From 759565d9b641106fcd60988524659b1f5071592c Mon Sep 17 00:00:00 2001 From: Ade Lee Date: Fri, 6 Jun 2014 22:29:02 +0800 Subject: Reformat scriptlets to be in line with PEP8 Mostly handle pycharm warnings about code formatting. --- .../server/deployment/scriptlets/finalization.py | 25 +-- .../deployment/scriptlets/infrastructure_layout.py | 29 ++-- .../server/deployment/scriptlets/initialization.py | 3 +- .../deployment/scriptlets/instance_layout.py | 174 +++++++++++++-------- .../deployment/scriptlets/security_databases.py | 40 ++--- .../server/deployment/scriptlets/selinux_setup.py | 168 ++++++++++++-------- .../deployment/scriptlets/slot_substitution.py | 18 ++- .../deployment/scriptlets/subsystem_layout.py | 136 ++++++++++------ .../deployment/scriptlets/webapp_deployment.py | 55 ++++--- 9 files changed, 400 insertions(+), 248 deletions(-) (limited to 'base/server/python') diff --git a/base/server/python/pki/server/deployment/scriptlets/finalization.py b/base/server/python/pki/server/deployment/scriptlets/finalization.py index 900bcef97..4d4b59c64 100644 --- a/base/server/python/pki/server/deployment/scriptlets/finalization.py +++ b/base/server/python/pki/server/deployment/scriptlets/finalization.py @@ -48,11 +48,13 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # For debugging/auditing purposes, save a timestamped copy of # this configuration file in the subsystem archive - deployer.file.copy(deployer.mdict['pki_user_deployment_cfg_replica'], - deployer.mdict['pki_user_deployment_cfg_spawn_archive']) + deployer.file.copy( + deployer.mdict['pki_user_deployment_cfg_replica'], + deployer.mdict['pki_user_deployment_cfg_spawn_archive']) # Save a copy of the installation manifest file - config.pki_log.info(log.PKI_MANIFEST_MESSAGE_1, deployer.mdict['pki_manifest'], - extra=config.PKI_INDENTATION_LEVEL_2) + config.pki_log.info( + log.PKI_MANIFEST_MESSAGE_1, deployer.mdict['pki_manifest'], + extra=config.PKI_INDENTATION_LEVEL_2) # for record in manifest.database: # print tuple(record) manifest_file = manifest.File(deployer.manifest_db) @@ -62,8 +64,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # Also, for debugging/auditing purposes, save a timestamped copy of # this installation manifest file - deployer.file.copy(deployer.mdict['pki_manifest'], - deployer.mdict['pki_manifest_spawn_archive']) + deployer.file.copy( + deployer.mdict['pki_manifest'], + deployer.mdict['pki_manifest_spawn_archive']) # Optionally, programmatically 'restart' the configured PKI instance if config.str2bool(deployer.mdict['pki_restart_configured_instance']): deployer.systemd.restart() @@ -75,8 +78,10 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # be deleted! # if config.str2bool(deployer.mdict['pki_client_database_purge']): - if deployer.directory.exists(deployer.mdict['pki_client_subsystem_dir']): - deployer.directory.delete(deployer.mdict['pki_client_subsystem_dir']) + if deployer.directory.exists( + deployer.mdict['pki_client_subsystem_dir']): + deployer.directory.delete( + deployer.mdict['pki_client_subsystem_dir']) # If instance has not been configured, print the # configuration URL to the log if config.str2bool(deployer.mdict['pki_skip_configuration']): @@ -98,8 +103,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ deployer.instance.apache_instance_subsystems() >= 1: deployer.systemd.start() - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ - len(deployer.instance.tomcat_instance_subsystems()) >= 1: + elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + and len(deployer.instance.tomcat_instance_subsystems()) >= 1: deployer.systemd.start() config.pki_log.info(log.PKIDESTROY_END_MESSAGE_2, deployer.mdict['pki_subsystem'], diff --git a/base/server/python/pki/server/deployment/scriptlets/infrastructure_layout.py b/base/server/python/pki/server/deployment/scriptlets/infrastructure_layout.py index 7a8fa705c..60ce60167 100644 --- a/base/server/python/pki/server/deployment/scriptlets/infrastructure_layout.py +++ b/base/server/python/pki/server/deployment/scriptlets/infrastructure_layout.py @@ -52,15 +52,19 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # deployment configuration file used to spawn this instance, # and save a copy of this file deployer.directory.create(deployer.mdict['pki_registry_path']) - deployer.directory.create(deployer.mdict['pki_instance_type_registry_path']) + deployer.directory.create( + deployer.mdict['pki_instance_type_registry_path']) deployer.directory.create(deployer.mdict['pki_instance_registry_path']) deployer.directory.create(deployer.mdict['pki_subsystem_registry_path']) - deployer.file.copy(deployer.mdict['pki_default_deployment_cfg'], - deployer.mdict['pki_default_deployment_cfg_replica']) + deployer.file.copy( + deployer.mdict['pki_default_deployment_cfg'], + deployer.mdict['pki_default_deployment_cfg_replica']) - print "Storing deployment configuration into " + deployer.mdict['pki_user_deployment_cfg_replica'] + "." + print "Storing deployment configuration into " + \ + deployer.mdict['pki_user_deployment_cfg_replica'] + "." - # Archive the user deployment configuration excluding the sensitive parameters + # Archive the user deployment configuration excluding the sensitive + # parameters sensitive_parameters = deployer.mdict['sensitive_parameters'].split() sections = config.user_config.sections() for s in sections: @@ -75,8 +79,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.directory.create(deployer.mdict['pki_path']) deployer.directory.create(deployer.mdict['pki_instance_path']) deployer.directory.create(deployer.mdict['pki_subsystem_path']) - deployer.symlink.create(deployer.mdict['pki_instance_registry_path'], - deployer.mdict['pki_subsystem_registry_link']) + deployer.symlink.create( + deployer.mdict['pki_instance_registry_path'], + deployer.mdict['pki_subsystem_registry_link']) # # NOTE: