diff options
Diffstat (limited to 'pki/base/deploy/src')
| -rwxr-xr-x | pki/base/deploy/src/pkidestroy | 151 | ||||
| -rwxr-xr-x | pki/base/deploy/src/pkispawn | 174 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/instance.py | 105 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkiconfig.py | 96 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkihelper.py | 222 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkilogging.py | 46 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkimessages.py | 86 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/pkiscriptlet.py | 47 | ||||
| -rw-r--r-- | pki/base/deploy/src/scriptlets/security_databases.py | 78 |
9 files changed, 0 insertions, 1005 deletions
diff --git a/pki/base/deploy/src/pkidestroy b/pki/base/deploy/src/pkidestroy deleted file mode 100755 index a762e143a..000000000 --- a/pki/base/deploy/src/pkidestroy +++ /dev/null @@ -1,151 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import sys -if not hasattr(sys, "hexversion") or sys.hexversion < 0x020700f0: - print "Python version %s.%s.%s is too old." % sys.version_info[:3] - print "Please upgrade to at least Python 2.7.0." - sys.exit(1) -try: - import argparse - import logging - import os - import pprint - from pki.deployment import pkiconfig as config - from pki.deployment import pkihelper - from pki.deployment import pkilogging - from pki.deployment import pkimessages as log -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - - -# PKI Deployment Functions -def main(argv): - "main entry point" - - # Only run this program as "root". - if not os.geteuid() == 0: - sys.exit("'%s' must be run as root!" % argv[0]) - - # Initialize 'pretty print' for objects - pp = pprint.PrettyPrinter(indent=4) - - # Read and process command-line arguments. - pkihelper.process_command_line_arguments(argv) - - # Enable 'pkidestroy' logging. - config.pki_log_dir = config.pki_root_prefix +\ - config.PKIDESTROY_LOG_PATH - config.pki_log_name = config.PKIDESTROY_LOG_PREFIX +\ - config.pki_subsystem.lower() +\ - config.PKIDESTROY_LOG_SUFFIX - rv = pkilogging.enable_pki_logger(config.pki_log_dir, - config.pki_log_name, - config.pki_log_level, - config.pki_console_log_level, - config.PKIDESTROY_LOGGER) - if rv != OSError: - config.pki_log = rv - else: - print log.PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 % config.pki_log_dir - sys.exit(1) - - # Read the specified PKI configuration file. - rv = pkihelper.read_pki_configuration_file() - if rv != 0: - config.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv) - sys.exit(1) - else: - config.pki_log.debug(log.PKI_DICTIONARY_COMMON) - config.pki_log.debug(pp.pformat(config.pki_common_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER) - config.pki_log.debug(pp.pformat(config.pki_web_server_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM) - config.pki_log.debug(pp.pformat(config.pki_subsystem_dict)) - - # Override PKI configuration file values with 'custom' command-line values. - if not config.pki_instance_name is None: - config.pki_common_dict['pki_instance_name'] =\ - config.pki_instance_name - if not config.pki_http_port is None: - config.pki_web_server_dict['pki_http_port'] =\ - config.pki_http_port - if not config.pki_https_port is None: - config.pki_web_server_dict['pki_https_port'] =\ - config.pki_https_port - if not config.pki_ajp_port is None: - config.pki_web_server_dict['pki_ajp_port'] =\ - config.pki_ajp_port - config.pki_log.debug(log.PKI_DICTIONARY_COMMON) - config.pki_log.debug(pp.pformat(config.pki_common_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER) - config.pki_log.debug(pp.pformat(config.pki_web_server_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM) - config.pki_log.debug(pp.pformat(config.pki_subsystem_dict)) - - # Combine the various sectional dictionaries