From df7087813ee2bd14c2c78928b8766c37c579e9c2 Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Wed, 14 Nov 2012 00:53:04 -0500 Subject: Refactored config. --- base/deploy/src/pkidestroy | 11 +-- base/deploy/src/pkispawn | 13 ++-- base/deploy/src/scriptlets/configuration.jy | 1 - base/deploy/src/scriptlets/configuration.py | 14 ++-- base/deploy/src/scriptlets/finalization.py | 9 +-- .../deploy/src/scriptlets/infrastructure_layout.py | 5 +- base/deploy/src/scriptlets/initialization.py | 7 +- base/deploy/src/scriptlets/instance_layout.py | 5 +- base/deploy/src/scriptlets/pkiconfig.py | 72 +++++++++---------- base/deploy/src/scriptlets/pkihelper.py | 84 ++++++++++++++++++---- base/deploy/src/scriptlets/pkijython.py | 1 - base/deploy/src/scriptlets/pkimanifest.py | 1 - base/deploy/src/scriptlets/pkiparser.py | 9 ++- base/deploy/src/scriptlets/pkiscriptlet.py | 2 +- base/deploy/src/scriptlets/security_databases.py | 7 +- base/deploy/src/scriptlets/selinux_setup.py | 10 +-- base/deploy/src/scriptlets/slot_substitution.py | 4 +- base/deploy/src/scriptlets/subsystem_layout.py | 7 +- base/deploy/src/scriptlets/webapp_deployment.py | 10 +-- 19 files changed, 169 insertions(+), 103 deletions(-) diff --git a/base/deploy/src/pkidestroy b/base/deploy/src/pkidestroy index fd99d5eae..33866ba11 100755 --- a/base/deploy/src/pkidestroy +++ b/base/deploy/src/pkidestroy @@ -35,7 +35,6 @@ try: import subprocess import time from time import strftime as date - from pki.deployment import pkiconfig as config from pki.deployment.pkiconfig import PKIConfig from pki.deployment.pkiparser import PKIConfigParser from pki.deployment import pkilogging @@ -61,6 +60,8 @@ def main(argv): # Set the umask os.umask(PKIConfig.PKI_DEPLOYMENT_DEFAULT_UMASK) + config = PKIConfig() + # Set installation time ticks = time.time() config.pki_install_time = time.asctime(time.localtime(ticks)) @@ -94,7 +95,7 @@ def main(argv): # Read and process command-line arguments. parser = PKIConfigParser() - parser.process_command_line_arguments(argv) + parser.process_command_line_arguments(argv, config) # Enable 'pkidestroy' logging. pkilogging.pki_log_dir = config.pki_root_prefix +\ @@ -115,7 +116,7 @@ def main(argv): sys.exit(1) # Read the specified PKI configuration file. - rv = parser.read_pki_configuration_file() + rv = parser.read_pki_configuration_file(config) if rv != 0: pkilogging.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv, extra=PKIConfig.PKI_INDENTATION_LEVEL_0) @@ -150,7 +151,7 @@ def main(argv): extra=PKIConfig.PKI_INDENTATION_LEVEL_0) # Combine the various sectional dictionaries into a PKI master dictionary - parser.compose_pki_master_dictionary() + parser.compose_pki_master_dictionary(config) config.pki_master_dict['pki_destroy_log'] = pkilogging.pki_log_dir + "/" +\ pkilogging.pki_log_name pkilogging.pki_log.debug(log.PKI_DICTIONARY_MASTER, @@ -177,7 +178,7 @@ def main(argv): "." + pki_scriptlet[4:], fromlist = [pki_scriptlet[4:]]) instance = scriptlet.PkiScriptlet() - rv = instance.destroy() + rv = instance.destroy(config) if rv != 0: sys.exit(1) pkilogging.pki_log.debug(log.PKI_DICTIONARY_MASTER, diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn index 4ed9e3086..9e5776c21 100755 --- a/base/deploy/src/pkispawn +++ b/base/deploy/src/pkispawn @@ -35,7 +35,6 @@ try: import subprocess import time from time import strftime as date - from pki.deployment import pkiconfig as config from pki.deployment.pkiconfig import PKIConfig from pki.deployment.pkiparser import PKIConfigParser from pki.deployment import pkilogging @@ -61,6 +60,8 @@ def main(argv): # Set the umask os.umask(PKIConfig.PKI_DEPLOYMENT_DEFAULT_UMASK) + config = PKIConfig() + # Set installation time ticks = time.time() config.pki_install_time = time.asctime(time.localtime(ticks)) @@ -94,7 +95,7 @@ def main(argv): # Read and process command-line arguments. parser = PKIConfigParser() - parser.process_command_line_arguments(argv) + parser.process_command_line_arguments(argv, config) if not os.path.exists(PKIConfig.PKI_DEPLOYMENT_SOURCE_ROOT +\ "/" + config.pki_subsystem.lower()): @@ -135,7 +136,7 @@ def main(argv): sys.exit(1) # Read the specified PKI configuration file. - rv = parser.read_pki_configuration_file() + rv = parser.read_pki_configuration_file(config) if rv != 0: pkilogging.pki_log.error(PKI_UNABLE_TO_PARSE_1, rv, extra=PKIConfig.PKI_INDENTATION_LEVEL_0) @@ -170,14 +171,14 @@ def main(argv): extra=PKIConfig.PKI_INDENTATION_LEVEL_0) # Read in the PKI slots configuration file. - parser.compose_pki_slots_dictionary() + parser.compose_pki_slots_dictionary(config) pkilogging.pki_log.debug(log.PKI_DICTIONARY_SLOTS, extra=PKIConfig.PKI_INDENTATION_LEVEL_0) pkilogging.pki_log.debug(pp.pformat(config.pki_slots_dict), extra=PKIConfig.PKI_INDENTATION_LEVEL_0) # Combine the various sectional dictionaries into a PKI master dictionary - parser.compose_pki_master_dictionary() + parser.compose_pki_master_dictionary(config) if not config.pki_update_flag: config.pki_master_dict['pki_spawn_log'] = pkilogging.pki_log_dir + "/" +\ pkilogging.pki_log_name @@ -209,7 +210,7 @@ def main(argv): fromlist = [pki_scriptlet[4:]]) instance = scriptlet.PkiScriptlet() if not config.pki_update_flag: - rv = instance.spawn() + rv = instance.spawn(config) else: rv = instance.respawn() if rv != 0: diff --git a/base/deploy/src/scriptlets/configuration.jy b/base/deploy/src/scriptlets/configuration.jy index df04470e2..5cfaaa48d 100644 --- a/base/deploy/src/scriptlets/configuration.jy +++ b/base/deploy/src/scriptlets/configuration.jy @@ -8,7 +8,6 @@ import sys # PKI Python Imports import pkijython as jyutil -import pkiconfig as config from pkiconfig import PKIConfig import pkihelper as util import pkimessages as log diff --git a/base/deploy/src/scriptlets/configuration.py b/base/deploy/src/scriptlets/configuration.py index 64b7d6eae..c0b5d7b6b 100644 --- a/base/deploy/src/scriptlets/configuration.py +++ b/base/deploy/src/scriptlets/configuration.py @@ -20,10 +20,8 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master -from pkiconfig import pki_sensitive_dict as sensitive import pkihelper as util import pkilogging import pkimessages as log @@ -34,7 +32,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_configuration']): pkilogging.pki_log.info(log.SKIP_CONFIGURATION_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -53,13 +52,13 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # allowing 'certutil' to generate the security databases util.password.create_password_conf( master['pki_client_password_conf'], - sensitive['pki_client_database_password'], pin_sans_token=True) + config.pki_sensitive_dict['pki_client_database_password'], pin_sans_token=True) util.file.modify(master['pki_client_password_conf'], uid=0, gid=0) # Similarly, create a simple password file containing the # PKCS #12 password used when exporting the "Admin Certificate" # into a PKCS #12 file - util.password.create_client_pkcs12_password_conf( + util.password.create_client_pkcs12_password_conf(config, master['pki_client_pkcs12_password_conf']) util.file.modify(master['pki_client_pkcs12_password_conf']) util.directory.create(master['pki_client_database_dir'], @@ -95,7 +94,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): util.systemd.restart() # Pass control to the Java servlet via Jython 2.2 'configuration.jy' - util.jython.invoke(master['pki_jython_configuration_scriptlet']) + util.jython.invoke(config, master['pki_jython_configuration_scriptlet']) return self.rv def respawn(self): @@ -103,7 +102,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=PKIConfig.PKI_INDENTATION_LEVEL_1) return self.rv - def destroy(self): + def destroy(self, config): + master = config.pki_master_dict pkilogging.pki_log.info(log.CONFIGURATION_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS and\ diff --git a/base/deploy/src/scriptlets/finalization.py b/base/deploy/src/scriptlets/finalization.py index 35cff6dd2..0e4f55f74 100644 --- a/base/deploy/src/scriptlets/finalization.py +++ b/base/deploy/src/scriptlets/finalization.