8 files changed, 1003 insertions, 0 deletions

diff --git a/pki/linux/scripts/build_ca b/pki/linux/scripts/build_ca
new file mode 100755
index 000000000..e581096e2
--- /dev/null
+++ b/pki/linux/scripts/build_ca
@@ -0,0 +1,173 @@
+#!/bin/bash
+# BEGIN COPYRIGHT BLOCK
+# (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+
+# Always switch into the base directory three levels
+# above this shell script prior to executing it so
+# that all of its output is written to this directory
+cd `dirname $0`/../../..
+
+# Retrieve the name of this base directory
+PKI_PWD=`pwd`
+
+# Establish the release directory
+PKI_RELEASE_ROOT="${PKI_PWD}/release"
+
+# Establish the name of the machine
+PKI_HOSTNAME=`hostname`
+
+# Set pre-defined variables
+PKI_DIR="pki"
+PKI_SRC_DIR="base"
+ROOT_UID=0
+
+# This script may ONLY be run on Linux!
+PKI_OS=`uname`
+if [ "${PKI_OS}" != "Linux" ]; then
+    printf "The '$0' script is ONLY executable\n"
+    printf "on a 'Linux' machine!\n"
+    exit 255
+fi
+
+# Set Linux variables
+PKI_FLAVOR="linux"
+PKI_UI_DIR="${PKI_DIR}/${PKI_FLAVOR}"
+PKI_BUILD_SCRIPT_DIR="${PKI_PWD}/${PKI_UI_DIR}"
+PKI_BUILD_SCRIPT="build_linux"
+
+# Set packaging variables
+RPM_EXE="/bin/rpm"
+RPM_EXE_OPTIONS="-Uvh --force"
+RPM_DIR="dist/rpmpkg/RPMS/*/"
+RPM_EXT="-[0-9]*.rpm"
+
+# Set sudo variables
+PKI_SUDO="/usr/bin/sudo"
+PKI_SUDOERS="/etc/sudoers"
+
+# Set user identity variables
+PKI_EUID=`/usr/bin/id -u`
+PKI_UID=`/usr/bin/id -ur`
+PKI_USERNAME=`/usr/bin/id -un`
+
+# Make sure that this script is NOT being run as root!
+if [ ${PKI_UID} -eq ${ROOT_UID} ] ||
+   [ ${PKI_EUID} -eq ${ROOT_UID} ]; then
+    printf "The '$0' script may NOT be run as root!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudo' executable
+if [ ! -x "${PKI_SUDO}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDO}' executable\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudoers' file
+if [ ! -e "${PKI_SUDOERS}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDOERS}' file\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the required sudoers command
+PKI_SUDOERS_COMMAND="(root) NOPASSWD: ${RPM_EXE}"
+PKI_SUDOERS_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${RPM_EXE}"
+printf "Checking if '${PKI_USERNAME}' has the appropriate '${PKI_SUDO}' permissions . . .\n"
+printf "[NOTE:  A password prompt may appear requiring ${PKI_USERNAME}'s password.]\n"
+`${PKI_SUDO} -l | grep "${PKI_SUDOERS_COMMAND}" > /dev/null 2>&1`
+if [ $? -ne 0 ]; then
+    printf "The '$0' script requires that the\n"
+    printf "'${PKI_SUDOERS}' file MUST contain this line:\n\n"
+    printf "    '${PKI_SUDOERS_LINE}'\n\n"
+    exit 255
+fi
+
+# Establish release subdirectories
+PKI_RELEASE_DIR="${PKI_RELEASE_ROOT}/${PKI_DIR}/${PKI_SRC_DIR}"
+PKI_RELEASE_UI_DIR="${PKI_RELEASE_ROOT}/${PKI_UI_DIR}"
+
+# Establish common PKI package names
+OSUTIL=osutil${RPM_EXT}
+SYMKEY=symkey${RPM_EXT}
+PKI_NATIVE_TOOLS=pki-native-tools${RPM_EXT}
+PKI_UTIL=pki-util${RPM_EXT}
+PKI_UTIL_JAVADOC=pki-util-javadoc${RPM_EXT}
+PKI_SETUP=pki-setup${RPM_EXT}
+PKI_JAVA_TOOLS=pki-java-tools${RPM_EXT}
+PKI_JAVA_TOOLS_JAVADOC=pki-java-tools-javadoc${RPM_EXT}
+PKI_COMMON_UI=pki-common-ui${RPM_EXT}
+PKI_COMMON=pki-common${RPM_EXT}
+PKI_COMMON_JAVADOC=pki-common-javadoc${RPM_EXT}
+
+# Establish PKI subsystem package names
+PKI_CA_UI=pki-ca-ui${RPM_EXT}
+PKI_CA=pki-ca${RPM_EXT}
+
+# Establish optional PKI package names
+PKI_CONSOLE_UI=pki-console-ui${RPM_EXT}
+PKI_CONSOLE=pki-console${RPM_EXT}
+PKI_SILENT=pki-silent${RPM_EXT}
+
+# Always start with a new release root directory
+rm -rf ${PKI_RELEASE_ROOT}
+mkdir -p ${PKI_RELEASE_ROOT}
+
+# Build and install 'osutil' packages
+${PKI_BUILD_SCRIPT_DIR}/osutil/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/osutil/${RPM_DIR}/${OSUTIL}
+
+# Build and install 'symkey' packages
+${PKI_BUILD_SCRIPT_DIR}/symkey/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/symkey/${RPM_DIR}/${SYMKEY}
+
+# Build and install 'pki-native-tools' packages
+${PKI_BUILD_SCRIPT_DIR}/native-tools/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/native-tools/${RPM_DIR}/${PKI_NATIVE_TOOLS}
+
+# Build and install 'pki-util' packages
+${PKI_BUILD_SCRIPT_DIR}/util/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/util/${RPM_DIR}/${PKI_UTIL}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/util/${RPM_DIR}/${PKI_UTIL_JAVADOC}
+
+# Build and install 'pki-setup' packages
+${PKI_BUILD_SCRIPT_DIR}/setup/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/setup/${RPM_DIR}/${PKI_SETUP}
+
+# Build and install 'pki-java-tools' packages
+${PKI_BUILD_SCRIPT_DIR}/java-tools/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/java-tools/${RPM_DIR}/${PKI_JAVA_TOOLS}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/java-tools/${RPM_DIR}/${PKI_JAVA_TOOLS_JAVADOC}
+
+# Build and install 'pki-common-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/common-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/common-ui/${RPM_DIR}/${PKI_COMMON_UI}
+
+# Build and install 'pki-common' packages
+${PKI_BUILD_SCRIPT_DIR}/common/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/common/${RPM_DIR}/${PKI_COMMON}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/common/${RPM_DIR}/${PKI_COMMON_JAVADOC}