If "infrastructure_layout" scriptlet execution has been # successfully executed to this point, the "pkidestroy" command @@ -105,10 +110,12 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # since it now stores 'pkispawn'/'pkidestroy' logs # deployer.directory.delete(deployer.mdict['pki_log_path']) # remove top-level infrastructure configuration - if deployer.directory.is_empty(deployer.mdict['pki_configuration_path'])\ - and deployer.mdict['pki_configuration_path'] != \ - config.PKI_DEPLOYMENT_CONFIGURATION_ROOT: - deployer.directory.delete(deployer.mdict['pki_configuration_path']) + if deployer.directory.is_empty( + deployer.mdict['pki_configuration_path']) and \ + deployer.mdict['pki_configuration_path'] != \ + config.PKI_DEPLOYMENT_CONFIGURATION_ROOT: + deployer.directory.delete( + deployer.mdict['pki_configuration_path']) # remove top-level infrastructure registry deployer.directory.delete(deployer.mdict['pki_registry_path']) return self.rv diff --git a/base/server/python/pki/server/deployment/scriptlets/initialization.py b/base/server/python/pki/server/deployment/scriptlets/initialization.py index 876030b45..a0f1e313a 100644 --- a/base/server/python/pki/server/deployment/scriptlets/initialization.py +++ b/base/server/python/pki/server/deployment/scriptlets/initialization.py @@ -57,7 +57,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # detect and avoid any namespace collisions deployer.namespace.collision_detection() # initialize 'uid' and 'gid' - deployer.identity.add_uid_and_gid(deployer.mdict['pki_user'], deployer.mdict['pki_group']) + deployer.identity.add_uid_and_gid(deployer.mdict['pki_user'], + deployer.mdict['pki_group']) # establish 'uid' and 'gid' deployer.identity.set_uid(deployer.mdict['pki_user']) deployer.identity.set_gid(deployer.mdict['pki_group']) diff --git a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py index 97a2d1802..b5ec19e3a 100644 --- a/base/server/python/pki/server/deployment/scriptlets/instance_layout.py +++ b/base/server/python/pki/server/deployment/scriptlets/instance_layout.py @@ -44,8 +44,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # if this is the first subsystem - if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ - len(deployer.instance.tomcat_instance_subsystems()) == 1: + if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + and len(deployer.instance.tomcat_instance_subsystems()) == 1: # establish instance logs deployer.directory.create(deployer.mdict['pki_instance_log_path']) @@ -57,7 +57,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # establish Tomcat instance base deployer.directory.create(deployer.mdict['pki_tomcat_common_path']) - deployer.directory.create(deployer.mdict['pki_tomcat_common_lib_path']) + deployer.directory.create( + deployer.mdict['pki_tomcat_common_lib_path']) # establish Tomcat instance library deployer.directory.create(deployer.mdict['pki_instance_lib']) for name in os.listdir(deployer.mdict['pki_tomcat_lib_path']): @@ -68,8 +69,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): os.path.join( deployer.mdict['pki_instance_lib'], name)) - deployer.symlink.create(deployer.mdict['pki_instance_conf_log4j_properties'], - deployer.mdict['pki_instance_lib_log4j_properties']) + deployer.symlink.create( + deployer.mdict['pki_instance_conf_log4j_properties'], + deployer.mdict['pki_instance_lib_log4j_properties']) deployer.directory.create(deployer.mdict['pki_tomcat_tmpdir_path']) # Copy /usr/share/pki/server/webapps to /webapps @@ -84,7 +86,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # copy selected server theme # to /webapps/pki if config.str2bool(deployer.mdict['pki_theme_enable']) and\ - os.path.exists(deployer.mdict['pki_theme_server_dir']): + os.path.exists(deployer.mdict['pki_theme_server_dir']): deployer.directory.copy( deployer.mdict['pki_theme_server_dir'], os.path.join( @@ -93,8 +95,10 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): overwrite_flag=True) deployer.directory.create(deployer.mdict['pki_tomcat_work_path']) - deployer.directory.create(deployer.mdict['pki_tomcat_work_catalina_path']) - deployer.directory.create(deployer.mdict['pki_tomcat_work_catalina_host_path']) + deployer.directory.create( + deployer.mdict['pki_tomcat_work_catalina_path']) + deployer.directory.create( + deployer.mdict['pki_tomcat_work_catalina_host_path']) deployer.directory.create( deployer.mdict['pki_tomcat_work_catalina_host_run_path']) deployer.directory.create( @@ -102,119 +106,156 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # establish Tomcat instance logs # establish Tomcat instance registry # establish Tomcat instance convenience symbolic links - deployer.symlink.create(deployer.mdict['pki_tomcat_bin_path'], - deployer.mdict['pki_tomcat_bin_link']) - deployer.symlink.create(deployer.mdict['pki_tomcat_systemd'], - deployer.mdict['pki_instance_systemd_link'], - uid=0, gid=0) + deployer.symlink.create( + deployer.mdict['pki_tomcat_bin_path'], + deployer.mdict['pki_tomcat_bin_link']) + deployer.symlink.create( + deployer.mdict['pki_tomcat_systemd'], + deployer.mdict['pki_instance_systemd_link'], + uid=0, gid=0) # establish Tomcat instance common lib jar symbolic links - deployer.symlink.create(deployer.mdict['pki_apache_commons_collections_jar'], + deployer.symlink.create( + deployer.mdict['pki_apache_commons_collections_jar'], deployer.mdict['pki_apache_commons_collections_jar_link']) - deployer.symlink.create(deployer.mdict['pki_apache_commons_io_jar'], + deployer.symlink.create( + deployer.mdict['pki_apache_commons_io_jar'], deployer.mdict['pki_apache_commons_io_jar_link']) - deployer.symlink.create(deployer.mdict['pki_apache_commons_lang_jar'], + deployer.symlink.create( + deployer.mdict['pki_apache_commons_lang_jar'], deployer.mdict['pki_apache_commons_lang_jar_link']) - deployer.symlink.create(deployer.mdict['pki_apache_commons_logging_jar'], + deployer.symlink.create( + deployer.mdict['pki_apache_commons_logging_jar'], deployer.mdict['pki_apache_commons_logging_jar_link']) - deployer.symlink.create(deployer.mdict['pki_commons_codec_jar'], + deployer.symlink.create( + deployer.mdict['pki_commons_codec_jar'], deployer.mdict['pki_commons_codec_jar_link']) - deployer.symlink.create(deployer.mdict['pki_httpclient_jar'], + deployer.symlink.create( + deployer.mdict['pki_httpclient_jar'], deployer.mdict['pki_httpclient_jar_link']) - deployer.symlink.create(deployer.mdict['pki_httpcore_jar'], + deployer.symlink.create( + deployer.mdict['pki_httpcore_jar'], deployer.mdict['pki_httpcore_jar_link']) - deployer.symlink.create(deployer.mdict['pki_javassist_jar'], + deployer.symlink.create( + deployer.mdict['pki_javassist_jar'], deployer.mdict['pki_javassist_jar_link']) - deployer.symlink.create(deployer.mdict['pki_jss_jar'], + deployer.symlink.create( + deployer.mdict['pki_jss_jar'], deployer.mdict['pki_jss_jar_link']) - deployer.symlink.create(deployer.mdict['pki_ldapjdk_jar'], + deployer.symlink.create( + deployer.mdict['pki_ldapjdk_jar'], deployer.mdict['pki_ldapjdk_jar_link']) - deployer.symlink.create(deployer.mdict['pki_tomcat_jar'], + deployer.symlink.create( + deployer.mdict['pki_tomcat_jar'], deployer.mdict['pki_tomcat_jar_link']) - deployer.symlink.create(deployer.mdict['pki_scannotation_jar'], + deployer.symlink.create( + deployer.mdict['pki_scannotation_jar'], deployer.mdict['pki_scannotation_jar_link']) - deployer.symlink.create(deployer.mdict['pki_tomcatjss_jar'], + deployer.symlink.create( + deployer.mdict['pki_tomcatjss_jar'], deployer.mdict['pki_tomcatjss_jar_link']) - deployer.symlink.create(deployer.mdict['pki_velocity_jar'], + deployer.symlink.create( + deployer.mdict['pki_velocity_jar'], deployer.mdict['pki_velocity_jar_link']) - deployer.symlink.create(deployer.mdict['pki_xerces_j2_jar'], + deployer.symlink.create( + deployer.mdict['pki_xerces_j2_jar'], deployer.mdict['pki_xerces_j2_jar_link']) - deployer.symlink.create(deployer.mdict['pki_xml_commons_apis_jar'], + deployer.symlink.create( + deployer.mdict['pki_xml_commons_apis_jar'], deployer.mdict['pki_xml_commons_apis_jar_link']) - deployer.symlink.create(deployer.mdict['pki_xml_commons_resolver_jar'], + deployer.symlink.create( + deployer.mdict['pki_xml_commons_resolver_jar'], deployer.mdict['pki_xml_commons_resolver_jar_link']) # Jackson - deployer.symlink.create(deployer.mdict['pki_jackson_annotations_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_annotations_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-annotations.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_core_asl_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_core_asl_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-core-asl.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_core_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_core_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-core.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_databind_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_databind_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-databind.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_jaxrs_base_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_jaxrs_base_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-jaxrs-base.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_jaxrs_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_jaxrs_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-jaxrs.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_jaxrs_json_provider_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_jaxrs_json_provider_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-jaxrs-json-provider.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_mapper_asl_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_mapper_asl_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-mapper-asl.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_module_jaxb_annotations_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_module_jaxb_annotations_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-module-jaxb-annotations.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_mrbean_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_mrbean_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-mrbean.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_smile_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_smile_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-smile.jar')) - deployer.symlink.create(deployer.mdict['pki_jackson_xc_jar'], + deployer.symlink.create( + deployer.mdict['pki_jackson_xc_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jackson-xc.jar')) # RESTEasy - deployer.symlink.create(deployer.mdict['pki_resteasy_atom_provider_jar'], + deployer.symlink.create( + deployer.mdict['pki_resteasy_atom_provider_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'resteasy-atom-provider.jar')) - deployer.symlink.create(deployer.mdict['pki_resteasy_client_jar'], + deployer.symlink.create( + deployer.mdict['pki_resteasy_client_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'resteasy-client.jar')) - deployer.symlink.create(deployer.mdict['pki_resteasy_jaxb_provider_jar'], + deployer.symlink.create( + deployer.mdict['pki_resteasy_jaxb_provider_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'resteasy-jaxb-provider.jar')) - deployer.symlink.create(deployer.mdict['pki_resteasy_jaxrs_api_jar'], + deployer.symlink.create( + deployer.mdict['pki_resteasy_jaxrs_api_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'jaxrs-api.jar')) - deployer.symlink.create(deployer.mdict['pki_resteasy_jaxrs_jar'], + deployer.symlink.create( + deployer.mdict['pki_resteasy_jaxrs_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'resteasy-jaxrs.jar')) - deployer.symlink.create(deployer.mdict['pki_resteasy_jackson_provider_jar'], + deployer.symlink.create( + deployer.mdict['pki_resteasy_jackson_provider_jar'], os.path.join( deployer.mdict['pki_tomcat_common_lib_path'], 