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master import pkihelper as util @@ -34,7 +33,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_FINALIZATION_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -74,7 +74,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # If instance has not been configured, print the # configuration URL to the log if util.str2bool(master['pki_skip_configuration']): - util.configuration_file.log_configuration_url() + util.configuration_file.log_configuration_url(config) # Log final process messages pkilogging.pki_log.info(log.PKISPAWN_END_MESSAGE_2, master['pki_subsystem'], @@ -84,7 +84,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # If instance has not been configured, print the # configuration URL to the screen if util.str2bool(master['pki_skip_configuration']): - util.configuration_file.display_configuration_url() + util.configuration_file.display_configuration_url(config) return self.rv def respawn(self): @@ -93,6 +93,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv def destroy(self): + master = config.pki_master_dict pkilogging.pki_log.info(log.FINALIZATION_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) util.file.modify(master['pki_destroy_log'], silent=True) diff --git a/base/deploy/src/scriptlets/infrastructure_layout.py b/base/deploy/src/scriptlets/infrastructure_layout.py index 471e23510..1298ed2b9 100644 --- a/base/deploy/src/scriptlets/infrastructure_layout.py +++ b/base/deploy/src/scriptlets/infrastructure_layout.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master import pkihelper as util @@ -33,7 +32,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_ADMIN_DOMAIN_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -89,6 +89,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv def destroy(self): + master = config.pki_master_dict pkilogging.pki_log.info(log.ADMIN_DOMAIN_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) # remove top-level infrastructure base diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py index 98aed9455..c2ad1c597 100644 --- a/base/deploy/src/scriptlets/initialization.py +++ b/base/deploy/src/scriptlets/initialization.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master import pkihelper as util @@ -33,7 +32,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict # begin official logging pkilogging.pki_log.info(log.PKISPAWN_BEGIN_MESSAGE_2, master['pki_subsystem'], @@ -56,7 +56,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): util.identity.set_uid(master['pki_user']) util.identity.set_gid(master['pki_group']) # verify existence of SENSITIVE configuration file data - util.configuration_file.verify_sensitive_data() + util.configuration_file.verify_sensitive_data(config) # verify existence of MUTUALLY EXCLUSIVE configuration file data util.configuration_file.verify_mutually_exclusive_data() # verify existence of PREDEFINED configuration file data @@ -80,6 +80,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv def destroy(self): + master = config.pki_master_dict # begin official logging pkilogging.pki_log.info(log.PKIDESTROY_BEGIN_MESSAGE_2, master['pki_subsystem'], diff --git a/base/deploy/src/scriptlets/instance_layout.py b/base/deploy/src/scriptlets/instance_layout.py index b126e17a1..481d3111e 100644 --- a/base/deploy/src/scriptlets/instance_layout.py +++ b/base/deploy/src/scriptlets/instance_layout.py @@ -24,7 +24,6 @@ import os # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master import pkihelper as util @@ -38,7 +37,8 @@ import os class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_INSTANCE_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -152,6 +152,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv def destroy(self): + master = config.pki_master_dict pkilogging.pki_log.info(log.INSTANCE_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) if master['pki_subsystem'] == 'TKS': diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py index d1cc35347..5049e40a8 100644 --- a/base/deploy/src/scriptlets/pkiconfig.py +++ b/base/deploy/src/scriptlets/pkiconfig.py @@ -152,40 +152,38 @@ class PKIConfig: print return - -# PKI Deployment Global Variables -pki_install_time = None -pki_timestamp = None -pki_architecture = None -pki_hostname = None - - -# PKI Deployment Command-Line Variables -pki_deployment_executable = None - -# PKI Deployment "Mandatory" Command-Line Variables -pki_subsystem = None -# 'pkispawn' ONLY -pkideployment_cfg = None -# 'pkidestroy' ONLY -pki_deployed_instance_name = None - -# PKI Deployment "Optional" Command-Line Variables -# 'pkispawn' ONLY -pki_update_flag = False - -# PKI Deployment "Test" Command-Line Variables -pki_root_prefix = None - - -# PKI Deployment Global Dictionaries -pki_sensitive_dict = None -pki_common_dict = None -pki_web_server_dict = None -pki_subsystem_dict = None -pki_master_dict = None -pki_slots_dict = None -pki_master_jython_dict = None - -# PKI Selinux parameters -pki_selinux_config_ports = [] + def __init__(self): + # PKI Deployment Global Variables + self.pki_install_time = None + self.pki_timestamp = None + self.pki_architecture = None + self.pki_hostname = None + + # PKI Deployment Command-Line Variables + self.pki_deployment_executable = None + + # PKI Deployment "Mandatory" Command-Line Variables + self.pki_subsystem = None + # 'pkispawn' ONLY + self.pkideployment_cfg = None + # 'pkidestroy' ONLY + self.pki_deployed_instance_name = None + + # PKI Deployment "Optional" Command-Line Variables + # 'pkispawn' ONLY + self.pki_update_flag = False + + # PKI Deployment "Test" Command-Line Variables + self.pki_root_prefix = None + + # PKI Deployment Global Dictionaries + self.pki_sensitive_dict = None + self.pki_common_dict = None + self.pki_web_server_dict = None + self.pki_subsystem_dict = None + self.pki_master_dict = None + self.pki_slots_dict = None + self.pki_master_jython_dict = None + + # PKI Selinux parameters + self.pki_selinux_config_ports = [] diff --git a/base/deploy/src/scriptlets/pkihelper.py b/base/deploy/src/scriptlets/pkihelper.py index 09e624094..64992ea73 100644 --- a/base/deploy/src/scriptlets/pkihelper.py +++ b/base/deploy/src/scriptlets/pkihelper.py @@ -40,10 +40,8 @@ import seobject # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master -from pkiconfig import pki_sensitive_dict as sensitive from pkiconfig import pki_slots_dict as slots from pkiconfig import pki_selinux_config_ports as ports import pkimanifest as manifest @@ -130,6 +128,9 @@ def pki_copytree(src, dst, symlinks=False, ignore=None): # PKI Deployment Identity Class class identity: + def __init__(self, config): + self.master = config.pki_master_dict + def __add_gid(self, pki_group): pki_gid = None try: @@ -262,7 +263,7 @@ class identity: def get_uid(self, critical_failure=True): try: - pki_uid = master['pki_uid'] + pki_uid = self.master['pki_uid'] except KeyError as exc: pkilogging.pki_log.error(log.PKI_KEYERROR_1, exc, extra=PKIConfig.PKI_INDENTATION_LEVEL_2) @@ -272,7 +273,7 @@ class identity: def get_gid(self, critical_failure=True): try: - pki_gid = master['pki_gid'] + pki_gid = self.master['pki_gid'] except KeyError as exc: pkilogging.pki_log.error(log.PKI_KEYERROR_1, exc, extra=PKIConfig.PKI_INDENTATION_LEVEL_2) @@ -286,7 +287,7 @@ class identity: extra=PKIConfig.PKI_INDENTATION_LEVEL_2) # id -u pki_uid = getpwnam(name)[2] - master['pki_uid']=pki_uid + self.master['pki_uid']=pki_uid pkilogging.pki_log.debug(log.PKIHELPER_UID_2, name, pki_uid, extra=PKIConfig.PKI_INDENTATION_LEVEL_3) except KeyError as exc: @@ -302,7 +303,7 @@ class identity: extra=PKIConfig.PKI_INDENTATION_LEVEL_2) # id -g pki_gid = getgrnam(name)[2] - master['pki_gid']=pki_gid + self.master['pki_gid']=pki_gid pkilogging.pki_log.debug(log.PKIHELPER_GID_2, name, pki_gid, extra=PKIConfig.PKI_INDENTATION_LEVEL_3) except KeyError as exc: @@ -315,9 +316,13 @@ class identity: # PKI Deployment Namespace Class class namespace: + def __init__(self, config): + self.master = config.pki_master_dict + # Silently verify that the selected 'pki_instance_name' will # NOT produce any namespace collisions def collision_detection(self): + master = self.master # Run simple checks for pre-existing namespace collisions if os.path.exists(master['pki_instance_path']): if os.path.exists(master['pki_subsystem_path']): @@ -422,7 +427,9 @@ class namespace: # PKI Deployment Configuration File Class class configuration_file: - def log_configuration_url(self): + def log_configuration_url(self, config): + master = config.pki_master_dict + sensitive = config.pki_sensitive_dict # NOTE: This is the one and only parameter containing a sensitive # parameter that may be stored in