "LD_LIBRARY_PATH"
if master['pki_architecture'] == 64:
- ld_library_path = ld_library_path + "=" +\
- "/usr/lib64/jss:/usr/lib64:/lib64:" +\
+ ld_library_path = "/usr/lib64/jss:/usr/lib64:/lib64:" +\
"/usr/lib/jss:/usr/lib:/lib"
else:
- ld_library_path = ld_library_path + "=" +\
- "/usr/lib/jss:/usr/lib:/lib"
- command = "export" + " " + ld_library_path + ";" + "jython" + " " +\
- property + " " + scriptlet + " " + "\"" + data + "\""
+ ld_library_path = "/usr/lib/jss:/usr/lib:/lib"
+ command = "export LD_LIBRARY_PATH=" + ld_library_path +\
+ ";export CLASSPATH=" + classpath +\
+ ";jython " + properties + " " + scriptlet
# Display this "jython" command
config.pki_log.info(
- log.PKIHELPER_INVOKE_JYTHON_3,
- ld_library_path, property, scriptlet,
+ log.PKIHELPER_INVOKE_JYTHON_1,
+ command,
extra=config.PKI_INDENTATION_LEVEL_2)
# Invoke this "jython" command
- subprocess.call(command, shell=True)
+ subprocess.call(command + " \"" + data + "\"", shell=True)
except subprocess.CalledProcessError as exc:
config.pki_log.error(log.PKI_SUBPROCESS_ERROR_1, exc,
extra=config.PKI_INDENTATION_LEVEL_2)
diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py
index c1bec9327..25678048f 100644
--- a/base/deploy/src/scriptlets/pkijython.py
+++ b/base/deploy/src/scriptlets/pkijython.py
@@ -34,89 +34,10 @@ pki_python_module_path = os.path.join(sys.prefix,
sys.path.append(pki_python_module_path)
-# http://www.jython.org/jythonbook/en/1.0/appendixB.html#working-with-classpath
-###############################################################################
-# from http://forum.java.sun.com/thread.jspa?threadID=300557
-#
-# Author: SG Langer Jan 2007 translated the above Java to this Jython class
-# Purpose: Allow runtime additions of new Class/jars either from local files
-# or URL
-###############################################################################
-class classPathHacker:
- import java.lang.reflect.Method
- import java.io.File
- import java.net.URL
- import java.net.URLClassLoader
- import jarray
-
- def addFile(self, s):
- ##################################################
- # Purpose: If adding a file/jar call this first
- # with s = path_to_jar
- ##################################################
-
- # make a URL out of 's'
- f = self.java.io.File (s)
- u = f.toURL ()
- a = self.addURL (u)
- return a
-
- def addURL(self, u):
- ###########################################
- # Purpose: Call this with u= URL for the
- # new Class/jar to be loaded
- ###########################################
-
- parameters = self.jarray.array([self.java.net.URL],
- self.java.lang.Class)
- sysloader = self.java.lang.ClassLoader.getSystemClassLoader()
- sysclass = self.java.net.URLClassLoader
- method = sysclass.getDeclaredMethod("addURL", parameters)
- a = method.setAccessible(1)
- jar_a = self.jarray.array([u], self.java.lang.Object)
- b = method.invoke(sysloader, jar_a)
- return u
-
# PKI Python Imports
import pkiconfig as config
import pkimessages as log
-# Dynamically Load Additional Java Jars ('append' to existing classpath)
-jarLoad = classPathHacker()
-# Webserver Jars
-jarLoad.addFile("/usr/share/java/httpcomponents/httpclient.jar")
-jarLoad.addFile("/usr/share/java/httpcomponents/httpcore.jar")
-jarLoad.addFile("/usr/share/java/apache-commons-cli.jar")
-jarLoad.addFile("/usr/share/java/apache-commons-codec.jar")
-jarLoad.addFile("/usr/share/java/apache-commons-logging.jar")
-jarLoad.addFile("/usr/share/java/istack-commons-runtime.jar")
-
-# Resteasy Jars
-RESTEASY_ROOT = "resteasy"
-if config.is_rhel():
- RESTEASY_ROOT = "resteasy-base"
-
-jarLoad.addFile("/usr/share/java/glassfish-jaxb/jaxb-impl.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/jaxrs-api.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-atom-provider.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jaxb-provider.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jaxrs.jar")