'resteasy-jackson-provider.jar')) @@ -222,15 +263,19 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # establish shared NSS security databases for this instance deployer.directory.create(deployer.mdict['pki_database_path']) # establish instance convenience symbolic links - deployer.symlink.create(deployer.mdict['pki_database_path'], - deployer.mdict['pki_instance_database_link']) - deployer.symlink.create(deployer.mdict['pki_instance_configuration_path'], - deployer.mdict['pki_instance_conf_link']) - deployer.symlink.create(deployer.mdict['pki_instance_log_path'], - deployer.mdict['pki_instance_logs_link']) + deployer.symlink.create( + deployer.mdict['pki_database_path'], + deployer.mdict['pki_instance_database_link']) + deployer.symlink.create( + deployer.mdict['pki_instance_configuration_path'], + deployer.mdict['pki_instance_conf_link']) + deployer.symlink.create( + deployer.mdict['pki_instance_log_path'], + deployer.mdict['pki_instance_logs_link']) if deployer.mdict['pki_subsystem'] == 'TKS': - deployer.symlink.create(deployer.mdict['pki_symkey_jar'], + deployer.symlink.create( + deployer.mdict['pki_symkey_jar'], deployer.mdict['pki_symkey_jar_link']) return self.rv @@ -251,16 +296,18 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # remove shared NSS security database path for this instance deployer.directory.delete(deployer.mdict['pki_database_path']) # remove Apache instance configuration - deployer.directory.delete(deployer.mdict['pki_instance_configuration_path']) + deployer.directory.delete( + deployer.mdict['pki_instance_configuration_path']) # remove Apache instance registry - deployer.directory.delete(deployer.mdict['pki_instance_registry_path']) + deployer.directory.delete( + deployer.mdict['pki_instance_registry_path']) # remove Apache PKI registry (if empty) if deployer.instance.apache_instances() == 0: deployer.directory.delete( deployer.mdict['pki_instance_type_registry_path']) - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ - len(deployer.instance.tomcat_instance_subsystems()) == 0: + elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + and len(deployer.instance.tomcat_instance_subsystems()) == 0: # remove Tomcat instance base deployer.directory.delete(deployer.mdict['pki_instance_path']) # remove Tomcat instance logs @@ -268,11 +315,14 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # remove shared NSS security database path for this instance deployer.directory.delete(deployer.mdict['pki_database_path']) # remove Tomcat instance configuration - deployer.directory.delete(deployer.mdict['pki_instance_configuration_path']) + deployer.directory.delete( + deployer.mdict['pki_instance_configuration_path']) # remove PKI 'tomcat.conf' instance file - deployer.file.delete(deployer.mdict['pki_target_tomcat_conf_instance_id']) + deployer.file.delete( + deployer.mdict['pki_target_tomcat_conf_instance_id']) # remove Tomcat instance registry - deployer.directory.delete(deployer.mdict['pki_instance_registry_path']) + deployer.directory.delete( + deployer.mdict['pki_instance_registry_path']) # remove Tomcat PKI registry (if empty) if deployer.instance.tomcat_instances() == 0: deployer.directory.delete( diff --git a/base/server/python/pki/server/deployment/scriptlets/security_databases.py b/base/server/python/pki/server/deployment/scriptlets/security_databases.py index f43e0c2a2..dc175cd6c 100644 --- a/base/server/python/pki/server/deployment/scriptlets/security_databases.py +++ b/base/server/python/pki/server/deployment/scriptlets/security_databases.py @@ -54,23 +54,26 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.mdict['pki_key_database'], deployer.mdict['pki_secmod_database'], password_file=deployer.mdict['pki_shared_pfile']) - deployer.file.modify(deployer.mdict['pki_cert_database'], perms=\ - config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS) - deployer.file.modify(deployer.mdict['pki_key_database'], perms=\ - config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS) - deployer.file.modify(deployer.mdict['pki_secmod_database'], perms=\ - config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS) + deployer.file.modify( + deployer.mdict['pki_cert_database'], + perms=config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS) + deployer.file.modify( + deployer.mdict['pki_key_database'], + perms=config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS) + deployer.file.modify( + deployer.mdict['pki_secmod_database'], + perms=config.PKI_DEPLOYMENT_DEFAULT_SECURITY_DATABASE_PERMISSIONS) if len(deployer.instance.tomcat_instance_subsystems()) < 2: # only create a self signed cert for a new instance rv = deployer.certutil.verify_certificate_exists( - deployer.mdict['pki_database_path'], - deployer.mdict['pki_cert_database'], - deployer.mdict['pki_key_database'], - deployer.mdict['pki_secmod_database'], - deployer.mdict['pki_self_signed_token'], - deployer.mdict['pki_self_signed_nickname'], - password_file=deployer.mdict['pki_shared_pfile']) + deployer.mdict['pki_database_path'], + deployer.mdict['pki_cert_database'], + deployer.mdict['pki_key_database'], + deployer.mdict['pki_secmod_database'], + deployer.mdict['pki_self_signed_token'], + deployer.mdict['pki_self_signed_nickname'], + password_file=deployer.mdict['pki_shared_pfile']) if not rv: deployer.file.generate_noise_file( deployer.mdict['pki_self_signed_noise_file'], @@ -90,7 +93,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.mdict['pki_self_signed_noise_file'], password_file=deployer.mdict['pki_shared_pfile']) # Delete