+
+# Build and install 'pki-ca-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/ca-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/ca-ui/${RPM_DIR}/${PKI_CA_UI}
+
+# Build and install 'pki-ca' packages
+${PKI_BUILD_SCRIPT_DIR}/ca/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/ca/${RPM_DIR}/${PKI_CA}
+
+# Build and install 'pki-console-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/console-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/console-ui/${RPM_DIR}/${PKI_CONSOLE_UI}
+
+# Build and install 'pki-console' packages
+${PKI_BUILD_SCRIPT_DIR}/console/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/console/${RPM_DIR}/${PKI_CONSOLE}
+
+# Build and install 'pki-silent' packages
+${PKI_BUILD_SCRIPT_DIR}/silent/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/silent/${RPM_DIR}/${PKI_SILENT}
+
diff --git a/pki/linux/scripts/build_pki b/pki/linux/scripts/build_pki
new file mode 100755
index 000000000..9d248e6c2
--- /dev/null
+++ b/pki/linux/scripts/build_pki
@@ -0,0 +1,233 @@
+#!/bin/bash
+# BEGIN COPYRIGHT BLOCK
+# (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+
+# Always switch into the base directory three levels
+# above this shell script prior to executing it so
+# that all of its output is written to this directory
+cd `dirname $0`/../../..
+
+# Retrieve the name of this base directory
+PKI_PWD=`pwd`
+
+# Establish the release directory
+PKI_RELEASE_ROOT="${PKI_PWD}/release"
+
+# Establish the name of the machine
+PKI_HOSTNAME=`hostname`
+
+# Set pre-defined variables
+PKI_DIR="pki"
+PKI_SRC_DIR="base"
+ROOT_UID=0
+
+# This script may ONLY be run on Linux!
+PKI_OS=`uname`
+if [ "${PKI_OS}" != "Linux" ]; then
+    printf "The '$0' script is ONLY executable\n"
+    printf "on a 'Linux' machine!\n"
+    exit 255
+fi
+
+# Set Linux variables
+PKI_FLAVOR="linux"
+PKI_UI_DIR="${PKI_DIR}/${PKI_FLAVOR}"
+PKI_BUILD_SCRIPT_DIR="${PKI_PWD}/${PKI_UI_DIR}"
+PKI_BUILD_SCRIPT="build_linux"
+
+# Set packaging variables
+RPM_EXE="/bin/rpm"
+RPM_EXE_OPTIONS="-Uvh --force"
+RPM_DIR="dist/rpmpkg/RPMS/*/"
+RPM_EXT="-[0-9]*.rpm"
+
+# Set sudo variables
+PKI_SUDO="/usr/bin/sudo"
+PKI_SUDOERS="/etc/sudoers"
+
+# Set user identity variables
+PKI_EUID=`/usr/bin/id -u`
+PKI_UID=`/usr/bin/id -ur`
+PKI_USERNAME=`/usr/bin/id -un`
+
+# Make sure that this script is NOT being run as root!
+if [ ${PKI_UID} -eq ${ROOT_UID} ] ||
+   [ ${PKI_EUID} -eq ${ROOT_UID} ]; then
+    printf "The '$0' script may NOT be run as root!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudo' executable
+if [ ! -x "${PKI_SUDO}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDO}' executable\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudoers' file
+if [ ! -e "${PKI_SUDOERS}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDOERS}' file\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the required sudoers command
+PKI_SUDOERS_COMMAND="(root) NOPASSWD: ${RPM_EXE}"
+PKI_SUDOERS_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${RPM_EXE}"
+printf "Checking if '${PKI_USERNAME}' has the appropriate '${PKI_SUDO}' permissions . . .\n"
+printf "[NOTE:  A password prompt may appear requiring ${PKI_USERNAME}'s password.]\n"
+`${PKI_SUDO} -l | grep "${PKI_SUDOERS_COMMAND}" > /dev/null 2>&1`
+if [ $? -ne 0 ]; then
+    printf "The '$0' script requires that the\n"
+    printf "'${PKI_SUDOERS}' file MUST contain this line:\n\n"
+    printf "    '${PKI_SUDOERS_LINE}'\n\n"
+    exit 255
+fi
+
+# Establish release subdirectories
+PKI_RELEASE_DIR="${PKI_RELEASE_ROOT}/${PKI_DIR}/${PKI_SRC_DIR}"
+PKI_RELEASE_UI_DIR="${PKI_RELEASE_ROOT}/${PKI_UI_DIR}"
+
+# Establish common PKI package names
+OSUTIL=osutil${RPM_EXT}
+SYMKEY=symkey${RPM_EXT}
+PKI_NATIVE_TOOLS=pki-native-tools${RPM_EXT}
+PKI_UTIL=pki-util${RPM_EXT}
+PKI_UTIL_JAVADOC=pki-util-javadoc${RPM_EXT}
+PKI_SETUP=pki-setup${RPM_EXT}
+PKI_JAVA_TOOLS=pki-java-tools${RPM_EXT}
+PKI_JAVA_TOOLS_JAVADOC=pki-java-tools-javadoc${RPM_EXT}
+PKI_COMMON_UI=pki-common-ui${RPM_EXT}
+PKI_COMMON=pki-common${RPM_EXT}
+PKI_COMMON_JAVADOC=pki-common-javadoc${RPM_EXT}
+
+# Establish PKI subsystem package names
+PKI_CA_UI=pki-ca-ui${RPM_EXT}
+PKI_CA=pki-ca${RPM_EXT}
+PKI_KRA_UI=pki-kra-ui${RPM_EXT}
+PKI_KRA=pki-kra${RPM_EXT}
+PKI_OCSP_UI=pki-ocsp-ui${RPM_EXT}
+PKI_OCSP=pki-ocsp${RPM_EXT}
+PKI_TKS_UI=pki-tks-ui${RPM_EXT}
+PKI_TKS=pki-tks${RPM_EXT}
+PKI_RA_UI=pki-ra-ui${RPM_EXT}
+PKI_RA=pki-ra${RPM_EXT}
+PKI_TPS_UI=pki-tps-ui${RPM_EXT}
+PKI_TPS=pki-tps${RPM_EXT}
+
+# Establish optional PKI package names
+PKI_MANAGE=pki-manage${RPM_EXT}
+PKI_CONSOLE_UI=pki-console-ui${RPM_EXT}
+PKI_CONSOLE=pki-console${RPM_EXT}
+PKI_SILENT=pki-silent${RPM_EXT}
+PKI_MIGRATE=pki-migrate${RPM_EXT}
+
+# Always start with a new release root directory
+rm -rf ${PKI_RELEASE_ROOT}
+mkdir -p ${PKI_RELEASE_ROOT}
+
+# Build and install 'osutil' packages
+${PKI_BUILD_SCRIPT_DIR}/osutil/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/osutil/${RPM_DIR}/${OSUTIL}
+
+# Build and install 'symkey' packages
+${PKI_BUILD_SCRIPT_DIR}/symkey/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/symkey/${RPM_DIR}/${SYMKEY}
+
