| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
An upgrade script has been added to set the keepAliveTimeout
attribute for the Secure connector in the server.xml.
https://pagure.io/dogtagpki/issue/2687
Change-Id: Ia61ed49d0ffc26d4bb44738c71fc663bde37fb1d
|
|
|
|
|
|
|
|
| |
An upgrade script has been added to replace IPv4- and IPv6-specific
AJP loopback address with a more generic "localhost" in existing
instances.
https://fedorahosted.org/pki/ticket/2570
|
|
|
|
|
|
|
|
| |
An upgrade script has been added to replace the <instance>/common
in existing instances with a link to /usr/share/pki/server/common
which contains links to server dependencies.
https://fedorahosted.org/pki/ticket/2403
|
|
|
|
| |
https://fedorahosted.org/pki/ticket/2363
|
|
|
|
| |
Part of Ticket 2041
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enforce absolute imports or explicit relative imports. Python 3 no
longer supports implicit relative imports, that is unqualified imports
from a module's directory. In order to load a module from the same
directory inside a package, use
from . import module
The future feature 'from __future__ import absolute_import' ensures that
pki uses absolute imports on Python 2, too.
See https://www.python.org/dev/peps/pep-0328/
|
|
|
|
|
| |
- PKI TRAC Ticket #1443 - pkidaemon status tomcat list URLs under PKI
subsystems which are not accessible
|
|
|
|
|
|
|
| |
pylint-build-scan.sh doesn't checked the upgrader's Python files yet.
This patch adds the common and server upgrade scripts to
pylint-build-scan.sh. It also fixes a couple of pylint violations,
mostly missing calls to __init__().
|
|
|
|
|
|
|
| |
The patch implements an updater, that adds the new KRA signed audit
events (#1160) to KRA's CS.cfg.
https://fedorahosted.org/pki/ticket/1382
|
| |
|
|
|
|
|
|
|
|
| |
The <instance>/work/Catalina/localhost/pki folder was owned by
root in Dogtag 10.0.x but now should be owned by pkiuser. An
upgrade script has been added to fix the ownership.
https://fedorahosted.org/pki/ticket/802
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently web applications are deployed into Host's appBase (i.e.
<instance>/webapps). To allow better control of individual
subsystem deployments, the web applications have to be moved out
of the appBase so that the autoDeploy can work properly later.
This patch moves the common web applications to <instance>/
common/webapps and subsystem web applications to <instance>/
<subsystem>/webapps. An upgrade script has been added to update
existing deployments.
https://fedorahosted.org/pki/ticket/1183
|
|
|
|
| |
and upgrade
|
|
|
|
| |
https://fedorahosted.org/pki/ticket/1191
|
|
|
|
| |
Added to 10.1.1 to be consistent with 10.1 branch.
|
|
|
|
|
|
| |
The current upgrade framework requires that all supported versions
to upgrade from to have corresponding upgrade folders even though
they might be empty. New empty folders have been added for 10.1.1.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The location of web application context file has been changed from
<instance>/webapps/<name>/META-INF/context.xml
into
<instance>/conf/Catalina/localhost/<name>.xml.
This will eventually allow deploying the web application directly
from the shared folder.
A new upgrade script has been added to move the context files in
the existing instances.
Ticket #499
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ACL mapping files have been renamed from auth.properties to
acl.properties to match the actual content and moved into the
subsystem conf folder. The authentication method mapping files
have been extracted from the interceptor into actual files.
The ACLInterceptor and AuthMethodInterceptors have been modified to read
the default mapping first, then overwrite it with custom mapping if it
exists in the subsystem folder.
The UpdateAuthzProperties upgrade script has been replaced with
RemoveAuthProperties that will remove the old auth.properties.
|
|
|
|
|
|
|
|
|
| |
The authenticator configuration has been modified to store the authentication
info in the session so it can be used by the servlets. An upgrade script has
been added to update the configuration in existing instances.
The SSLAuthenticatorWithFalback was modified to propagate the configuration
to the actual authenticator handling the request.
|
|
|
|
|
|
|
|
| |
The redundant JNI_JAR_DIR will be removed from /etc/pki/pki.conf starting
from version 10.0.4.
Empty folders need be created for each released version number to allow
proper upgrade and revert operations.
|
|
|
|
|
|
|
| |
The upgrade framework has been updated to support backup and restore
operations for folders and their contents.
Ticket #583
|
|
|
|
|
|
| |
Recently the JNI_JAR_DIR was moved into /usr/share/pki/etc/pki.conf.
A new upgrade script has been added to remove the unused JNI_JAR_DIR
from /etc/pki/pki.conf.
|
|
|
|
|
|
|
|
|
|
| |
The JNI_JAR_DIR is supposed to be architecture-specific but the
pki-base package is architecture-neutral. So, to ensure it has the
correct value, the variable will be set at post installation.
Also, to simplify the upgrade process, the variable has been moved
from /etc/pki/pki.conf into /usr/share/pki/etc/pki.conf. The build,
deployment, startup, and upgrade scripts have been modified
accordingly.
|
|
|
|
|
|
|
|
|
|
| |
A new upgrade scriptlet has been added to add JNI_JAR_DIR into
pki.conf. The code to manipulate property files has been refactored
from PKIUpgradeTracker into a separate PropertyFile class to allow
reuse.
The pki-base package has been modified to deliver a default pki.conf
in /usr/share/pki/etc and copy it into /etc/pki if it doesn't exist.
|
|
The upgrade framework has been split into base and server upgrade
frameworks since they will be run automatically by different RPM
packages during upgrade. The base upgrade framework will upgrade
the system configuration. The server upgrade framework will upgrade
the instances and subsystems.
Ticket #544
|