into a PKI master dictionary - pkihelper.create_pki_master_dictionary() - config.pki_log.debug(log.PKI_DICTIONARY_MASTER) - config.pki_log.debug(pp.pformat(config.pki_master_dict)) - - # Remove the specified PKI subsystem. - pki_scriptlets_path = config.pki_root_prefix +\ - config.PKIDESTROY_PATH +\ - "/" + config.pki_subsystem.lower() - if not os.path.exists(pki_scriptlets_path) or\ - not os.path.isdir(pki_scriptlets_path): - config.pki_log.error(log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - pki_scriptlets_path) - sys.exit(1) - pki_subsystem_scriptlets = os.listdir(pki_scriptlets_path) - pki_subsystem_scriptlets.sort() - - # Process the various "scriptlets" for the specified PKI subsystem. - rv = 0 - config.pki_log.info(log.PKIDESTROY_BEGIN_MESSAGE_2, - config.pki_subsystem, - config.pki_master_dict['pki_instance_name']) - for pki_scriptlet in pki_subsystem_scriptlets: - scriptlet = __import__(config.PKI_DEPLOYMENT_SCRIPTLETS_MODULE +\ - '.' + pki_scriptlet[5:], - fromlist = [pki_scriptlet[5:]]) - instance = scriptlet.PkiScriptlet() - rv = instance.destroy() - if rv != 0: - sys.exit(1) - config.pki_log.info(log.PKIDESTROY_END_MESSAGE_2, - config.pki_subsystem, - config.pki_master_dict['pki_instance_name']) - config.pki_log.debug(log.PKI_DICTIONARY_MASTER) - config.pki_log.debug(pp.pformat(config.pki_master_dict)) - - -# PKI Deployment Entry Point -if __name__ == "__main__": - main(sys.argv) - diff --git a/pki/base/deploy/src/pkispawn b/pki/base/deploy/src/pkispawn deleted file mode 100755 index a48a4753c..000000000 --- a/pki/base/deploy/src/pkispawn +++ /dev/null @@ -1,174 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import sys -if not hasattr(sys, "hexversion") or sys.hexversion < 0x020700f0: - print "Python version %s.%s.%s is too old." % sys.version_info[:3] - print "Please upgrade to at least Python 2.7.0." - sys.exit(1) -try: - import argparse - import logging - import os - import pprint - from pki.deployment import pkiconfig as config - from pki.deployment import pkihelper - from pki.deployment import pkilogging - from pki.deployment import pkimessages as log -except ImportError: - print >> sys.stderr, """\ -There was a problem importing one of the required Python modules. The -error was: - - %s -""" % sys.exc_value - sys.exit(1) - - -# PKI Deployment Functions -def main(argv): - "main entry point" - - # Only run this program as "root". - if not os.geteuid() == 0: - sys.exit("'%s' must be run as root!" % argv[0]) - - # Set the umask - os.umask(config.PKI_DEPLOYMENT_DEFAULT_UMASK) - - # Initialize 'pretty print' for objects - pp = pprint.PrettyPrinter(indent=4) - - # Read and process command-line arguments. - pkihelper.process_command_line_arguments(argv) - - # Enable 'pkispawn' logging. - rv = 0 - if not config.pki_update_flag: - pki_deployment_begin = log.PKISPAWN_BEGIN_MESSAGE_2 - pki_deployment_end = log.PKISPAWN_END_MESSAGE_2 - config.pki_log_dir = config.pki_root_prefix +\ - config.PKISPAWN_LOG_PATH - config.pki_log_name = config.PKISPAWN_LOG_PREFIX +\ - config.pki_subsystem.lower() +\ - config.PKISPAWN_LOG_SUFFIX - rv = pkilogging.enable_pki_logger(config.pki_log_dir, - config.pki_log_name, - config.pki_log_level, - config.pki_console_log_level, - config.PKISPAWN_LOGGER) - else: - pki_deployment_begin = log.PKIRESPAWN_BEGIN_MESSAGE_2 - pki_deployment_end = log.PKIRESPAWN_END_MESSAGE_2 - config.pki_log_dir = config.pki_root_prefix +\ - config.PKIRESPAWN_LOG_PATH - config.pki_log_name = config.PKIRESPAWN_LOG_PREFIX +\ - config.pki_subsystem.lower() +\ - config.PKIRESPAWN_LOG_SUFFIX - rv = pkilogging.enable_pki_logger(config.pki_log_dir, - config.pki_log_name, - config.pki_log_level, - config.pki_console_log_level, - config.PKIRESPAWN_LOGGER) - if rv != OSError: - config.pki_log = rv - else: - print log.PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 % config.pki_log_dir - sys.exit(1) - - # Read the specified PKI configuration file. - rv = pkihelper.read_pki_configuration_file() - if rv != 0: - config.