From dd566ed3c64a69801a9edf3b27f11077aa40ecef Mon Sep 17 00:00:00 2001 From: Matthew Harmsen Date: Mon, 23 Apr 2012 13:39:04 -0700 Subject: PKI Deployment Scriptlets * Completed the following six 'scriptlets': * Dogtag 10: Python 'initialization.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/147) * Dogtag 10: Python 'instance_layout.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/75) * Dogtag 10: Python 'webserver_layout.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/140) * Dogtag 10: Python 'subsystem_layout.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/141) * Dogtag 10: Python 'war_explosion.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/76) * Dogtag 10: Python 'finalization.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/148) * Created numerous PKI deployment helper utilities. * Augmented logging to provide indentation. * Generated logic for installation 'manifest'. * Tested logic using '--dry_run' option and '-p' prefix options. * Per initial review, removed numerous "constants" and consolidated logic into "master" dictionary. * Corrected the following ticket: * Dogtag 10: Fix 'build_dogtag_pki' script to account for 'pki-deploy' RPM (https://fedorahosted.org/pki/ticket/138) Resolves Bugzilla Bug #810047 - build_dogtag_pki fails with requirements for pki-deploy (https://bugzilla.redhat.com/show_bug.cgi?id=810047) * Created the following three 'scriptlets' as 'NOT YET IMPLEMENTED' place-holders: * Dogtag 10: Python 'security_databases.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/136) * Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet (https://fedorahosted.org/pki/ticket/146) * Dogtag 10: Python 'configuration.py' Configuration Scriptlet (https://fedorahosted.org/pki/ticket/137) --- base/deploy/src/scriptlets/pkiconfig.py | 64 ++++++++++++++++----------------- 1 file changed, 31 insertions(+), 33 deletions(-) (limited to 'base/deploy/src/scriptlets/pkiconfig.py') diff --git a/base/deploy/src/scriptlets/pkiconfig.py b/base/deploy/src/scriptlets/pkiconfig.py index 7d676c00d..505bfc039 100644 --- a/base/deploy/src/scriptlets/pkiconfig.py +++ b/base/deploy/src/scriptlets/pkiconfig.py @@ -15,7 +15,7 @@ # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -# Copyright (C) 2011 Red Hat, Inc. +# Copyright (C) 2012 Red Hat, Inc. # All rights reserved. # @@ -24,51 +24,50 @@ import logging # PKI Deployment Constants -PKI_DEPLOYMENT_PATH = "/usr/share/pki/deployment" -PKI_DEPLOYMENT_CONFIG_PATH = PKI_DEPLOYMENT_PATH + "/" + "config" -PKI_DEPLOYMENT_SCRIPTLETS_MODULE = "pki.deployment" -PKI_DEPLOYMENT_VERBOSITY=\ -"VERBOSITY FLAGS CONSOLE MESSAGE LEVEL LOG MESSAGE LEVEL\n"\ -"=======================================================================\n"\ -" NONE error|warning error|warning|info\n"\ -" -v error|warning|info error|warning|info\n"\ -" -vv error|warning|info error|warning|info|debug\n"\ -" -vvv error|warning|info|debug error|warning|info|debug\n"\ -" " PKI_DEPLOYMENT_DEFAULT_DIR_PERMISSIONS = 00770 PKI_DEPLOYMENT_DEFAULT_EXE_PERMISSIONS = 00770 PKI_DEPLOYMENT_DEFAULT_FILE_PERMISSIONS = 00660 +PKI_DEPLOYMENT_DEFAULT_SGID_DIR_PERMISSIONS = 02770 +PKI_DEPLOYMENT_DEFAULT_SYMLINK_PERMISSIONS = 00777 PKI_DEPLOYMENT_DEFAULT_UMASK = 00002 -PKIDESTROY_PATH = PKI_DEPLOYMENT_PATH + "/" + "destroy" -PKIDESTROY_LOG_PATH = "/var/log" -PKIDESTROY_LOG_PREFIX = "pki-" -PKIDESTROY_LOG_SUFFIX = "-destroy.log" -PKIDESTROY_LOGGER = "pkidestroy" - -PKIRESPAWN_PATH = PKI_DEPLOYMENT_PATH + "/" + "spawn" -PKIRESPAWN_LOG_PATH = "/var/log" -PKIRESPAWN_LOG_PREFIX = "pki-" -PKIRESPAWN_LOG_SUFFIX = "-respawn.log" -PKIRESPAWN_LOGGER = "pkirespawn" - -PKISPAWN_PATH = PKI_DEPLOYMENT_PATH + "/" + "spawn" -PKISPAWN_LOG_PATH = "/var/log" -PKISPAWN_LOG_PREFIX = "pki-" -PKISPAWN_LOG_SUFFIX = "-spawn.log" -PKISPAWN_LOGGER = "pkispawn" - -PKI_SECURITY_DATABASE_DIR = "alias" PKI_SUBSYSTEMS = ["CA","KRA","OCSP","RA","TKS","TPS"] +PKI_SIGNED_AUDIT_SUBSYSTEMS = ["CA","KRA","OCSP","TKS","TPS"] PKI_APACHE_SUBSYSTEMS = ["RA","TPS"] PKI_TOMCAT_SUBSYSTEMS = ["CA","KRA","OCSP","TKS"] +PKI_INDENTATION_LEVEL_0 = {'indent' : ''} +PKI_INDENTATION_LEVEL_1 = {'indent' : '... '} +PKI_INDENTATION_LEVEL_2 = {'indent' : '....... '} +PKI_INDENTATION_LEVEL_3 = {'indent' : '........... '} +PKI_INDENTATION_LEVEL_4 = {'indent' : '............... '} + +# NOTE: Well-known 'registry root', default 'instance', and default +# 'configuration file' names MUST be created in order to potentially +# obtain an instance-specific configuration file +# (presuming one has not been specified during command-line parsing) +# because command-line parsing happens prior to reading any +# configuration files. Although the 'registry root' MUST remain fixed, +# the default 'instance' name may be overridden by the value specified +# in the configuration file (the value in the default configuration file +# should always match the 'default' instance name specified below). +PKI_DEPLOYMENT_REGISTRY_ROOT = "/etc/sysconfig/pki" +PKI_DEPLOYMENT_DEFAULT_INSTANCE_NAME = "instance" +PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE = "pkideployment.cfg" + +# NOTE: Top-level "/etc/pki" is owned by the "filesystem" package! +PKI_SHARED_CONFIGURATION_ROOT = "/etc/pki" + + +# PKI Deployment Global Variables +pki_timestamp = None + # PKI Deployment "Mandatory" Command-Line Variables pki_subsystem = None # PKI Deployment "Optional" Command-Line Variables -pkideployment_cfg = PKI_DEPLOYMENT_CONFIG_PATH + "/" + "pkideployment.cfg" +pkideployment_cfg = "/usr/share/pki/deployment/config/pkideployment.cfg" pki_dry_run_flag = False pki_root_prefix = None pki_update_flag = False @@ -93,4 +92,3 @@ pki_common_dict = None pki_web_server_dict = None pki_subsystem_dict = None pki_master_dict = None - -- cgit