a log file. pkilogging.pki_log.info(log.PKI_CONFIGURATION_WIZARD_URL_1, @@ -432,7 +439,9 @@ class configuration_file: master['pki_registry_initscript_command'], extra=PKIConfig.PKI_INDENTATION_LEVEL_2) - def display_configuration_url(self): + def display_configuration_url(self, config): + master = config.pki_master_dict + sensitive = config.pki_sensitive_dict # NOTE: This is the one and only parameter containing a sensitive # parameter that may be displayed to the screen. print log.PKI_CONFIGURATION_URL_1 % sensitive['pki_configuration_url'] @@ -441,7 +450,9 @@ class configuration_file: master['pki_registry_initscript_command'] print - def verify_sensitive_data(self): + def verify_sensitive_data(self, config): + master = config.pki_master_dict + sensitive = config.pki_sensitive_dict # Silently verify the existence of 'sensitive' data if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: # Verify existence of Directory Server Password (ALWAYS) @@ -526,7 +537,8 @@ class configuration_file: sys.exit(1) return - def verify_mutually_exclusive_data(self): + def verify_mutually_exclusive_data(self, config): + master = config.pki_master_dict # Silently verify the existence of 'mutually exclusive' data if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: if master['pki_subsystem'] == "CA": @@ -561,6 +573,7 @@ class configuration_file: sys.exit(1) def verify_predefined_configuration_file_data(self): + master = config.pki_master_dict # Silently verify the existence of any required 'predefined' data # # FUTURE: As much as is possible, alter this routine to verify @@ -742,6 +755,7 @@ class configuration_file: return def populate_non_default_ports(self): + master = config.pki_master_dict if master['pki_http_port'] != \ str(PKIConfig.PKI_DEPLOYMENT_DEFAULT_TOMCAT_HTTP_PORT): ports.append(master['pki_http_port']) @@ -791,6 +805,7 @@ class configuration_file: return def verify_command_matches_configuration_file(self): + master = config.pki_master_dict # Silently verify that the command-line parameters match the values # that are present in the corresponding configuration file if master['pki_deployment_executable'] == 'pkidestroy': @@ -808,9 +823,12 @@ class configuration_file: # PKI Deployment XML File Class #class xml_file: +# def __init__(self, config): +# self.config = config # def remove_filter_section_from_web_xml(self, # web_xml_source, # web_xml_target): +# master = self.config.pki_master_dict # pkilogging.pki_log.info(log.PKIHELPER_REMOVE_FILTER_SECTION_1, # master['pki_target_subsystem_web_xml'], # extra=PKIConfig.PKI_INDENTATION_LEVEL_2) @@ -841,7 +859,10 @@ class configuration_file: # PKI Deployment Instance Class class instance: + def __init__(self, config): + self.config = config def apache_instance_subsystems(self): + master = self.config.pki_master_dict rv = 0 try: # count number of PKI subsystems present @@ -860,6 +881,7 @@ class instance: return rv def apache_instances(self): + master = self.config.pki_master_dict rv = 0 try: # Since ALL directories under the top-level PKI 'apache' registry @@ -887,6 +909,7 @@ class instance: return rv def pki_instance_subsystems(self): + master = self.config.pki_master_dict rv = 0 try: # Since ALL directories within the top-level PKI infrastructure @@ -915,6 +938,7 @@ class instance: return rv def tomcat_instance_subsystems(self): + master = self.config.pki_master_dict rv = 0 try: # count number of PKI subsystems present @@ -933,6 +957,7 @@ class instance: return rv def tomcat_instances(self): + master = self.config.pki_master_dict rv = 0 try: # Since ALL directories under the top-level PKI 'tomcat' registry @@ -960,6 +985,7 @@ class instance: return rv def verify_subsystem_exists(self): + master = self.config.pki_master_dict try: if not os.path.exists(master['pki_subsystem_path']): pkilogging.pki_log.error(log.PKI_SUBSYSTEM_DOES_NOT_EXIST_2, @@ -973,6 +999,7 @@ class instance: sys.exit(1) def verify_subsystem_does_not_exist(self): + master = self.config.pki_master_dict try: if os.path.exists(master['pki_subsystem_path']): pkilogging.pki_log.error(log.PKI_SUBSYSTEM_ALREADY_EXISTS_2, @@ -988,9 +1015,12 @@ class instance: # PKI Deployment Directory Class class