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv) - sys.exit(1) - else: - config.pki_log.debug(log.PKI_DICTIONARY_COMMON) - config.pki_log.debug(pp.pformat(config.pki_common_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER) - config.pki_log.debug(pp.pformat(config.pki_web_server_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM) - config.pki_log.debug(pp.pformat(config.pki_subsystem_dict)) - - # Override PKI configuration file values with 'custom' command-line values. - if not config.pki_instance_name is None: - config.pki_common_dict['pki_instance_name'] =\ - config.pki_instance_name - if not config.pki_http_port is None: - config.pki_web_server_dict['pki_http_port'] =\ - config.pki_http_port - if not config.pki_https_port is None: - config.pki_web_server_dict['pki_https_port'] =\ - config.pki_https_port - if not config.pki_ajp_port is None: - config.pki_web_server_dict['pki_ajp_port'] =\ - config.pki_ajp_port - config.pki_log.debug(log.PKI_DICTIONARY_COMMON) - config.pki_log.debug(pp.pformat(config.pki_common_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_WEB_SERVER) - config.pki_log.debug(pp.pformat(config.pki_web_server_dict)) - config.pki_log.debug(log.PKI_DICTIONARY_SUBSYSTEM) - config.pki_log.debug(pp.pformat(config.pki_subsystem_dict)) - - # Combine the various sectional dictionaries into a PKI master dictionary - pkihelper.create_pki_master_dictionary() - config.pki_log.debug(log.PKI_DICTIONARY_MASTER) - config.pki_log.debug(pp.pformat(config.pki_master_dict)) - - # Install and configure the specified PKI subsystem. - pki_scriptlets_path = config.pki_root_prefix +\ - config.PKISPAWN_PATH +\ - "/" + config.pki_subsystem.lower() - if not os.path.exists(pki_scriptlets_path) or\ - not os.path.isdir(pki_scriptlets_path): - config.pki_log.error(log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - pki_scriptlets_path) - sys.exit(1) - pki_subsystem_scriptlets = os.listdir(pki_scriptlets_path) - pki_subsystem_scriptlets.sort() - - # Process the various "scriptlets" for the specified PKI subsystem. - rv = 0 - config.pki_log.info(pki_deployment_begin, - config.pki_subsystem, - config.pki_master_dict['pki_instance_name']) - for pki_scriptlet in pki_subsystem_scriptlets: - scriptlet = __import__(config.PKI_DEPLOYMENT_SCRIPTLETS_MODULE +\ - '.' + pki_scriptlet[5:], - fromlist = [pki_scriptlet[5:]]) - instance = scriptlet.PkiScriptlet() - if not config.pki_update_flag: - rv = instance.spawn() - else: - rv = instance.respawn() - if rv != 0: - sys.exit(1) - config.pki_log.info(pki_deployment_end, - config.pki_subsystem, - config.pki_master_dict['pki_instance_name']) - config.pki_log.debug(log.PKI_DICTIONARY_MASTER) - config.pki_log.debug(pp.pformat(config.pki_master_dict)) - - -# PKI Deployment Entry Point -if __name__ == "__main__": - main(sys.argv) - diff --git a/pki/base/deploy/src/scriptlets/instance.py b/pki/base/deploy/src/scriptlets/instance.py deleted file mode 100644 index a7ca35c69..000000000 --- a/pki/base/deploy/src/scriptlets/instance.py +++ /dev/null @@ -1,105 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import os -import grp -import pwd - -# PKI Deployment Imports -import pkiconfig as config -import pkimessages as log -import pkiscriptlet - - -# PKI Deployment Instance Population Classes -class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): - rv = 0 - pki_path = config.pki_root_prefix +\ - config.pki_master_dict['pki_instance_root'] - pki_instance_path = pki_path + "/" +\ - config.pki_master_dict['pki_instance_name'] - pki_subsystem_path = pki_instance_path + "/" +\ - config.pki_master_dict['pki_subsystem'].lower() - - def spawn(self): - if not os.path.exists(self.pki_subsystem_path): - config.pki_log.info(log.INSTANCE_SPAWN_1, __name__) - config.pki_log.info(log.INSTANCE_SPAWN_MKDIR_1, - self.pki_subsystem_path) - if not config.pki_dry_run_flag: - try: - pki_gid = grp.getgrnam( - config.pki_master_dict['pki_group'])[2] - pki_uid = pwd.getpwnam( - config.pki_master_dict['pki_user'])[2] - os.mkdir(self.pki_path, - config.