+# Build and install 'pki-native-tools' packages
+${PKI_BUILD_SCRIPT_DIR}/native-tools/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/native-tools/${RPM_DIR}/${PKI_NATIVE_TOOLS}
+
+# Build and install 'pki-util' packages
+${PKI_BUILD_SCRIPT_DIR}/util/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/util/${RPM_DIR}/${PKI_UTIL}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/util/${RPM_DIR}/${PKI_UTIL_JAVADOC}
+
+# Build and install 'pki-setup' packages
+${PKI_BUILD_SCRIPT_DIR}/setup/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/setup/${RPM_DIR}/${PKI_SETUP}
+
+# Build and install 'pki-java-tools' packages
+${PKI_BUILD_SCRIPT_DIR}/java-tools/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/java-tools/${RPM_DIR}/${PKI_JAVA_TOOLS}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/java-tools/${RPM_DIR}/${PKI_JAVA_TOOLS_JAVADOC}
+
+# Build and install 'pki-common-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/common-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/common-ui/${RPM_DIR}/${PKI_COMMON_UI}
+
+# Build and install 'pki-common' packages
+${PKI_BUILD_SCRIPT_DIR}/common/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/common/${RPM_DIR}/${PKI_COMMON}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/common/${RPM_DIR}/${PKI_COMMON_JAVADOC}
+
+# Build and install 'pki-ca-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/ca-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/ca-ui/${RPM_DIR}/${PKI_CA_UI}
+
+# Build and install 'pki-ca' packages
+${PKI_BUILD_SCRIPT_DIR}/ca/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/ca/${RPM_DIR}/${PKI_CA}
+
+# Build and install 'pki-kra-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/kra-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/kra-ui/${RPM_DIR}/${PKI_KRA_UI}
+
+# Build and install 'pki-kra' packages
+${PKI_BUILD_SCRIPT_DIR}/kra/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/kra/${RPM_DIR}/${PKI_KRA}
+
+# Build and install 'pki-ocsp-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/ocsp-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/ocsp-ui/${RPM_DIR}/${PKI_OCSP_UI}
+
+# Build and install 'pki-ocsp' packages
+${PKI_BUILD_SCRIPT_DIR}/ocsp/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/ocsp/${RPM_DIR}/${PKI_OCSP}
+
+# Build and install 'pki-tks-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/tks-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/tks-ui/${RPM_DIR}/${PKI_TKS_UI}
+
+# Build and install 'pki-tks' packages
+${PKI_BUILD_SCRIPT_DIR}/tks/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/tks/${RPM_DIR}/${PKI_TKS}
+
+# Build and install 'pki-ra-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/ra-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/ra-ui/${RPM_DIR}/${PKI_RA_UI}
+
+# Build and install 'pki-ra' packages
+${PKI_BUILD_SCRIPT_DIR}/ra/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/ra/${RPM_DIR}/${PKI_RA}
+
+# Build and install 'pki-tps-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/tps-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/tps-ui/${RPM_DIR}/${PKI_TPS_UI}
+
+# Build and install 'pki-tps' packages
+${PKI_BUILD_SCRIPT_DIR}/tps/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/tps/${RPM_DIR}/${PKI_TPS}
+
+# Build and install 'pki-manage' packages
+${PKI_BUILD_SCRIPT_DIR}/manage/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/manage/${RPM_DIR}/${PKI_MANAGE}
+
+# Build and install 'pki-console-ui' packages
+${PKI_BUILD_SCRIPT_DIR}/console-ui/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_UI_DIR}/console-ui/${RPM_DIR}/${PKI_CONSOLE_UI}
+
+# Build and install 'pki-console' packages
+${PKI_BUILD_SCRIPT_DIR}/console/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/console/${RPM_DIR}/${PKI_CONSOLE}
+
+# Build and install 'pki-silent' packages
+${PKI_BUILD_SCRIPT_DIR}/silent/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/silent/${RPM_DIR}/${PKI_SILENT}
+
+# Build and install 'pki-migrate' packages
+${PKI_BUILD_SCRIPT_DIR}/migrate/${PKI_BUILD_SCRIPT}
+${PKI_SUDO} ${RPM_EXE} ${RPM_EXE_OPTIONS} ${PKI_RELEASE_DIR}/migrate/${RPM_DIR}/${PKI_MIGRATE}
+
diff --git a/pki/linux/scripts/linux_svn_external_properties_db b/pki/linux/scripts/linux_svn_external_properties_db
new file mode 100644
index 000000000..f73b03339
--- /dev/null
+++ b/pki/linux/scripts/linux_svn_external_properties_db
@@ -0,0 +1,2 @@
+config https://pki-svn.fedora.redhat.com/svn/pki/trunk/pki/base/config
+config-ext https://pki-svn.fedora.redhat.com/svn/pki/trunk/pki/linux/config-ext
diff --git a/pki/linux/scripts/prepare_ca b/pki/linux/scripts/prepare_ca
new file mode 100755
index 000000000..98ebafc9e
--- /dev/null
+++ b/pki/linux/scripts/prepare_ca
@@ -0,0 +1,153 @@
+#!/bin/bash
+# BEGIN COPYRIGHT BLOCK
+# (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+
+# Always switch into the base directory of this
+# shell script prior to executing it so that all
+# of its output is written to this directory
+cd `dirname $0`
+
+# Retrieve the name of this base directory
+PKI_PWD=`pwd`
+
+# Establish the name of the machine
+PKI_HOSTNAME=`hostname`
+
+# Set pre-defined variables
+ROOT_UID=0
+
+# This script may ONLY be run on Linux!