directory: + def __init__(self, config): + self.config = config def create(self, name, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS, acls=None, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(name): # mkdir -p @@ -1040,6 +1070,7 @@ class directory: def modify(self, name, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS, acls=None, silent=False, critical_failure=True): + master = self.config.pki_master_dict try: if os.path.exists(name): if not os.path.isdir(name): @@ -1150,6 +1181,7 @@ class directory: PKIConfig.PKI_DEPLOYMENT_DEFAULT_SYMLINK_PERMISSIONS, dir_acls=None, file_acls=None, symlink_acls=None, recursive_flag=True, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(name) or not os.path.isdir(name): pkilogging.pki_log.error( @@ -1341,9 +1373,12 @@ class directory: # PKI Deployment File Class (also used for executables) class file: + def __init__(self, config): + self.config = config def create(self, name, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(name): # touch @@ -1393,6 +1428,7 @@ class file: def modify(self, name, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None, silent=False, critical_failure=True): + master = self.config.pki_master_dict try: if os.path.exists(name): if not os.path.isfile(name): @@ -1478,6 +1514,7 @@ class file: def copy(self, old_name, new_name, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None, overwrite_flag=False, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(old_name) or not os.path.isfile(old_name): pkilogging.pki_log.error( @@ -1537,6 +1574,7 @@ class file: self, name, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(name) or not os.path.isfile(name): pkilogging.pki_log.error( @@ -1598,6 +1636,7 @@ class file: perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None, overwrite_flag=False, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(old_name) or not os.path.isfile(old_name): pkilogging.pki_log.error( @@ -1666,6 +1705,7 @@ class file: def generate_noise_file(self, name, bytes, uid=None, gid=None, perms=PKIConfig.PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS, acls=None, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(name): # generating noise file called and @@ -1721,8 +1761,11 @@ class file: # PKI Deployment Symbolic Link Class class symlink: + def __init__(self, config): + self.config = config def create(self, name, link, uid=None, gid=None, acls=None, allow_dangling_symlink=False, critical_failure=True): + master = self.config.pki_master_dict try: if not os.path.exists(link): if not os.path.exists(name): @@ -1777,6 +1820,7 @@ class symlink: def modify(self, link, uid=None, gid=None, acls=None, silent=False, critical_failure=True): + master = self.config.pki_master_dict try: if os.path.exists(link): if not os.path.islink(link): @@ -1909,8 +1953,11 @@ class war: # PKI Deployment Password Class class password: + def __init__(self, config): + self.config = config def create_password_conf(self, path, pin, pin_sans_token=False, overwrite_flag=False, critical_failure=True): + master = self.config.pki_master_dict try: if os.path.exists(path): if overwrite_flag: @@ -1951,8 +1998,9 @@ class password: sys.exit(1) return - def create_client_pkcs12_password_conf(self, path, overwrite_flag=False, + def create_client_pkcs12_password_conf(self, config, path, overwrite_flag=False, critical_failure=True): + sensitive = config.pki_sensitive_dict try: if os.path.exists(path): if overwrite_flag: @@ -2257,7 +2305,10 @@ class certutil: # PKI Deployment Security Domain Class class security_domain: + def __init__(self, config): + self.config = config def deregister(self, critical_failure=False): + master = self.config.pki_master_dict try: # process this PKI subsystem instance's 'CS.cfg' cs_cfg = read_simple_configuration_file(master['pki_target_cs_cfg']) @@ -2443,7 +2494,10 @@ class security_domain: # PKI Deployment 'systemd' Execution Management Class class systemd: + def __init__(self, config): + self.config = config def start(self, critical_failure=True): + master = self.config.pki_master_dict try: # Compose this "systemd" execution management command if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS: @@ -2470,6 +2524,7 @@ class systemd: return def stop(self, critical_failure=True): + master = self.config.pki_master_dict try: # Compose this "systemd" execution management command if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS: @@ -2496,6 +2551,7 @@ class systemd: return def restart(self, critical_failure=True): + master = self.config.pki_master_dict try: # Compose this "systemd" execution management command if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS: @@ -2524,7 +2580,11 @@ class systemd: # PKI Deployment 'jython' Class class jython: - def invoke(self, scriptlet, critical_failure=True): + def __init__(self, config): + self.config = config + def invoke(self, config, scriptlet, critical_failure=True): + master = self.config.pki_master_dict + sensitive = config.pki_sensitive_dict try: # From 'http://www.jython.org/archive/22/userfaq.html': # Setting this to false will allow Jython to provide access to diff --git a/base/deploy/src/scriptlets/pkijython.py b/base/deploy/src/scriptlets/pkijython.py index 306f203cd..b3f48f3e0 100644 --- a/base/deploy/src/scriptlets/pkijython.py +++ b/base/deploy/src/scriptlets/pkijython.py @@ -150,7 +150,6 @@ from netscape.security.x509 import X500Name # PKI Python Imports -import pkiconfig as config from pkiconfig import PKIConfig import pkihelper as util import pkimessages as log diff --git a/base/deploy/src/scriptlets/pkimanifest.py b/base/deploy/src/scriptlets/pkimanifest.py index b40bf86cc..c89fb0da6 100644 --- a/base/deploy/src/scriptlets/pkimanifest.py +++ b/base/deploy/src/scriptlets/pkimanifest.py @@ -26,7 +26,6 @@ import sys # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig import pkilogging import pkimessages as log diff --git a/base/deploy/src/scriptlets/pkiparser.py b/base/deploy/src/scriptlets/pkiparser.py index 4b13c2e4a..866df44a4 100644 --- a/base/deploy/src/scriptlets/pkiparser.py +++ b/base/deploy/src/scriptlets/pkiparser.py @@ -31,7 +31,6 @@ import time # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig import pkihelper as util import pkilogging @@ -41,7 +40,7 @@ import pkimessages as log class PKIConfigParser: # PKI Deployment Helper Functions - def process_command_line_arguments(self, argv): + def process_command_line_arguments(self, argv, config): "Read and process command-line options" config.pki_deployment_executable = os.path.basename(argv[0]) description = None @@ -187,7 +186,7 @@ class PKIConfigParser: return - def read_pki_configuration_file(self): + def read_pki_configuration_file(self, config): "Read configuration file sections into dictionaries" rv = 0 try: @@ -225,7 +224,7 @@ class PKIConfigParser: return rv - def compose_pki_master_dictionary(self): + def compose_pki_master_dictionary(self, config): "Create a single master PKI dictionary from the sectional dictionaries" try: config.pki_master_dict = dict() @@ -2322,7 +2321,7 @@ class PKIConfigParser: return - def compose_pki_slots_dictionary(self): + def compose_pki_slots_dictionary(self, config): """Read the slots configuration file to create the appropriate PKI slots dictionary""" rv = 0 diff --git a/base/deploy/src/scriptlets/pkiscriptlet.py b/base/deploy/src/scriptlets/pkiscriptlet.py index 767b3c609..b221c353a 100644 --- a/base/deploy/src/scriptlets/pkiscriptlet.py +++ b/base/deploy/src/scriptlets/pkiscriptlet.py @@ -28,7 +28,7 @@ class AbstractBasePkiScriptlet(object): __metaclass__ = abc.ABCMeta @abc.abstractmethod - def spawn(self): + def spawn(self, config): """Retrieve data from the specified PKI dictionary and use it to install a new PKI instance.""" return diff --git a/base/deploy/src/scriptlets/security_databases.py b/base/deploy/src/scriptlets/security_databases.py index 10ba9a9f7..c5fb42312 100644 --- a/base/deploy/src/scriptlets/security_databases.py +++ b/base/deploy/src/scriptlets/security_databases.