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS) - os.chown(self.pki_path, - pki_uid, - pki_gid) - os.mkdir(self.pki_instance_path, - config.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS) - os.chown(self.pki_instance_path, - pki_uid, - pki_gid) - os.mkdir(self.pki_subsystem_path, - config.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS) - os.chown(self.pki_subsystem_path, - pki_uid, - pki_gid) - except KeyError: - self.rv = KeyError - except OSError: - self.rv = OSError - elif not os.path.isdir(self.pki_subsystem_path): - config.pki_log.error( - log.PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1, - self.pki_subsystem_path) - self.rv = -1 - else: - config.pki_log.error(log.PKI_DIRECTORY_ALREADY_EXISTS_1, - self.pki_subsystem_path) - self.rv = -1 - return self.rv - - def respawn(self): - if not os.path.exists(self.pki_subsystem_path) or\ - not os.path.isdir(self.pki_subsystem_path): - config.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_subsystem_path) - self.rv = -1 - else: - config.pki_log.info(log.INSTANCE_RESPAWN_1, __name__) - return self.rv - - def destroy(self): - if not os.path.exists(self.pki_subsystem_path) or\ - not os.path.isdir(self.pki_subsystem_path): - config.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_subsystem_path) - self.rv = -1 - else: - config.pki_log.info(log.INSTANCE_DESTROY_1, __name__) - return self.rv - diff --git a/pki/base/deploy/src/scriptlets/pkiconfig.py b/pki/base/deploy/src/scriptlets/pkiconfig.py deleted file mode 100644 index 7d676c00d..000000000 --- a/pki/base/deploy/src/scriptlets/pkiconfig.py +++ /dev/null @@ -1,96 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import logging - - -# PKI Deployment Constants -PKI_DEPLOYMENT_PATH = "/usr/share/pki/deployment" -PKI_DEPLOYMENT_CONFIG_PATH = PKI_DEPLOYMENT_PATH + "/" + "config" -PKI_DEPLOYMENT_SCRIPTLETS_MODULE = "pki.deployment" -PKI_DEPLOYMENT_VERBOSITY=\ -"VERBOSITY FLAGS CONSOLE MESSAGE LEVEL LOG MESSAGE LEVEL\n"\ -"=======================================================================\n"\ -" NONE error|warning error|warning|info\n"\ -" -v error|warning|info error|warning|info\n"\ -" -vv error|warning|info error|warning|info|debug\n"\ -" -vvv error|warning|info|debug error|warning|info|debug\n"\ -" " -PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS = 00770 -PKI_DEPLOYMENT_DEFAULT_EXE_PERMISSIONS = 00770 -PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS = 00660 -PKI_DEPLOYMENT_DEFAULT_UMASK = 00002 - -PKIDESTROY_PATH = PKI_DEPLOYMENT_PATH + "/" + "destroy" -PKIDESTROY_LOG_PATH = "/var/log" -PKIDESTROY_LOG_PREFIX = "pki-" -PKIDESTROY_LOG_SUFFIX = "-destroy.log" -PKIDESTROY_LOGGER = "pkidestroy" - -PKIRESPAWN_PATH = PKI_DEPLOYMENT_PATH + "/" + "spawn" -PKIRESPAWN_LOG_PATH = "/var/log" -PKIRESPAWN_LOG_PREFIX = "pki-" -PKIRESPAWN_LOG_SUFFIX = "-respawn.log" -PKIRESPAWN_LOGGER = "pkirespawn" - -PKISPAWN_PATH = PKI_DEPLOYMENT_PATH + "/" + "spawn" -PKISPAWN_LOG_PATH = "/var/log" -PKISPAWN_LOG_PREFIX = "pki-" -PKISPAWN_LOG_SUFFIX = "-spawn.log" -PKISPAWN_LOGGER = "pkispawn" - -PKI_SECURITY_DATABASE_DIR = "alias" -PKI_SUBSYSTEMS = ["CA","KRA","OCSP","RA","TKS","TPS"] -PKI_APACHE_SUBSYSTEMS = ["RA","TPS"] -PKI_TOMCAT_SUBSYSTEMS = ["CA","KRA","OCSP","TKS"] - - -# PKI Deployment "Mandatory" Command-Line Variables -pki_subsystem = None - -# PKI Deployment "Optional" Command-Line Variables -pkideployment_cfg = PKI_DEPLOYMENT_CONFIG_PATH + "/" + "pkideployment.cfg" -pki_dry_run_flag = False -pki_root_prefix = None -pki_update_flag = False - -# PKI Deployment "Custom" Command-Line Variables -pki_instance_name = None -pki_http_port = None -pki_https_port = None -pki_ajp_port = None - - -# PKI Deployment Logger Variables -pki_log = None -pki_log_dir = None -pki_log_name = None -pki_log_level = logging.INFO -pki_console_log_level = logging.WARNING - - -# PKI Deployment Global Dictionaries -pki_common_dict = None -pki_web_server_dict = None -pki_subsystem_dict = None -pki_master_dict = None - diff --git a/pki/base/deploy/src/scriptlets/pkihelper.py b/pki/base/deploy/src/scriptlets/pkihelper.py deleted file mode 100644 index ee2bdd249..000000000 --- a/pki/base/deploy/src/scriptlets/pkihelper.py +++ /dev/null @@ -1,222 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import ConfigParser -import argparse -import logging -import os - - -# PKI Deployment Imports -import pkiconfig as config -import pkimessages as log - - -# PKI Deployment Helper Functions -def process_command_line_arguments(argv): - "Read and process command-line options" - description = None - if os.path.basename(argv[0]) == 'pkispawn': - description = 'PKI Instance Installation and Configuration' - elif os.path.basename(argv[0]) == 'pkidestroy': - description = 'PKI Instance Removal' - parser = argparse.ArgumentParser( - description=description, - add_help=False, - formatter_class=argparse.RawDescriptionHelpFormatter, - epilog=config.PKI_DEPLOYMENT_VERBOSITY) - mandatory = parser.add_argument_group('mandatory arguments') - mandatory.add_argument('-s', - dest='pki_subsystem', action='store', - nargs=1, choices=config.PKI_SUBSYSTEMS, - required=True, metavar='<subsystem>', - help='where <subsystem> is ' - 'CA, KRA, OCSP, RA, TKS, or TPS') - optional = parser.add_argument_group('optional arguments') - optional.add_argument('--dry_run', - dest='pki_dry_run_flag', action='store_true', - help='do not actually perform any actions') - optional.add_argument('-f', - dest='pkideployment_cfg', action='store', - nargs=1, metavar='<file>', - help='overrides default configuration filename') - optional.add_argument('-h', '--help', - dest='help', action='help', - help='show this help message and exit') - optional.add_argument('-p', - dest='pki_root_prefix', action='store', - nargs=1, metavar='<prefix>', - help='directory prefix to specify local directory') - if os.path.basename(argv[0]) == 'pkispawn': - optional.add_argument('-u', - dest='pki_update_flag', action='store_true', - help='update instance of specified subsystem') - optional.add_argument('-v', - dest='pki_verbosity', action='count', - help='display verbose information (details below)') - custom = parser.add_argument_group('custom arguments ' - '(OVERRIDES configuration file values)') - custom.add_argument('-i', - dest='pki_instance_name', action='store', - nargs=1, metavar='<instance>', - help='PKI instance name (MUST specify REQUIRED ports)') - custom.add_argument('--http_port', - dest='pki_http_port', action='store', - nargs=1, metavar='<port>', - help='HTTP port (CA, KRA, OCSP, RA, TKS, TPS)') - custom.add_argument('--https_port', - dest='pki_https_port', action='store', - nargs=1, metavar='<port>', - help='HTTPS port (CA, KRA, OCSP, RA, TKS, TPS)') - custom.add_argument('--ajp_port', - dest='pki_ajp_port', action='store', - nargs=1, metavar='<port>', - help='AJP port (CA, KRA, OCSP, TKS)') - args = parser.parse_args() - - config.pki_subsystem = str(args.pki_subsystem).strip('[\']') - if args.pki_dry_run_flag: - config.pki_dry_run_flag = args.pki_dry_run_flag - if not args.pkideployment_cfg is None: - config.pkideployment_cfg = str(args.pkideployment_cfg).strip('[\']') - if not os.path.exists(config.pkideployment_cfg) or\ - not os.path.isfile(config.pkideployment_cfg): - print "ERROR: " +\ - log.PKI_FILE_MISSING_OR_NOT_A_FILE_1 %\ - config.pkideployment_cfg - print - parser.print_help() - parser.exit(-1); - if not args.pki_root_prefix is None: - config.pki_root_prefix = str(args.pki_root_prefix).strip('[\']') - if config.pki_root_prefix is None or\ - len(config.pki_root_prefix) == 0: - config.pki_root_prefix = "" - elif not os.path.exists(config.pki_root_prefix) or\ - not os.path.isdir(config.pki_root_prefix): - print "ERROR: " +\ - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 %\ - config.pki_root_prefix - print - parser.print_help() - parser.exit(-1); - if os.path.basename(argv[0]) == 'pkispawn': - if args.pki_update_flag: - config.pki_update_flag = args.pki_update_flag - if args.pki_verbosity == 1: - config.pki_console_log_level = logging.INFO - config.pki_log_level = logging.INFO - elif args.pki_verbosity == 2: - config.pki_console_log_level = logging.INFO - config.pki_log_level = logging.DEBUG - elif args.pki_verbosity == 3: - config.pki_console_log_level = logging.DEBUG - config.pki_log_level = logging.DEBUG - elif args.pki_verbosity > 3: - print "ERROR: " + log.PKI_VERBOSITY_LEVELS_MESSAGE - print - parser.print_help() - parser.exit(-1); - if not args.pki_instance_name is None: - config.pki_instance_name = str(args.pki_instance_name).strip('[\']') - if not args.pki_http_port is None: - config.pki_http_port = str(args.pki_http_port).strip('[\']') - if not args.pki_https_port is None: - config.pki_https_port = str(args.pki_https_port).strip('[\']') - if not args.pki_ajp_port is None: - if config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS: - config.pki_ajp_port = str(args.pki_ajp_port).strip('[\']') - else: - print "ERROR: " +\ - log.PKI_CUSTOM_TOMCAT_AJP_PORT_1 %\ - config.pki_subsystem - print - parser.print_help() - parser.exit(-1); - if not args.pki_instance_name is None or\ - not args.pki_http_port is None or\ - not args.pki_https_port is None or\ - not args.pki_ajp_port is None: - if config.pki_subsystem in config.PKI_APACHE_SUBSYSTEMS: - if args.pki_instance_name is None or\ - args.pki_http_port is None or\ - args.pki_https_port is None: - print "ERROR: " + log.PKI_CUSTOM_APACHE_INSTANCE_1 %\ - config.pki_subsystem - print - parser.print_help() - parser.exit(-1); - elif config.pki_subsystem in config.PKI_TOMCAT_SUBSYSTEMS: - if args.pki_instance_name is None or\ - args.pki_http_port is None or\ - args.pki_https_port is None or\ - args.pki_ajp_port is None: - print "ERROR: " + log.PKI_CUSTOM_TOMCAT_INSTANCE_1 %\ - config.pki_subsystem - print - parser.print_help() - parser.exit(-1); - - -def read_pki_configuration_file(): - "Read configuration file sections into dictionaries" - rv = 0 - try: - parser = ConfigParser.ConfigParser() - parser.read(config.pkideployment_cfg) - config.pki_common_dict = dict(parser._sections['Common']) - if config.pki_subsystem == "CA": - config.pki_web_server_dict = dict(parser._sections['Tomcat']) - config.pki_subsystem_dict = dict(parser._sections['CA']) - elif config.pki_subsystem == "KRA": - config.pki_web_server_dict = dict(parser._sections['Tomcat']) - config.pki_subsystem_dict = dict(parser._sections['KRA']) - elif config.pki_subsystem == "OCSP": - config.pki_web_server_dict = dict(parser._sections['Tomcat']) - config.pki_subsystem_dict = dict(parser._sections['OCSP']) - elif config.pki_subsystem == "RA": - config.pki_web_server_dict = dict(parser._sections['Apache']) - config.pki_subsystem_dict = dict(parser._sections['RA']) - elif config.pki_subsystem == "TKS": - config.pki_web_server_dict = dict(parser._sections['Tomcat']) - config.pki_subsystem_dict = dict(parser._sections['TKS']) - elif config.pki_subsystem == "TPS": - config.pki_web_server_dict = dict(parser._sections['Apache']) - config.pki_subsystem_dict = dict(parser._sections['TPS']) - # Insert empty record