the temporary 'noise' file - deployer.file.delete(deployer.mdict['pki_self_signed_noise_file']) + deployer.file.delete( + deployer.mdict['pki_self_signed_noise_file']) # Delete the temporary 'pfile' deployer.file.delete(deployer.mdict['pki_shared_pfile']) return self.rv @@ -99,14 +103,14 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): config.pki_log.info(log.SECURITY_DATABASES_DESTROY_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ - deployer.instance.apache_instance_subsystems() == 0: + if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS \ + and deployer.instance.apache_instance_subsystems() == 0: deployer.file.delete(deployer.mdict['pki_cert_database']) deployer.file.delete(deployer.mdict['pki_key_database']) deployer.file.delete(deployer.mdict['pki_secmod_database']) deployer.file.delete(deployer.mdict['pki_shared_password_conf']) - elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ - len(deployer.instance.tomcat_instance_subsystems()) == 0: + elif deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS \ + and len(deployer.instance.tomcat_instance_subsystems()) == 0: deployer.file.delete(deployer.mdict['pki_cert_database']) deployer.file.delete(deployer.mdict['pki_key_database']) deployer.file.delete(deployer.mdict['pki_secmod_database']) diff --git a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py index 7301192a5..b6f1fd9c3 100644 --- a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py +++ b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py @@ -63,52 +63,68 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): try: # check first if any transactions are required if len(ports) == 0 and deployer.mdict['pki_instance_name'] == \ - config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: + config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: self.restore_context(deployer.mdict) return self.rv # add SELinux contexts when adding the first subsystem - if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ - deployer.instance.apache_instance_subsystems() == 1 or\ - deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ - len(deployer.instance.tomcat_instance_subsystems()) == 1: + if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and \ + deployer.instance.apache_instance_subsystems() == 1 \ + or deployer.mdict['pki_subsystem'] in \ + config.PKI_TOMCAT_SUBSYSTEMS and \ + len(deployer.instance.tomcat_instance_subsystems()) == 1: trans = seobject.semanageRecords("targeted") trans.start() if deployer.mdict['pki_instance_name'] != \ - config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: + config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: fcon = seobject.fcontextRecords() - config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.mdict['pki_instance_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.mdict['pki_instance_path'] + self.suffix, - config.PKI_INSTANCE_SELINUX_CONTEXT, "", "s0", "") - - config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.mdict['pki_instance_log_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.mdict['pki_instance_log_path'] + self.suffix, - config.PKI_LOG_SELINUX_CONTEXT, "", "s0", "") - - config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.mdict['pki_instance_configuration_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.mdict['pki_instance_configuration_path'] + self.suffix, - config.PKI_CFG_SELINUX_CONTEXT, "", "s0", "") - - config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.mdict['pki_database_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.mdict['pki_database_path'] + self.suffix, - config.PKI_CERTDB_SELINUX_CONTEXT, "", "s0", "") - - portRecords = seobject.portRecords() + config.pki_log.info( + "adding selinux fcontext \"%s\"", + deployer.mdict['pki_instance_path'] + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.add( + deployer.mdict['pki_instance_path'] + self.suffix, + config.PKI_INSTANCE_SELINUX_CONTEXT, "", "s0", "") + + config.pki_log.info( + "adding selinux fcontext \"%s\"", + deployer.mdict['pki_instance_log_path'] + + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.add( + deployer.mdict['pki_instance_log_path'] + + self.suffix, + config.PKI_LOG_SELINUX_CONTEXT, "", "s0", "") + + config.pki_log.info( + "adding selinux fcontext \"%s\"", + deployer.mdict['pki_instance_configuration_path'] + + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.add( + deployer.mdict['pki_instance_configuration_path'] + + self.suffix, + config.PKI_CFG_SELINUX_CONTEXT, "", "s0", "") + + config.pki_log.info( + "adding selinux fcontext \"%s\"", + deployer.mdict['pki_database_path'] + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.add( + deployer.mdict['pki_database_path'] + self.suffix, + config.PKI_CERTDB_SELINUX_CONTEXT, "", "s0", "") + + port_records = seobject.portRecords() for port in ports: - config.pki_log.info("adding selinux port %s", port, - extra=config.PKI_INDENTATION_LEVEL_2) - portRecords.add(port, "tcp", "s0", config.PKI_PORT_SELINUX_CONTEXT) + config.pki_log.info( + "adding selinux port %s", port, + extra=config.PKI_INDENTATION_LEVEL_2) + port_records.add( + port, "tcp", "s0", + config.PKI_PORT_SELINUX_CONTEXT) trans.finish() @@ -117,12 +133,14 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): except ValueError as e: error_message = str(e) config.pki_log.debug(error_message) - if error_message.strip() == "Could not start semanage transaction": - counter = counter + 1 + if error_message.strip() == \ + "Could not start semanage transaction": + counter += 1 if counter >= max_tries: raise time.sleep(5) - config.pki_log.debug("Retrying to setup the selinux context ...") + config.pki_log.debug( + "Retrying to setup the selinux context ...") else: raise @@ -139,7 +157,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # check first