+PKI_OS=`uname`
+if [ "${PKI_OS}" != "Linux" ]; then
+    printf "The '$0' script is ONLY executable\n"
+    printf "on a 'Linux' machine!\n"
+    exit 255
+fi
+
+# For Fedora machines, compute the FEDORA_VERSION
+if [ -e /etc/fedora-release ]; then
+    FEDORA_VERSION=`rpm -qf --qf='%{VERSION}' /etc/fedora-release | tr -d [A-Z] | tr -d [a-z]`
+else
+    # For now, just give FEDORA_VERSION a bogus value if not using Fedora.
+    FEDORA_VERSION=9999
+fi
+
+# Set Linux variables
+PKI_PLATFORM="LINUX"
+PKI_UPDATE="/usr/bin/yum"
+PKI_UPDATE_OPTIONS="-y install"
+PKI_UPDATE_DIR=""
+
+# Set sudo variables
+PKI_SUDO="/usr/bin/sudo"
+PKI_SUDOERS="/etc/sudoers"
+
+# Set user identity variables
+PKI_EUID=`/usr/bin/id -u`
+PKI_UID=`/usr/bin/id -ur`
+PKI_USERNAME=`/usr/bin/id -un`
+
+# Make sure that this script is NOT being run as root!
+if [ ${PKI_UID} -eq ${ROOT_UID} ] ||
+   [ ${PKI_EUID} -eq ${ROOT_UID} ]; then
+    printf "The '$0' script may NOT be run as root!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudo' executable
+if [ ! -x "${PKI_SUDO}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDO}' executable\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudoers' file
+if [ ! -e "${PKI_SUDOERS}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDOERS}' file\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the required sudoers command
+PKI_SUDOERS_COMMAND="(root) NOPASSWD: ${RPM_EXE}"
+PKI_SUDOERS_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${RPM_EXE}"
+printf "Checking if '${PKI_USERNAME}' has the appropriate '${PKI_SUDO}' permissions . . .\n"
+printf "[NOTE:  A password prompt may appear requiring ${PKI_USERNAME}'s password.]\n"
+`${PKI_SUDO} -l | grep "${PKI_SUDOERS_COMMAND}" > /dev/null 2>&1`
+if [ $? -ne 0 ]; then
+    printf "The '$0' script requires that the\n"
+    printf "'${PKI_SUDOERS}' file MUST contain this line:\n\n"
+    printf "    '${PKI_SUDOERS_LINE}'\n\n"
+    exit 255
+fi
+
+# Establish PKI support package names
+NSPR=nspr
+NSPR_DEVEL=nspr-devel
+NSS=nss
+NSS_DEVEL=nss-devel
+NSS_PKCS11_DEVEL=nss-pkcs11-devel
+NSS_TOOLS=nss-tools
+JSS=jss
+SVRCORE=svrcore
+SVRCORE_DEVEL=svrcore-devel
+CYRUS_SASL=cyrus-sasl
+CYRUS_SASL_DEVEL=cyrus-sasl-devel
+MOZLDAP=mozldap
+MOZLDAP_DEVEL=mozldap-devel
+MOZLDAP_TOOLS=mozldap-tools
+PERL=perl
+JPACKAGE_UTILS=jpackage-utils
+JAKARTA_COMMONS_LOGGING=jakarta-commons-logging
+TOMCAT5_SERVLET_2_4_API=tomcat5-servlet-2.4-api
+JAKARTA_COMMONS_COLLECTIONS=jakarta-commons-collections
+JAKARTA_COMMONS_BEANUTILS=jakarta-commons-beanutils
+JAKARTA_COMMONS_DIGESTER=jakarta-commons-digester
+ORO=oro
+CLASSPATHX_JAF=classpathx-jaf
+LDAPJDK=ldapjdk
+JAKARTA_COMMONS_POOL=jakarta-commons-pool
+JAKARTA_COMMONS_FILEUPLOAD=jakarta-commons-fileupload
+XML_COMMONS=xml-commons
+XML_COMMONS_APIS=xml-commons-apis
+REGEXP=regexp
+BCEL=bcel
+JAKARTA_COMMONS_DBCP=jakarta-commons-dbcp
+TOMCAT5_JASPER=tomcat5-jasper
+JAKARTA_COMMONS_DISCOVERY=jakarta-commons-discovery
+JAKARTA_COMMONS_HTTPCLIENT3=jakarta-commons-httpclient3
+JMS=jms
+JAKARTA_COMMONS_LAUNCHER=jakarta-commons-launcher
+JAKARTA_COMMONS_EL=jakarta-commons-el
+JAKARTA_COMMONS_DAEMON=jakarta-commons-daemon
+if [ ${FEDORA_VERSION} -eq 6 ]; then