into dictionaries for "pretty print" statements - config.pki_common_dict[0] = None - config.pki_web_server_dict[0] = None - config.pki_subsystem_dict[0] = None - except ConfigParser.ParsingError, err: - rv = err - return rv - - -def create_pki_master_dictionary(): - "Create a single master PKI dictionary from the sectional dictionaries" - config.pki_master_dict = dict() - config.pki_master_dict.update(config.pki_common_dict) - config.pki_master_dict.update(config.pki_web_server_dict) - config.pki_master_dict.update(config.pki_subsystem_dict) - config.pki_master_dict.update(__name__="PKI Master Dictionary") - return - diff --git a/pki/base/deploy/src/scriptlets/pkilogging.py b/pki/base/deploy/src/scriptlets/pkilogging.py deleted file mode 100644 index 776677cfd..000000000 --- a/pki/base/deploy/src/scriptlets/pkilogging.py +++ /dev/null @@ -1,46 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import logging -import os - - -# PKI Deployment Logging Functions -def enable_pki_logger(log_dir, log_name, log_level, console_log_level, logger): - if not os.path.isdir(log_dir): - try: - os.makedirs(log_dir) - except OSError: - return OSError - logging.basicConfig(level=log_level, - format='%(asctime)s %(name)-12s ' +\ - '%(levelname)-8s %(message)s', - datefmt='%Y-%m-%d %H:%M:%S', - filename=log_dir + "/" + log_name, - filemode='w') - console = logging.StreamHandler() - console.setLevel(console_log_level) - formatter = logging.Formatter('%(name)-12s: %(levelname)-8s %(message)s') - console.setFormatter(formatter) - logging.getLogger('').addHandler(console) - return logging.getLogger(logger) - diff --git a/pki/base/deploy/src/scriptlets/pkimessages.py b/pki/base/deploy/src/scriptlets/pkimessages.py deleted file mode 100644 index e6a9f95aa..000000000 --- a/pki/base/deploy/src/scriptlets/pkimessages.py +++ /dev/null @@ -1,86 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# PKI Deployment Engine Messages -PKI_CUSTOM_APACHE_INSTANCE_1 = "When a custom '%s' subsystem is being "\ - "deployed, the 'instance', 'http_port', and "\ - "'https_port' must ALL be specified!" -PKI_CUSTOM_TOMCAT_INSTANCE_1 = "When a custom '%s' subsystem is being "\ - "deployed, the 'instance', 'http_port', "\ - "'https_port', and 'ajp_port' must ALL be "\ - "specified!" -PKI_CUSTOM_TOMCAT_AJP_PORT_1 = "When a custom '%s' subsystem is being "\ - "deployed, ONLY the 'instance', "\ - "'http_port', and 'https_port' MUST be "\ - "specified; NO 'ajp_port' should be requested!" -PKI_DICTIONARY_COMMON ="\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI COMMON DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_MASTER="\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI MASTER DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_SUBSYSTEM="\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI SUBSYSTEM DICTIONARY\n"\ -"=====================================================" -PKI_DICTIONARY_WEB_SERVER="\n"\ -"=====================================================\n"\ -" DISPLAY CONTENTS OF PKI WEB SERVER DICTIONARY\n"\ -"=====================================================" -PKI_DIRECTORY_ALREADY_EXISTS_1 = "Directory '%s' already exists!" -PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1 = "Directory '%s' already "\ - "exists BUT it is NOT a "\ - "directory!" -PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1 = "Directory '%s' is either "\ - "missing or is NOT a directory!" -PKI_FILE_MISSING_OR_NOT_A_FILE_1 = "File '%s' is either missing "\ - "or is NOT a regular file!" -PKI_UNABLE_TO_PARSE_1 = "'Could not parse: '%s'" -PKI_UNABLE_TO_CREATE_LOG_DIRECTORY_1 = "Could not create log directory '%s'!" -PKI_VERBOSITY_LEVELS_MESSAGE = "Only up to 3 levels of verbosity are supported!" - - -# PKI Deployment 'pkispawn' and 'pkidestroy' Messages -PKIDESTROY_BEGIN_MESSAGE_2 = "BEGIN