if any transactions are required if (len(ports) == 0 and deployer.mdict['pki_instance_name'] == - config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME): + config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME): return self.rv # A maximum of 10 tries to delete the SELinux contexts counter = 1 @@ -156,48 +174,64 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): trans.start() if deployer.mdict['pki_instance_name'] != \ - config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: + config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: fcon = seobject.fcontextRecords() - config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.mdict['pki_instance_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.mdict['pki_instance_path'] + self.suffix , "") - - config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.mdict['pki_instance_log_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.mdict['pki_instance_log_path'] + self.suffix, "") - - config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.mdict['pki_instance_configuration_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.mdict['pki_instance_configuration_path'] + - self.suffix, "") - - config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.mdict['pki_database_path'] + self.suffix, - extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.mdict['pki_database_path'] + self.suffix , "") - - portRecords = seobject.portRecords() + config.pki_log.info( + "deleting selinux fcontext \"%s\"", + deployer.mdict['pki_instance_path'] + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.delete( + deployer.mdict['pki_instance_path'] + + self.suffix, "") + + config.pki_log.info( + "deleting selinux fcontext \"%s\"", + deployer.mdict['pki_instance_log_path'] + + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.delete( + deployer.mdict['pki_instance_log_path'] + + self.suffix, "") + + config.pki_log.info( + "deleting selinux fcontext \"%s\"", + deployer.mdict['pki_instance_configuration_path'] + + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.delete( + deployer.mdict['pki_instance_configuration_path'] + + self.suffix, "") + + config.pki_log.info( + "deleting selinux fcontext \"%s\"", + deployer.mdict['pki_database_path'] + self.suffix, + extra=config.PKI_INDENTATION_LEVEL_2) + fcon.delete( + deployer.mdict['pki_database_path'] + + self.suffix, "") + + port_records = seobject.portRecords() for port in ports: - config.pki_log.info("deleting selinux port %s", port, - extra=config.PKI_INDENTATION_LEVEL_2) - portRecords.delete(port, "tcp") + config.pki_log.info( + "deleting selinux port %s", port, + extra=config.PKI_INDENTATION_LEVEL_2) + port_records.delete(port, "tcp") trans.finish() break except ValueError as e: error_message = str(e) config.pki_log.debug(error_message) - if error_message.strip() == "Could not start semanage transaction": - counter = counter + 1 + if error_message.strip() == \ + "Could not start semanage transaction": + counter += 1 if counter >= max_tries: raise time.sleep(5) - config.pki_log.debug("Retrying to remove selinux context ...") + config.pki_log.debug( + "Retrying to remove selinux context ...") else: raise diff --git a/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py b/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py index 1230544b0..f86ae4900 100644 --- a/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py +++ b/base/server/python/pki/server/deployment/scriptlets/slot_substitution.py @@ -37,11 +37,13 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv config.pki_log.info(log.SLOT_ASSIGNMENT_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) - deployer.file.copy_with_slot_substitution(deployer.mdict['pki_source_cs_cfg'], - deployer.mdict['pki_target_cs_cfg']) - deployer.file.copy_with_slot_substitution(deployer.mdict['pki_source_registry'], - deployer.mdict['pki_target_registry'], - overwrite_flag=True) + deployer.file.copy_with_slot_substitution( + deployer.mdict['pki_source_cs_cfg'], + deployer.mdict['pki_target_cs_cfg']) + deployer.file.copy_with_slot_substitution( + deployer.mdict['pki_source_registry'], + deployer.mdict['pki_target_registry'], + overwrite_flag=True) if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: deployer.file.copy_with_slot_substitution( deployer.mdict['pki_source_catalina_properties'], @@ -81,11 +83,13 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): # This is ONLY necessary because XML comments cannot be "nested"! # deployer.file.copy(deployer.mdict['pki_target_subsystem_web_xml'], # deployer.mdict['pki_target_subsystem_web_xml_orig']) - # deployer.file.delete(deployer.mdict['pki_target_subsystem_web_xml']) + # deployer.file.delete( + # deployer.mdict['pki_target_subsystem_web_xml']) # util.xml_file.remove_filter_section_from_web_xml( # deployer.mdict['pki_target_subsystem_web_xml_orig'], # deployer.mdict['pki_target_subsystem_web_xml']) - # deployer.file.delete(deployer.mdict['pki_target_subsystem_web_xml_orig']) + # deployer.file.delete( + # deployer.mdict['pki_target_subsystem_web_xml_orig']) if deployer.mdict['pki_subsystem'] == "CA": deployer.file.copy_with_slot_substitution( deployer.mdict['pki_source_proxy_conf'], diff --git a/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py b/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py index c257129c4..432fba9ca 100644 --- a/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py +++ b/base/server/python/pki/server/deployment/scriptlets/subsystem_layout.py @@ -39,65 +39,89 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # establish instance-based subsystem logs deployer.directory.create(deployer.mdict['pki_subsystem_log_path']) - deployer.directory.create(deployer.mdict['pki_subsystem_archive_log_path']) - if deployer.mdict['pki_subsystem'] in config.PKI_SIGNED_AUDIT_SUBSYSTEMS: - deployer.directory.create(deployer.mdict['pki_subsystem_signed_audit_log_path']) + deployer.directory.create( + deployer.mdict['pki_subsystem_archive_log_path']) + if deployer.mdict['pki_subsystem'] in \ + config.PKI_SIGNED_AUDIT_SUBSYSTEMS: + deployer.directory.create( + deployer.mdict['pki_subsystem_signed_audit_log_path']) # establish instance-based subsystem configuration - deployer.directory.create(deployer.mdict['pki_subsystem_configuration_path']) - # deployer.directory.copy(deployer.mdict['pki_source_conf_path'], - # deployer.mdict['pki_subsystem_configuration_path']) + deployer.directory.create( + deployer.mdict['pki_subsystem_configuration_path']) + # deployer.directory.copy( + # deployer.mdict['pki_source_conf_path'], + # deployer.mdict['pki_subsystem_configuration_path']) # establish instance-based Apache/Tomcat specific subsystems if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: # establish instance-based Tomcat PKI subsystem base if deployer.mdict['pki_subsystem'] == "CA": - deployer.directory.copy(deployer.mdict['pki_source_emails'], - deployer.mdict['pki_subsystem_emails_path']) - deployer.directory.copy(deployer.mdict['pki_source_profiles'], - deployer.mdict['pki_subsystem_profiles_path']) + deployer.directory.copy( + deployer.mdict['pki_source_emails'], + deployer.mdict['pki_subsystem_emails_path']) + deployer.directory.copy( + deployer.mdict['pki_source_profiles'], + deployer.mdict['pki_subsystem_profiles_path']) # establish instance-based Tomcat PKI subsystem logs # establish instance-based Tomcat PKI subsystem configuration if deployer.mdict['pki_subsystem'] == "CA": - deployer.file.copy(deployer.mdict['pki_source_flatfile_txt'], - deployer.mdict['pki_target_flatfile_txt']) - deployer.file.copy(deployer.mdict['pki_source_registry_cfg'], - deployer.mdict['pki_target_registry_cfg']) + deployer.file.copy( + deployer.mdict['pki_source_flatfile_txt'], + deployer.mdict['pki_target_flatfile_txt']) + deployer.file.copy( + deployer.mdict['pki_source_registry_cfg'], + deployer.mdict['pki_target_registry_cfg']) # '*.profile' - deployer.file.copy(deployer.mdict['pki_source_admincert_profile'], - deployer.mdict['pki_target_admincert_profile']) - deployer.file.copy(deployer.mdict['pki_source_caauditsigningcert_profile'], - deployer.mdict['pki_target_caauditsigningcert_profile']) - deployer.file.copy(deployer.mdict['pki_source_cacert_profile'], - deployer.mdict['pki_target_cacert_profile']) - deployer.file.copy(deployer.mdict['pki_source_caocspcert_profile'], - deployer.mdict['pki_target_caocspcert_profile']) - deployer.file.copy(deployer.mdict['pki_source_servercert_profile'], - deployer.mdict['pki_target_servercert_profile']) - deployer.file.copy(deployer.mdict['pki_source_subsystemcert_profile'], - deployer.mdict['pki_target_subsystemcert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_admincert_profile'], + deployer.mdict['pki_target_admincert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_caauditsigningcert_profile'], + deployer.mdict['pki_target_caauditsigningcert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_cacert_profile'], + deployer.mdict['pki_target_cacert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_caocspcert_profile'], + deployer.mdict['pki_target_caocspcert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_servercert_profile'], + deployer.mdict['pki_target_servercert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_subsystemcert_profile'], + deployer.mdict['pki_target_subsystemcert_profile']) elif deployer.mdict['pki_subsystem'] == "KRA": # '*.profile' - deployer.file.copy(deployer.mdict['pki_source_servercert_profile'], - deployer.mdict['pki_target_servercert_profile']) - deployer.file.copy(deployer.mdict['pki_source_storagecert_profile'], - deployer.mdict['pki_target_storagecert_profile']) - deployer.file.copy(deployer.mdict['pki_source_subsystemcert_profile'], - deployer.mdict['pki_target_subsystemcert_profile']) - deployer.file.copy(deployer.mdict['pki_source_transportcert_profile'], - deployer.mdict['pki_target_transportcert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_servercert_profile'], + deployer.mdict['pki_target_servercert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_storagecert_profile'], + deployer.mdict['pki_target_storagecert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_subsystemcert_profile'], + deployer.mdict['pki_target_subsystemcert_profile']) + deployer.file.copy( + deployer.mdict['pki_source_transportcert_profile'], + deployer.mdict['pki_target_transportcert_profile']) # establish instance-based Tomcat PKI subsystem registry # establish instance-based Tomcat PKI subsystem convenience # symbolic links - deployer.symlink.create(deployer.mdict['pki_tomcat_webapps_path'], - deployer.mdict['pki_subsystem_tomcat_webapps_link']) + deployer.symlink.create( + deployer.mdict['pki_tomcat_webapps_path'], + deployer.mdict['pki_subsystem_tomcat_webapps_link']) # establish instance-based subsystem convenience symbolic links - deployer.symlink.create(deployer.mdict['pki_instance_database_link'], - deployer.mdict['pki_subsystem_database_link']) - deployer.symlink.create(deployer.mdict['pki_subsystem_configuration_path'], - deployer.mdict['pki_subsystem_conf_link']) - deployer.symlink.create(deployer.mdict['pki_subsystem_log_path'], - deployer.mdict['pki_subsystem_logs_link']) - deployer.symlink.create(deployer.mdict['pki_instance_registry_path'], - deployer.mdict['pki_subsystem_registry_link']) + deployer.symlink.create( + deployer.mdict['pki_instance_database_link'], + deployer.mdict['pki_subsystem_database_link']) + deployer.symlink.create( + deployer.mdict['pki_subsystem_configuration_path'], + deployer.mdict['pki_subsystem_conf_link']) + deployer.symlink.create( + deployer.mdict['pki_subsystem_log_path'], + deployer.mdict['pki_subsystem_logs_link']) + deployer.symlink.create( + deployer.mdict['pki_instance_registry_path'], + deployer.mdict['pki_subsystem_registry_link']) return