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master from pkiconfig import pki_sensitive_dict as sensitive @@ -34,7 +33,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_SECURITY_DATABASES_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -104,7 +104,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=PKIConfig.PKI_INDENTATION_LEVEL_1) return self.rv - def destroy(self): + def destroy(self, config): + master = config.pki_master_dict pkilogging.pki_log.info(log.SECURITY_DATABASES_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) if master['pki_subsystem'] in PKIConfig.PKI_APACHE_SUBSYSTEMS and\ diff --git a/base/deploy/src/scriptlets/selinux_setup.py b/base/deploy/src/scriptlets/selinux_setup.py index 93b48c298..dfa9453db 100644 --- a/base/deploy/src/scriptlets/selinux_setup.py +++ b/base/deploy/src/scriptlets/selinux_setup.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master from pkiconfig import pki_selinux_config_ports as ports @@ -36,12 +35,14 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 suffix = "(/.*)?" - def restore_context(self): + def restore_context(self, config): + master = config.pki_master_dict selinux.restorecon(master['pki_instance_path'], True) selinux.restorecon(master['pki_instance_log_path'], True) selinux.restorecon(master['pki_instance_configuration_path'], True) - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_SELINUX_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -109,7 +110,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): self.restore_context() return self.rv - def destroy(self): + def destroy(self, config): + master = config.pki_master_dict pkilogging.pki_log.info(log.SELINUX_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) diff --git a/base/deploy/src/scriptlets/slot_substitution.py b/base/deploy/src/scriptlets/slot_substitution.py index 142b994f1..1d2c84d6b 100644 --- a/base/deploy/src/scriptlets/slot_substitution.py +++ b/base/deploy/src/scriptlets/slot_substitution.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master from pkiconfig import pki_slots_dict as slots @@ -34,7 +33,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_SLOT_ASSIGNMENT_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) diff --git a/base/deploy/src/scriptlets/subsystem_layout.py b/base/deploy/src/scriptlets/subsystem_layout.py index 62c90569c..cd30a0c55 100644 --- a/base/deploy/src/scriptlets/subsystem_layout.py +++ b/base/deploy/src/scriptlets/subsystem_layout.py @@ -20,7 +20,6 @@ # # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master import pkihelper as util @@ -33,7 +32,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_SUBSYSTEM_SPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) @@ -108,7 +108,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=PKIConfig.PKI_INDENTATION_LEVEL_1) return self.rv - def destroy(self): + def destroy(self, config): + master = config.pki_master_dict pkilogging.pki_log.info(log.SUBSYSTEM_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) # remove instance-based subsystem base diff --git a/base/deploy/src/scriptlets/webapp_deployment.py b/base/deploy/src/scriptlets/webapp_deployment.py index 2b7ca006f..1c8d1126c 100644 --- a/base/deploy/src/scriptlets/webapp_deployment.py +++ b/base/deploy/src/scriptlets/webapp_deployment.py @@ -24,7 +24,6 @@ import os # PKI Deployment Imports -import pkiconfig as config from pkiconfig import PKIConfig from pkiconfig import pki_master_dict as master import pkihelper as util @@ -37,7 +36,8 @@ import pkiscriptlet class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 - def spawn(self): + def spawn(self, config): + master = config.pki_master_dict if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: if util.str2bool(master['pki_skip_installation']): pkilogging.pki_log.info(log.SKIP_WEBAPP_DEPLOYMENT_SPAWN_1, @@ -144,13 +144,15 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): util.directory.set_mode(master['pki_tomcat_webapps_subsystem_path']) return self.rv - def respawn(self): + def respawn(self, config): + master = config.pki_master_dict if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: pkilogging.pki_log.info(log.WEBAPP_DEPLOYMENT_RESPAWN_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) return self.rv - def destroy(self): + def destroy(self, config): + master = config.pki_master_dict if master['pki_subsystem'] in PKIConfig.PKI_TOMCAT_SUBSYSTEMS: pkilogging.pki_log.info(log.WEBAPP_DEPLOYMENT_DESTROY_1, __name__, extra=PKIConfig.PKI_INDENTATION_LEVEL_1) -- cgit