+    # Required by Fedora Core 6
+    GNU_CRYPTO_SASL_JDK1_4=gnu-crypto-sasl-jdk1.4
+else
+    GNU_CRYPTO_SASL_JDK1_4=
+fi
+CLASSPATHX_MAIL=classpathx-mail
+XERCES_J2=xerces-j2
+XALAN_J2=xalan-j2
+LOG4J=log4j
+XML_COMMONS_RESOLVER=xml-commons-resolver
+AVALON_LOGKIT=avalon-logkit
+AVALON_FRAMEWORK=avalon-framework
+JDOM=jdom
+WERKEN_XPATH=werken-xpath
+VELOCITY=velocity
+ANT=ant
+WSDL4J=wsdl4j
+AXIS=axis
+MX4J=mx4j
+GERONIMO_SPECS=geronimo-specs
+JAKARTA_COMMONS_MODELER=jakarta-commons-modeler
+IDM_CONSOLE_FRAMEWORK=idm-console-framework
+TOMCAT5=tomcat5
+TOMCATJSS=tomcatjss
+
+# Build and install PKI support packages
+${PKI_SUDO} ${PKI_UPDATE} ${PKI_UPDATE_OPTIONS} ${NSPR} ${NSPR_DEVEL} ${NSS} ${NSS_DEVEL} ${NSS_PKCS11_DEVEL} ${NSS_TOOLS} ${JSS} ${SVRCORE} ${SVRCORE_DEVEL} ${CYRUS_SASL} ${CYRUS_SASL_DEVEL} ${MOZLDAP} ${MOZLDAP_DEVEL} ${MOZLDAP_TOOLS} ${PERL} ${JPACKAGE_UTILS} ${JAKARTA_COMMONS_LOGGING} ${TOMCAT5_SERVLET_2_4_API} ${JAKARTA_COMMONS_COLLECTIONS} ${JAKARTA_COMMONS_BEANUTILS} ${JAKARTA_COMMONS_DIGESTER} ${ORO} ${CLASSPATHX_JAF} ${LDAPJDK} ${JAKARTA_COMMONS_POOL} ${JAKARTA_COMMONS_FILEUPLOAD} ${XML_COMMONS} ${XML_COMMONS_APIS} ${REGEXP} ${BCEL} ${JAKARTA_COMMONS_DBCP} ${TOMCAT5_JASPER} ${JAKARTA_COMMONS_DISCOVERY} ${JAKARTA_COMMONS_HTTPCLIENT3} ${JMS} ${JAKARTA_COMMONS_LAUNCHER} ${JAKARTA_COMMONS_EL} ${JAKARTA_COMMONS_DAEMON} ${GNU_CRYPTO_SASL_JDK1_4} ${CLASSPATHX_MAIL} ${XERCES_J2} ${XALAN_J2} ${LOG4J} ${XML_COMMONS_RESOLVER} ${AVALON_LOGKIT} ${AVALON_FRAMEWORK} ${JDOM} ${WERKEN_XPATH} ${VELOCITY} ${ANT} ${WSDL4J} ${AXIS} ${MX4J} ${GERONIMO_SPECS} ${JAKARTA_COMMONS_MODELER} ${IDM_CONSOLE_FRAMEWORK} ${TOMCAT5} ${TOMCATJSS}
+
diff --git a/pki/linux/scripts/prepare_pki b/pki/linux/scripts/prepare_pki
new file mode 100755
index 000000000..f11b7363f
--- /dev/null
+++ b/pki/linux/scripts/prepare_pki
@@ -0,0 +1,185 @@
+#!/bin/bash
+# BEGIN COPYRIGHT BLOCK
+# (C) 2007 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+
+# Always switch into the base directory of this
+# shell script prior to executing it so that all
+# of its output is written to this directory
+cd `dirname $0`
+
+# Retrieve the name of this base directory
+PKI_PWD=`pwd`
+
+# Establish the name of the machine
+PKI_HOSTNAME=`hostname`
+
+# Set pre-defined variables
+ROOT_UID=0
+
+# This script may ONLY be run on Linux!
+PKI_OS=`uname`
+if [ "${PKI_OS}" != "Linux" ]; then
+    printf "The '$0' script is ONLY executable\n"
+    printf "on a 'Linux' machine!\n"
+    exit 255
+fi
+
+# For Fedora machines, compute the FEDORA_VERSION
+if [ -e /etc/fedora-release ]; then
+    FEDORA_VERSION=`rpm -qf --qf='%{VERSION}' /etc/fedora-release | tr -d [A-Z] | tr -d [a-z]`
+else
+    # For now, just give FEDORA_VERSION a bogus value if not using Fedora.
+    FEDORA_VERSION=9999
+fi
+
+# Set Linux variables
+PKI_PLATFORM="LINUX"
+PKI_UPDATE="/usr/bin/yum"
+PKI_UPDATE_OPTIONS="-y install"
+PKI_UPDATE_DIR=""
+
+# Set sudo variables
+PKI_SUDO="/usr/bin/sudo"
+PKI_SUDOERS="/etc/sudoers"
+
+# Set user identity variables
+PKI_EUID=`/usr/bin/id -u`
+PKI_UID=`/usr/bin/id -ur`
+PKI_USERNAME=`/usr/bin/id -un`
+
+# Make sure that this script is NOT being run as root!