self.rv def destroy(self, deployer): @@ -106,16 +130,24 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # remove instance-based subsystem base if deployer.mdict['pki_subsystem'] == "CA": - deployer.directory.delete(deployer.mdict['pki_subsystem_emails_path']) - deployer.directory.delete(deployer.mdict['pki_subsystem_profiles_path']) + deployer.directory.delete( + deployer.mdict['pki_subsystem_emails_path']) + deployer.directory.delete( + deployer.mdict['pki_subsystem_profiles_path']) deployer.directory.delete(deployer.mdict['pki_subsystem_path']) # remove instance-based subsystem logs - if deployer.mdict['pki_subsystem'] in config.PKI_SIGNED_AUDIT_SUBSYSTEMS: - deployer.directory.delete(deployer.mdict['pki_subsystem_signed_audit_log_path']) - deployer.directory.delete(deployer.mdict['pki_subsystem_archive_log_path']) - deployer.directory.delete(deployer.mdict['pki_subsystem_log_path']) + if deployer.mdict['pki_subsystem'] in \ + config.PKI_SIGNED_AUDIT_SUBSYSTEMS: + deployer.directory.delete( + deployer.mdict['pki_subsystem_signed_audit_log_path']) + deployer.directory.delete( + deployer.mdict['pki_subsystem_archive_log_path']) + deployer.directory.delete( + deployer.mdict['pki_subsystem_log_path']) # remove instance-based subsystem configuration - deployer.directory.delete(deployer.mdict['pki_subsystem_configuration_path']) + deployer.directory.delete( + deployer.mdict['pki_subsystem_configuration_path']) # remove instance-based subsystem registry - deployer.directory.delete(deployer.mdict['pki_subsystem_registry_path']) + deployer.directory.delete( + deployer.mdict['pki_subsystem_registry_path']) return self.rv diff --git a/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py b/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py index 838847754..962de724f 100644 --- a/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py +++ b/base/server/python/pki/server/deployment/scriptlets/webapp_deployment.py @@ -37,7 +37,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): if deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS: if config.str2bool(deployer.mdict['pki_skip_installation']): config.pki_log.info(log.SKIP_WEBAPP_DEPLOYMENT_SPAWN_1, - __name__, + __name__, extra=config.PKI_INDENTATION_LEVEL_1) return self.rv @@ -62,7 +62,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): return self.rv # For other subsystems, deploy web application into Tomcat instance. - deployer.directory.create(deployer.mdict['pki_tomcat_webapps_subsystem_path']) + deployer.directory.create( + deployer.mdict['pki_tomcat_webapps_subsystem_path']) # Copy /usr/share/pki//webapps/ # to /webapps/ @@ -95,36 +96,48 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): deployer.directory.create( deployer.mdict['pki_tomcat_webapps_subsystem_webinf_lib_path']) # establish Tomcat webapps subsystem WEB-INF lib symbolic links - deployer.symlink.create(deployer.mdict['pki_certsrv_jar'], + deployer.symlink.create( + deployer.mdict['pki_certsrv_jar'], deployer.mdict['pki_certsrv_jar_link']) - deployer.symlink.create(deployer.mdict['pki_cmsbundle'], + deployer.symlink.create( + deployer.mdict['pki_cmsbundle'], deployer.mdict['pki_cmsbundle_jar_link']) - deployer.symlink.create(deployer.mdict['pki_cmscore'], + deployer.symlink.create( + deployer.mdict['pki_cmscore'], deployer.mdict['pki_cmscore_jar_link']) - deployer.symlink.create(deployer.mdict['pki_cms'], + deployer.symlink.create( + deployer.mdict['pki_cms'], deployer.mdict['pki_cms_jar_link']) - deployer.symlink.create(deployer.mdict['pki_cmsutil'], + deployer.symlink.create( + deployer.mdict['pki_cmsutil'], deployer.mdict['pki_cmsutil_jar_link']) - deployer.symlink.create(deployer.mdict['pki_nsutil'], + deployer.symlink.create( + deployer.mdict['pki_nsutil'], deployer.mdict['pki_nsutil_jar_link']) if deployer.mdict['pki_subsystem'] == "CA": - deployer.symlink.create(deployer.mdict['pki_ca_jar'], - deployer.mdict['pki_ca_jar_link']) + deployer.symlink.create( + deployer.mdict['pki_ca_jar'], + deployer.mdict['pki_ca_jar_link']) elif deployer.mdict['pki_subsystem'] == "KRA": - deployer.symlink.create(deployer.mdict['pki_kra_jar'], - deployer.mdict['pki_kra_jar_link']) + deployer.symlink.create( + deployer.mdict['pki_kra_jar'], + deployer.mdict['pki_kra_jar_link']) elif deployer.mdict['pki_subsystem'] == "OCSP": - deployer.symlink.create(deployer.mdict['pki_ocsp_jar'], - deployer.mdict['pki_ocsp_jar_link']) + deployer.symlink.create( + deployer.mdict['pki_ocsp_jar'], + deployer.mdict['pki_ocsp_jar_link']) elif deployer.mdict['pki_subsystem'] == "TKS": - deployer.symlink.create(deployer.mdict['pki_tks_jar'], - deployer.mdict['pki_tks_jar_link']) + deployer.symlink.create( + deployer.mdict['pki_tks_jar'], + deployer.mdict['pki_tks_jar_link']) # set ownerships, permissions, and acls - deployer.directory.set_mode(deployer.mdict['pki_tomcat_webapps_subsystem_path']) + deployer.directory.set_mode( + deployer.mdict['pki_tomcat_webapps_subsystem_path']) # Copy web application context file - # from /usr/share/pki//conf/Catalina/localhost/.xml + # from /usr/share/pki//conf/Catalina/localhost/ + # .xml # to /conf/Catalina/localhost/.xml deployer.file.copy( os.path.join( @@ -155,8 +168,10 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): "localhost", deployer.mdict['pki_subsystem'].lower() + ".xml")) - # For subsystems other than TPS, delete /webapps/. + # For subsystems other than TPS, delete + # /webapps/. if deployer.mdict['pki_subsystem'] != "TPS": - deployer.directory.delete(deployer.mdict['pki_tomcat_webapps_subsystem_path']) + deployer.directory.delete( + deployer.mdict['pki_tomcat_webapps_subsystem_path']) return self.rv -- cgit