From 0ce6c97e4fe0e36786b78c273833b8f1dfbc12b4 Mon Sep 17 00:00:00 2001 From: Matthew Harmsen Date: Tue, 3 Jul 2012 17:52:33 -0700 Subject: PKI Deployment Scriptlets * Integration of Tomcat 7 * Introduction of dependency upon tomcatjss 7.0 * Removal of http filtering configuration mechanisms * Introduction of additional slot substitution to support revised filesystem layout * Addition of 'pkiuser' uid:gid creation methods * Inclusion of per instance '*.profile' files * Introduction of configurable 'configurationRoot' parameter * Introduction of default configuration of 'log4j' mechanism (alee) * Modify web.xml to use new Application classes to bootstrap servers (alee) * Introduction of "Wrapper" logic to support Tomcat 6 --> Tomcat 7 API change (jmagne) * Added jython helper function to allow attaching a remote java debugger (e. g. - eclipse) --- base/deploy/src/pkispawn | 34 ++++++++++++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) (limited to 'base/deploy/src/pkispawn') diff --git a/base/deploy/src/pkispawn b/base/deploy/src/pkispawn index 66152a334..931b9baf0 100755 --- a/base/deploy/src/pkispawn +++ b/base/deploy/src/pkispawn @@ -34,6 +34,7 @@ try: import socket import string import struct + import subprocess import time from time import strftime as date from pki.deployment import pkiconfig as config @@ -74,7 +75,18 @@ def main(argv): config.pki_architecture = struct.calcsize("P") * 8 # Retrieve hostname - config.pki_hostname = socket.gethostname() + config.pki_hostname = socket.getfqdn() + + # Retrieve DNS domainname + config.pki_dns_domainname = None + try: + config.pki_dns_domainname = subprocess.check_output("domainname", + shell=True) + config.pki_dns_domainname = config.pki_dns_domainname.rstrip('\n') + except subprocess.CalledProcessError as exc: + config.pki_log.error(log.PKI_SUBPROCESS_ERROR_1, exc, + extra=config.PKI_INDENTATION_LEVEL_0) + sys.exit(1) # Generate random 'pin's for use as security database passwords pin_low = 100000000000 @@ -140,6 +152,15 @@ def main(argv): extra=config.PKI_INDENTATION_LEVEL_0) sys.exit(1) else: + # NEVER print out 'sensitive' name/value pairs!!! + config.pki_log.debug(log.PKI_DICTIONARY_MANDATORY, + extra=config.PKI_INDENTATION_LEVEL_0) + config.pki_log.debug(pp.pformat(config.pki_mandatory_dict), + extra=config.PKI_INDENTATION_LEVEL_0) + config.pki_log.debug(log.PKI_DICTIONARY_OPTIONAL, + extra=config.PKI_INDENTATION_LEVEL_0) + config.pki_log.debug(pp.pformat(config.pki_optional_dict), + extra=config.PKI_INDENTATION_LEVEL_0) config.pki_log.debug(log.PKI_DICTIONARY_COMMON, extra=config.PKI_INDENTATION_LEVEL_0) config.pki_log.debug(pp.pformat(config.pki_common_dict), @@ -155,7 +176,7 @@ def main(argv): # Override PKI configuration file values with 'custom' command-line values. if not config.custom_pki_admin_domain_name is None: - config.pki_common_dict['pki_admin_domain_name'] =\ + config.pki_optional_dict['pki_admin_domain_name'] =\ config.custom_pki_admin_domain_name if not config.custom_pki_instance_name is None: config.pki_web_server_dict['pki_instance_name'] =\ @@ -169,6 +190,15 @@ def main(argv): if not config.custom_pki_ajp_port is None: config.pki_web_server_dict['pki_ajp_port'] =\ config.custom_pki_ajp_port + # NEVER print out 'sensitive' name/value pairs!!! + config.pki_log.debug(log.PKI_DICTIONARY_MANDATORY, + extra=config.PKI_INDENTATION_LEVEL_0) + config.pki_log.debug(pp.pformat(config.pki_mandatory_dict), + extra=config.PKI_INDENTATION_LEVEL_0) + config.pki_log.debug(log.PKI_DICTIONARY_OPTIONAL, + extra=config.PKI_INDENTATION_LEVEL_0) + config.pki_log.debug(pp.pformat(config.pki_optional_dict), + extra=config.PKI_INDENTATION_LEVEL_0) config.pki_log.debug(log.PKI_DICTIONARY_COMMON, extra=config.PKI_INDENTATION_LEVEL_0) config.pki_log.debug(pp.pformat(config.pki_common_dict), -- cgit