+if [ ${PKI_UID} -eq ${ROOT_UID} ] ||
+   [ ${PKI_EUID} -eq ${ROOT_UID} ]; then
+    printf "The '$0' script may NOT be run as root!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudo' executable
+if [ ! -x "${PKI_SUDO}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDO}' executable\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the 'sudoers' file
+if [ ! -e "${PKI_SUDOERS}" ]; then
+    printf "The '$0' script requires the '${PKI_SUDOERS}' file\n"
+    printf "to be available on '${PKI_HOSTNAME}'!\n"
+    exit 255
+fi
+
+# Check for the presence of the required sudoers command
+PKI_SUDOERS_COMMAND="(root) NOPASSWD: ${RPM_EXE}"
+PKI_SUDOERS_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${RPM_EXE}"
+printf "Checking if '${PKI_USERNAME}' has the appropriate '${PKI_SUDO}' permissions . . .\n"
+printf "[NOTE:  A password prompt may appear requiring ${PKI_USERNAME}'s password.]\n"
+`${PKI_SUDO} -l | grep "${PKI_SUDOERS_COMMAND}" > /dev/null 2>&1`
+if [ $? -ne 0 ]; then
+    printf "The '$0' script requires that the\n"
+    printf "'${PKI_SUDOERS}' file MUST contain this line:\n\n"
+    printf "    '${PKI_SUDOERS_LINE}'\n\n"
+    exit 255
+fi
+
+# Establish PKI support package names
+NSPR=nspr
+NSPR_DEVEL=nspr-devel
+NSS=nss
+NSS_DEVEL=nss-devel
+NSS_PKCS11_DEVEL=nss-pkcs11-devel
+NSS_TOOLS=nss-tools
+JSS=jss
+SVRCORE=svrcore
+SVRCORE_DEVEL=svrcore-devel
+CYRUS_SASL=cyrus-sasl
+CYRUS_SASL_DEVEL=cyrus-sasl-devel
+MOZLDAP=mozldap
+MOZLDAP_DEVEL=mozldap-devel
+MOZLDAP_TOOLS=mozldap-tools
+PERL=perl
+APR=apr
+PCRE=pcre
+EXPAT=expat
+APR_UTIL=apr-util
+HTTPD=httpd
+MOD_NSS=mod_nss
+MOD_PERL=mod_perl
+MOD_REVOCATOR=mod_revocator
+PERL_PARSE_RECDESCENT=perl-Parse-RecDescent
+PERL_HTML_TAGSET=perl-HTML-Tagset
+PERL_HTML_PARSER=perl-HTML-Parser
+PERL_URI=perl-URI
+PERL_LIBWWW_PERL=perl-libwww-perl
+PERL_XML_PARSER=perl-XML-Parser
+PERL_XML_SIMPLE=perl-XML-Simple
+PERL_XML_NAMESPACESUPPORT=perl-XML-NamespaceSupport
+PERL_XML_SAX=perl-XML-SAX
+JPACKAGE_UTILS=jpackage-utils
+JAKARTA_COMMONS_LOGGING=jakarta-commons-logging
+TOMCAT5_SERVLET_2_4_API=tomcat5-servlet-2.4-api
+JAKARTA_COMMONS_COLLECTIONS=jakarta-commons-collections
+JAKARTA_COMMONS_BEANUTILS=jakarta-commons-beanutils
+JAKARTA_COMMONS_DIGESTER=jakarta-commons-digester
+ORO=oro
+CLASSPATHX_JAF=classpathx-jaf
+LDAPJDK=ldapjdk
+JAKARTA_COMMONS_POOL=jakarta-commons-pool
+JAKARTA_COMMONS_FILEUPLOAD=jakarta-commons-fileupload
+XML_COMMONS=xml-commons
+XML_COMMONS_APIS=xml-commons-apis
+REGEXP=regexp
+BCEL=bcel
+JAKARTA_COMMONS_DBCP=jakarta-commons-dbcp
+TOMCAT5_JASPER=tomcat5-jasper
+JAKARTA_COMMONS_DISCOVERY=jakarta-commons-discovery
+JAKARTA_COMMONS_HTTPCLIENT3=jakarta-commons-httpclient3
+JMS=jms
+JAKARTA_COMMONS_LAUNCHER=jakarta-commons-launcher
+JAKARTA_COMMONS_EL=jakarta-commons-el
+JAKARTA_COMMONS_DAEMON=jakarta-commons-daemon
+if [ ${FEDORA_VERSION} -eq 6 ]; then
+    # Required by Fedora Core 6
+    GNU_CRYPTO_SASL_JDK1_4=gnu-crypto-sasl-jdk1.4
+else
+    GNU_CRYPTO_SASL_JDK1_4=
+fi
+CLASSPATHX_MAIL=classpathx-mail
+XERCES_J2=xerces-j2
+XALAN_J2=xalan-j2
+LOG4J=log4j
+XML_COMMONS_RESOLVER=xml-commons-resolver
+AVALON_LOGKIT=avalon-logkit
+AVALON_FRAMEWORK=avalon-framework
+JDOM=jdom
+WERKEN_XPATH=werken-xpath
+VELOCITY=velocity
+ANT=ant
+WSDL4J=wsdl4j
+AXIS=axis
+MX4J=mx4j
+GERONIMO_SPECS=geronimo-specs
+JAKARTA_COMMONS_MODELER=jakarta-commons-modeler
+IDM_CONSOLE_FRAMEWORK=idm-console-framework
+TOMCAT5=tomcat5
+TOMCATJSS=tomcatjss
+READLINE=readline
+READLINE_DEVEL=readline-devel
+NCURSES=ncurses
+NCURSES_DEVEL=ncurses-devel
+TCL=tcl
+TCL_DEVEL=tcl-devel
+SQLITE=sqlite
+SQLITE_DEVEL=sqlite-devel
+PERL_DBI=perl-DBI
+PERL_DBD_SQLITE=perl-DBD-SQLite
+PCRE_DEVEL=pcre-devel
+EXPAT_DEVEL=expat-devel
+APR_DEVEL=apr-devel
+APR_UTIL_DEVEL=apr-util-devel
+HTTPD_DEVEL=httpd-devel
+
+# Build and install PKI support packages
