From 4a263b8db27208413acd0f038ea67629d5ee27bb Mon Sep 17 00:00:00 2001
From: Matthew Harmsen <mharmsen@redhat.com>
Date: Wed, 23 May 2012 18:59:06 -0700
Subject: PKI Deployment Scriptlets

* Integration of Tomcat 7
* Addition of centralized 'pki-tomcatd' systemd functionality to the
  PKI Deployment strategy
* Removal of 'pki_flavor' attribute
---
 base/ra/setup/CMakeLists.txt     |   1 +
 base/ra/setup/pkidaemon_registry | 116 +++++++++++++++++++++++++++++++++++++++
 base/ra/setup/registry_instance  |   3 -
 3 files changed, 117 insertions(+), 3 deletions(-)
 create mode 100644 base/ra/setup/pkidaemon_registry

(limited to 'base/ra')

diff --git a/base/ra/setup/CMakeLists.txt b/base/ra/setup/CMakeLists.txt
index f5f069cdb..4f9784507 100644
--- a/base/ra/setup/CMakeLists.txt
+++ b/base/ra/setup/CMakeLists.txt
@@ -2,6 +2,7 @@ set(VERSION ${APPLICATION_VERSION})
 
 install(
     FILES
+        pkidaemon_registry
         registry_instance
     DESTINATION
         ${SHARE_INSTALL_PREFIX}/${APPLICATION_NAME}/${PROJECT_NAME}/setup
diff --git a/base/ra/setup/pkidaemon_registry b/base/ra/setup/pkidaemon_registry
new file mode 100644
index 000000000..8d23dda05
--- /dev/null
+++ b/base/ra/setup/pkidaemon_registry
@@ -0,0 +1,116 @@
+# Establish PKI Variable "Slot" Substitutions
+
+PKI_WEB_SERVER_TYPE=[PKI_WEB_SERVER_TYPE]
+export PKI_WEB_SERVER_TYPE
+
+PKI_SUBSYSTEM_TYPE=[PKI_SUBSYSTEM_TYPE]
+export PKI_SUBSYSTEM_TYPE
+
+PKI_USER=[PKI_USER]
+export PKI_USER
+
+PKI_GROUP=[PKI_GROUP]
+export PKI_GROUP
+
+PKI_INSTANCE_ID=[PKI_INSTANCE_ID]
+export PKI_INSTANCE_ID
+
+PKI_INSTANCE_INITSCRIPT=[PKI_INSTANCE_INITSCRIPT]
+export PKI_INSTANCE_INITSCRIPT
+
+PKI_HTTPD_CONF=[HTTPD_CONF]
+export PKI_HTTPD_CONF
+
+PKI_SERVER_ROOT=[SERVER_ROOT]
+export PKI_SERVER_ROOT
+
+PKI_SYSTEM_USER_LIBRARIES=[SYSTEM_USER_LIBRARIES]
+export PKI_SYSTEM_USER_LIBRARIES
+
+PKI_FORTITUDE_DIR=[FORTITUDE_DIR]
+export PKI_FORTITUDE_DIR
+
+PKI_NSS_CONF=[NSS_CONF]
+export PKI_NSS_CONF
+
+PKI_SERVER_NAME=[SERVER_NAME]
+export PKI_SERVER_NAME
+
+PKI_LOCK_FILE="[PKI_LOCKDIR]/${PKI_INSTANCE_ID}.pid"
+export PKI_LOCK_FILE
+
+PKI_PID_FILE="[PKI_PIDDIR]/${PKI_INSTANCE_ID}.pid"
+export PKI_PID_FILE
+
+PKI_SELINUX_TYPE="pki_ra_t"
+export PKI_SELINUX_TYPE
+
+pki_instance_configuration_file=${PKI_SERVER_ROOT}/conf/CS.cfg
+export pki_instance_configuration_file
+
+RESTART_SERVER=${PKI_SERVER_ROOT}/conf/restart_server_after_configuration
+export RESTART_SERVER
+
+########################################################################
+#   This section contains modified content of "/etc/sysconfig/httpd"   #
+########################################################################
+# Configuration file for the ${PKI_INSTANCE_ID} service.
+
+#
+# The default processing model (MPM) is the process-based
+# 'prefork' model.  A thread-based model, 'worker', is also
+# available, but does not work with some modules (such as PHP).
+# The service must be stopped before changing this variable.
+#
+PKI_HTTPD=${PKI_FORTITUDE_DIR}/sbin/httpd.worker
+export PKI_HTTPD
+
+#
+# To pass additional options (for instance, -D definitions) to the
+# httpd binary at startup, set PKI_OPTIONS here.
+#
+PKI_OPTIONS="-f ${PKI_HTTPD_CONF}"
+export PKI_OPTIONS
+
+#
+# By default, the httpd process is started in the C locale; to
+# change the locale in which the server runs, the PKI_HTTPD_LANG
+# variable can be set.
+#
+PKI_HTTPD_LANG=C
+export PKI_HTTPD_LANG
+########################################################################
+#                                                                      #
+########################################################################
+
+# This will prevent initlog from swallowing up a pass-phrase prompt if
+# mod_ssl needs a pass-phrase from the user.
+PKI_INITLOG_ARGS=""
+export PKI_INITLOG_ARGS
+
+# Set PKI_HTTPD=/usr/sbin/httpd.worker in /etc/sysconfig/httpd to use a server
+# with the thread-based "worker" MPM; BE WARNED that some modules may not
+# work correctly with a thread-based MPM; notably PHP will refuse to start.
+
+# Path to the server binary and short-form for messages.
+httpd=${PKI_HTTPD}
+export httpd
+
+pki_logs_directory=${PKI_SERVER_ROOT}/logs
+export pki_logs_directory
+
+# see if httpd is linked with the openldap libraries - we need to override
+# their use of OpenSSL
+if [ ${OS} = "Linux" ]; then
+    hasopenldap=0
+
+    /usr/bin/ldd ${httpd} 2>&1 | grep libldap- > /dev/null 2>&1 && hasopenldap=1
+
+    if [ ${hasopenldap} -eq 1 ] ; then
+        LD_PRELOAD="${PKI_SYSTEM_USER_LIBRARIES}/libssl3.so:${LD_PRELOAD}"
+        export LD_PRELOAD
+    fi
+elif [ ${OS} = "SunOS" ]; then
+    LD_PRELOAD_64="${PKI_SYSTEM_USER_LIBRARIES}/dirsec/libssl3.so:${LD_PRELOAD_64}"
+    export LD_PRELOAD_64
+fi
diff --git a/base/ra/setup/registry_instance b/base/ra/setup/registry_instance
index 64a73197f..f8cae5a43 100644
--- a/base/ra/setup/registry_instance
+++ b/base/ra/setup/registry_instance
@@ -1,8 +1,5 @@
 # Establish PKI Variable "Slot" Substitutions
 
-PKI_FLAVOR=[PKI_FLAVOR]
-export PKI_FLAVOR
-
 PKI_SUBSYSTEM_TYPE=[PKI_SUBSYSTEM_TYPE]
 export PKI_SUBSYSTEM_TYPE
 
-- 
cgit