destroying subsystem '%s' of "\ - "instance '%s' . . ." -PKIDESTROY_END_MESSAGE_2 = "END destroying subsystem '%s' of "\ - "instance '%s'." -PKIRESPAWN_BEGIN_MESSAGE_2 = "BEGIN respawning subsystem '%s' of "\ - "instance '%s' . . ." -PKIRESPAWN_END_MESSAGE_2 = "END respawning subsystem '%s' of "\ - "instance '%s'." -PKISPAWN_BEGIN_MESSAGE_2 = "BEGIN spawning subsystem '%s' of "\ - "instance '%s' . . ." -PKISPAWN_END_MESSAGE_2 = "END spawning subsystem '%s' of "\ - "instance '%s'." - - -# PKI Deployment "Scriptlet" Messages -INSTANCE_DESTROY_1 = " depopulating '%s'" -INSTANCE_RESPAWN_1 = " repopulating '%s'" -INSTANCE_SPAWN_1 = " populating '%s'" -INSTANCE_SPAWN_MKDIR_1 = " mkdir '%s'" -SECURITY_DATABASES_DESTROY_1 = " removing '%s'" -SECURITY_DATABASES_RESPAWN_1 = " regenerating '%s'" -SECURITY_DATABASES_SPAWN_1 = " generating '%s'" - diff --git a/pki/base/deploy/src/scriptlets/pkiscriptlet.py b/pki/base/deploy/src/scriptlets/pkiscriptlet.py deleted file mode 100644 index 5befd993a..000000000 --- a/pki/base/deploy/src/scriptlets/pkiscriptlet.py +++ /dev/null @@ -1,47 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import abc - - -# PKI Deployment Classes -class AbstractBasePkiScriptlet(object): - __metaclass__ = abc.ABCMeta - - @abc.abstractmethod - def spawn(self): - """Retrieve data from the specified PKI dictionary and - use it to install a new PKI instance.""" - return - - @abc.abstractmethod - def respawn(self): - """Retrieve data from the specified PKI dictionary and - use it to update an existing PKI instance.""" - return - - @abc.abstractmethod - def destroy(self): - """Retrieve data from the specified PKI dictionary and - use it to destroy an existing PKI instance.""" - return - diff --git a/pki/base/deploy/src/scriptlets/security_databases.py b/pki/base/deploy/src/scriptlets/security_databases.py deleted file mode 100644 index af47cbd5d..000000000 --- a/pki/base/deploy/src/scriptlets/security_databases.py +++ /dev/null @@ -1,78 +0,0 @@ -#!/usr/bin/python -t -# Authors: -# Matthew Harmsen <mharmsen@redhat.com> -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2011 Red Hat, Inc. -# All rights reserved. -# - -# System Imports -import os - -# PKI Deployment Imports -import pkiconfig as config -import pkimessages as log -import pkiscriptlet - - -# PKI Deployment Security Database Classes -class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): - rv = 0 - pki_path = config.pki_root_prefix +\ - config.pki_master_dict['pki_instance_root'] - pki_instance_path = pki_path + "/" +\ - config.pki_master_dict['pki_instance_name'] - pki_subsystem_path = pki_instance_path + "/" +\ - config.pki_master_dict['pki_subsystem'].lower() - pki_database_path = pki_subsystem_path + "/" +\ - config.PKI_SECURITY_DATABASE_DIR - - def spawn(self): - if not os.path.exists(self.pki_database_path): - config.pki_log.info(log.SECURITY_DATABASES_SPAWN_1, __name__) - elif not os.path.isdir(self.pki_database_path): - config.pki_log.error( - log.PKI_DIRECTORY_ALREADY_EXISTS_NOT_A_DIRECTORY_1, - self.pki_database_path) - self.rv = -1 - else: - config.pki_log.error(log.PKI_DIRECTORY_ALREADY_EXISTS_1, - self.pki_database_path) - self.rv = -1 - return self.rv - - def respawn(self): - if not os.path.exists(self.pki_database_path) or\ - not os.path.isdir(self.pki_database_path): - config.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_database_path) - self.rv = -1 - else: - config.pki_log.info(log.SECURITY_DATABASES_RESPAWN_1, __name__) - return self.rv - - def destroy(self): - if not os.path.exists(self.pki_database_path) or\ - not os.path.isdir(self.pki_database_path): - config.pki_log.error( - log.PKI_DIRECTORY_MISSING_OR_NOT_A_DIRECTORY_1, - self.pki_database_path) - self.rv = -1 - else: - config.pki_log.info(log.SECURITY_DATABASES_DESTROY_1, __name__) - return self.rv - |