+${PKI_SUDO} ${PKI_UPDATE} ${PKI_UPDATE_OPTIONS} ${NSPR} ${NSPR_DEVEL} ${NSS} ${NSS_DEVEL} ${NSS_PKCS11_DEVEL} ${NSS_TOOLS} ${JSS} ${SVRCORE} ${SVRCORE_DEVEL} ${CYRUS_SASL} ${CYRUS_SASL_DEVEL} ${MOZLDAP} ${MOZLDAP_DEVEL} ${MOZLDAP_TOOLS} ${PERL} ${APR} ${PCRE} ${EXPAT} ${APR_UTIL} ${HTTPD} ${MOD_NSS} ${MOD_PERL} ${MOD_REVOCATOR} ${PERL_PARSE_RECDESCENT} ${PERL_HTML_TAGSET} ${PERL_HTML_PARSER} ${PERL_URI} ${PERL_LIBWWW_PERL} ${PERL_XML_PARSER} ${PERL_XML_SIMPLE} ${PERL_XML_NAMESPACESUPPORT} ${PERL_XML_SAX} ${JPACKAGE_UTILS} ${JAKARTA_COMMONS_LOGGING} ${TOMCAT5_SERVLET_2_4_API} ${JAKARTA_COMMONS_COLLECTIONS} ${JAKARTA_COMMONS_BEANUTILS} ${JAKARTA_COMMONS_DIGESTER} ${ORO} ${CLASSPATHX_JAF} ${LDAPJDK} ${JAKARTA_COMMONS_POOL} ${JAKARTA_COMMONS_FILEUPLOAD} ${XML_COMMONS} ${XML_COMMONS_APIS} ${REGEXP} ${BCEL} ${JAKARTA_COMMONS_DBCP} ${TOMCAT5_JASPER} ${JAKARTA_COMMONS_DISCOVERY} ${JAKARTA_COMMONS_HTTPCLIENT3} ${JMS} ${JAKARTA_COMMONS_LAUNCHER} ${JAKARTA_COMMONS_EL} ${JAKARTA_COMMONS_DAEMON} ${GNU_CRYPTO_SASL_JDK1_4} ${CLASSPATHX_MAIL} ${XERCES_J2} ${XALAN_J2} ${LOG4J} ${XML_COMMONS_RESOLVER} ${AVALON_LOGKIT} ${AVALON_FRAMEWORK} ${JDOM} ${WERKEN_XPATH} ${VELOCITY} ${ANT} ${WSDL4J} ${AXIS} ${MX4J} ${GERONIMO_SPECS} ${JAKARTA_COMMONS_MODELER} ${IDM_CONSOLE_FRAMEWORK} ${TOMCAT5} ${TOMCATJSS} ${READLINE} ${READLINE_DEVEL} ${NCURSES} ${NCURSES_DEVEL} ${TCL} ${TCL_DEVEL} ${SQLITE} ${SQLITE_DEVEL} ${PERL_DBI} ${PERL_DBD_SQLITE} ${PCRE_DEVEL} ${EXPAT_DEVEL} ${APR_DEVEL} ${APR_UTIL_DEVEL} ${HTTPD_DEVEL}
+
diff --git a/pki/linux/scripts/remove_default_pki_instances b/pki/linux/scripts/remove_default_pki_instances
new file mode 100755
index 000000000..3f1882409
--- /dev/null
+++ b/pki/linux/scripts/remove_default_pki_instances
@@ -0,0 +1,96 @@
+#!/bin/bash
+##  BEGIN COPYRIGHT BLOCK
+##  (C) 2008 Red Hat, Inc.
+##  All rights reserved.
+##  END COPYRIGHT BLOCK
+
+##  Always switch into this base directory
+##  prior to script execution so that all
+##  of its output is written to this directory
+
+cd `dirname $0`
+
+
+##
+##  This script MUST be run as root!
+##
+
+ROOTUID=0
+
+OS=`uname`
+if [ "${OS}" = "Linux" ] ; then
+    MY_EUID=`/usr/bin/id -u`
+    MY_UID=`/usr/bin/id -ur`
+    USERNAME=`/usr/bin/id -un`
+else
+    printf "ERROR:  Unsupported operating system '${OS}'!\n"
+    exit 255
+fi
+
+if [ "${MY_UID}"  != "${ROOTUID}" ] &&
+   [ "${MY_EUID}" != "${ROOTUID}" ] ; then
+    printf "ERROR:  The '$0' script must be run as root!\n"
+    exit 255
+fi
+
+
+
+##
+##  Ask user if is is okay to remove ALL DEFAULT PKI instances
+##
+
+while :
+do
+    printf "REMINDER:  ALL DEFAULT PKI instances will be REMOVED!  "
+    printf "Is this okay?  [yn]  "
+    read ANSWER
+    printf "\n"
+    if [ "${ANSWER}" = "Y" ] ||
+       [ "${ANSWER}" = "y" ] ; then
+        printf "\n"
+        break
+    elif [ "${ANSWER}" = "N" ] ||
+         [ "${ANSWER}" = "n" ] ; then
+        exit 255
+    else
+        continue
+    fi
+done
+
+
+
+##
+##  Define DEFAULT PKI Instances
+##
+
+PKI_DIR="/var/lib"
+
+PKI_CA="pki-ca"
+PKI_DRM="pki-kra"
+PKI_OCSP="pki-ocsp"
+PKI_TKS="pki-tks"
+PKI_RA="pki-ra"
+PKI_TPS="pki-tps"
+
+PKI_INSTANCES="${PKI_CA} ${PKI_DRM} ${PKI_OCSP} ${PKI_TKS} ${PKI_RA} ${PKI_TPS}"
+
+
+
+##
+##  Remove ALL DEFAULT PKI Instances present . . .
+##
+
+INSTANCES=0
+for INSTANCE in ${PKI_INSTANCES} ; do
+    if [ -d "${PKI_DIR}/${INSTANCE}" ] ; then
+        INSTANCES=`expr $INSTANCES + 1`
+        pkiremove -pki_instance_root=${PKI_DIR} -pki_instance_name=${INSTANCE} -force
+    fi
+done
+
+if [ ${INSTANCES} -eq 0 ] ; then
+    printf "No DEFAULT PKI instances need to be removed.\n\n"
+fi
+
+exit 0
+
diff --git a/pki/linux/scripts/remove_pki_components b/pki/linux/scripts/remove_pki_components
new file mode 100755
index 000000000..e86facce1
--- /dev/null
+++ b/pki/linux/scripts/remove_pki_components
@@ -0,0 +1,113 @@
+#!/bin/bash
+##  BEGIN COPYRIGHT BLOCK
+##  (C) 2008 Red Hat, Inc.