-jarLoad.addFile("/usr/share/java/" + RESTEASY_ROOT + "/resteasy-jettison-provider.jar")
-jarLoad.addFile("/usr/share/java/scannotation.jar")
-# PKI Jars
-jarLoad.addFile("/usr/share/java/pki/pki-certsrv.jar")
-jarLoad.addFile("/usr/share/java/pki/pki-client.jar")
-jarLoad.addFile("/usr/share/java/pki/pki-cmsutil.jar")
-jarLoad.addFile("/usr/share/java/pki/pki-nsutil.jar")
-# JSS JNI Jars
-#
-# NOTE: Always load 64-bit JNI 'jss4.jar'
-# PRIOR to 32-bit JNI 'jss4.jar'
-#
-jarLoad.addFile("/usr/lib64/java/jss4.jar")
-jarLoad.addFile("/usr/lib/java/jss4.jar")
-
-
# Apache Commons Java Imports
from org.apache.commons.cli import CommandLine
from org.apache.commons.cli import CommandLineParser
@@ -125,7 +46,6 @@ from org.apache.commons.cli import Options
from org.apache.commons.cli import ParseException
from org.apache.commons.cli import PosixParser
-
# JSS Java Imports
from org.mozilla.jss import CryptoManager
from org.mozilla.jss.asn1 import ASN1Util
@@ -147,7 +67,6 @@ from org.mozilla.jss.pkix.primitive import Name
from org.mozilla.jss.pkix.primitive import SubjectPublicKeyInfo
from org.mozilla.jss.util import Password
-
# PKI Java Imports
from com.netscape.certsrv.system import SystemConfigClient
from com.netscape.certsrv.system import SystemCertData
diff --git a/base/deploy/src/scriptlets/pkimessages.py b/base/deploy/src/scriptlets/pkimessages.py
index 8d7ba1b6e..9c10e0119 100644
--- a/base/deploy/src/scriptlets/pkimessages.py
+++ b/base/deploy/src/scriptlets/pkimessages.py
@@ -189,8 +189,7 @@ PKIHELPER_GROUP_ADD_GID_KEYERROR_1 = "KeyError: pki_gid %s"
PKIHELPER_GROUP_ADD_KEYERROR_1 = "KeyError: pki_group %s"
PKIHELPER_INVALID_SELINUX_CONTEXT_FOR_PORT = "port %s has invalid selinux "\
"context %s"
-PKIHELPER_INVOKE_JYTHON_3 = "executing 'export %s;"\
- "jython %s %s <master_dictionary>'"
+PKIHELPER_INVOKE_JYTHON_1 = "executing '%s'"
PKIHELPER_IS_A_DIRECTORY_1 = "'%s' is a directory"
PKIHELPER_IS_A_FILE_1 = "'%s' is a file"
PKIHELPER_IS_A_SYMLINK_1 = "'%s' is a symlink"
diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py
index 80bdcb216..3d9ec7f7a 100644
--- a/base/deploy/src/scriptlets/pkiparser.py
+++ b/base/deploy/src/scriptlets/pkiparser.py
@@ -26,6 +26,7 @@ import logging
import os
import random
import string
+import subprocess
import sys
import time
@@ -276,6 +277,12 @@ class PKIConfigParser:
config.pki_master_dict.update(config.pki_subsystem_dict)
config.pki_master_dict.update(__name__="PKI Master Dictionary")
+ # RESTEasy
+ config.pki_master_dict['RESTEASY_LIB'] =\
+ subprocess.check_output(
+ 'source /etc/pki/pki.conf && echo $RESTEASY_LIB',
+ shell=True).strip()
+
# IMPORTANT: A "PKI instance" no longer corresponds to a single
# pki subystem, but rather to a unique
# "Tomcat web instance" or a unique "Apache web instance".
@@ -624,7 +631,7 @@ class PKIConfigParser:
os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT,
"javassist.jar")
config.pki_master_dict['pki_resteasy_jaxrs_api_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"jaxrs-api.jar")
config.pki_master_dict['pki_jettison_jar'] =\
os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT,
@@ -654,16 +661,16 @@ class PKIConfigParser:
os.path.join(config.PKI_DEPLOYMENT_PKI_JAR_SOURCE_ROOT,
"pki-tomcat.jar")
config.pki_master_dict['pki_resteasy_atom_provider_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-atom-provider.jar")
config.pki_master_dict['pki_resteasy_jaxb_provider_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-jaxb-provider.jar")
config.pki_master_dict['pki_resteasy_jaxrs_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-jaxrs.jar")
config.pki_master_dict['pki_resteasy_jettison_provider_jar'] =\
- os.path.join(config.PKI_DEPLOYMENT_RESTEASY_JAR_SOURCE_ROOT,
+ os.path.join(config.pki_master_dict['RESTEASY_LIB'],
"resteasy-jettison-provider.jar")
config.pki_master_dict['pki_scannotation_jar'] =\
os.path.join(config.PKI_DEPLOYMENT_JAR_SOURCE_ROOT,
generated by cgit (git 2.34.1) at 2024-04-24 13:57:34 +0000