+##  All rights reserved.
+##  END COPYRIGHT BLOCK
+
+##  Always switch into this base directory
+##  prior to script execution so that all
+##  of its output is written to this directory
+
+cd `dirname $0`
+
+
+##
+##  This script MUST be run as root!
+##
+
+ROOTUID=0
+
+OS=`uname`
+if [ "${OS}" = "Linux" ] ; then
+    MY_EUID=`/usr/bin/id -u`
+    MY_UID=`/usr/bin/id -ur`
+    USERNAME=`/usr/bin/id -un`
+else
+    printf "ERROR:  Unsupported operating system '${OS}'!\n"
+    exit 255
+fi
+
+if [ "${MY_UID}"  != "${ROOTUID}" ] &&
+   [ "${MY_EUID}" != "${ROOTUID}" ] ; then
+    printf "ERROR:  The '$0' script must be run as root!\n"
+    exit 255
+fi
+
+
+
+##
+##  Ask user if any PKI instances need to be removed
+##
+
+while :
+do
+    printf "REMINDER:  Do any PKI instances need to be removed?  [yn]  "
+    read ANSWER
+    printf "\n"
+    if [ "${ANSWER}" = "Y" ] ||
+       [ "${ANSWER}" = "y" ] ; then
+        exit 255
+    elif [ "${ANSWER}" = "N" ] ||
+         [ "${ANSWER}" = "n" ] ; then
+        printf "\n"
+        break
+    else
+        continue
+    fi
+done
+
+
+
+##
+##  Check for PKI components present on this operating system
+##
+
+printf "Processing PKI components present on system . . . "
+    # (1) grab all PKI components
+    PKI_COMPONENTS=`rpm -qa --queryformat '%{NAME}\n' | grep pki`
+
+    # (2) check for osutil
+    `rpm -q --quiet osutil`
+    OSUTIL_PRESENCE=$?
+    if [ "${OSUTIL_PRESENCE}" = "0" ] ; then
+        PKI_COMPONENTS="${PKI_COMPONENTS} osutil"
+    fi
+
+    # (3) check for symkey
+    `rpm -q --quiet symkey`
+    SYMKEY_PRESENCE=$?
+    if [ "${SYMKEY_PRESENCE}" = "0" ] ; then
+        PKI_COMPONENTS="${PKI_COMPONENTS} symkey"
+    fi
+printf "done.\n\n"
+
+
+
+##
+##  Place the PKI components into a list
+##
+
+PKI_COMPONENT_LIST=""
+for COMPONENT in ${PKI_COMPONENTS} ; do
+    if [ "${PKI_COMPONENT_LIST}" = "" ] ; then
+        PKI_COMPONENT_LIST="${COMPONENT}"
+    else
+        PKI_COMPONENT_LIST="${PKI_COMPONENT_LIST} ${COMPONENT}"
+    fi
+done
+
+
+
+##
+##  Remove ALL PKI components in the list
+##
+
+if [ "${PKI_COMPONENT_LIST}" != "" ] ; then
+    rpm -ev ${PKI_COMPONENT_LIST}
+    printf "\n"
+else
+    printf "No PKI packages need to be removed.\n\n"
+fi
+
+exit 0
+
diff --git a/pki/linux/scripts/set_linux_SVN_external_properties b/pki/linux/scripts/set_linux_SVN_external_properties
new file mode 100755
index 000000000..902f0b9eb
--- /dev/null
+++ b/pki/linux/scripts/set_linux_SVN_external_properties
@@ -0,0 +1,48 @@
+#!/bin/bash
+# BEGIN COPYRIGHT BLOCK
+# (C) 2008 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+
+# Always switch into this base directory
+# prior to script execution so that all
+# of its output is written to this directory
+cd `dirname $0`
+
+# Retrieve the name of this base directory
+PKI_PWD=`pwd`
+
+# Name and location of the SVN external properties DB.
+SVN_EXTERNAL_PROPERTIES_DB_LOCATION="${PKI_PWD}"
+SVN_EXTERNAL_PROPERTIES_DB_NAME="linux_svn_external_properties_db"
+SVN_EXTERNAL_PROPERTIES_DB="${SVN_EXTERNAL_PROPERTIES_DB_LOCATION}/${SVN_EXTERNAL_PROPERTIES_DB_NAME}"
+
+# Always make sure that the SVN external properties DB exists.
+if [ ! -f ${SVN_EXTERNAL_PROPERTIES_DB} ]; then
+    printf "The SVN external properties DB called '${SVN_EXTERNAL_PROPERTIES_DB}' does NOT exist!\n"
+    exit 255;
+fi
+
+# Specify the location and a list of the SVN components that
+# require these SVN external properties to be updated.
+SVN_COMPONENTS_LOCATION="${PKI_PWD}/.."
+SVN_COMPONENTS="ca ca-ui common common-ui console console-ui java-tools kra kra-ui manage migrate native-tools ocsp ocsp-ui osutil ra ra-ui setup silent symkey tks tks-ui tps tps-ui util"
+
+# Change directory to the location of all of these components,
+# and execute the defined SVN external property changes.
+cd ${SVN_COMPONENTS_LOCATION}
+for SVN_COMPONENT in ${SVN_COMPONENTS} ; do
+    if [ -d "${SVN_COMPONENTS_LOCATION}/${SVN_COMPONENT}" ]; then
+        printf "Setting external SVN properties for the component called '${SVN_COMPONENT}' . . .\n"
+        cd "${SVN_COMPONENT}"
+        svn propset svn:externals -F "${SVN_EXTERNAL_PROPERTIES_DB}" .
+        svn propget svn:externals .
+        svn update
+        cd ..
+    else
+        printf "The component called '${SVN_COMPONENTS_LOCATION}/${SVN_COMPONENT}' does NOT exist!\n"
+    fi
+done 
+
+exit 0;
+