summaryrefslogtreecommitdiffstats
path: root/scripts/build_dogtag_pki
blob: 5a63a692fdaf46bfbde46c9a40fe6e6663b86614 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
#!/bin/bash
# BEGIN COPYRIGHT BLOCK
# (C) 2011 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK

# Always switch into the base directory three levels
# above this shell script prior to executing it so
# that all of its output is written to this directory
cd `dirname $0`/../..

# Retrieve the name of this base directory
PKI_PWD=`pwd`

# Establish the name of the machine
PKI_HOSTNAME=`hostname`

# Set pre-defined variables
PKI_DIR="pki"
PKI_FLAVOR="dogtag"
PKI_SCRIPTS_DIR="scripts"
ROOT_UID=0

# This script may ONLY be run on Linux!
PKI_OS=`uname`
if [ "${PKI_OS}" != "Linux" ]; then
    printf "The '$0' script is ONLY executable\n"
    printf "on a 'Linux' machine!\n"
    exit 255
fi
PKI_ARCH=`uname -p`
NOARCH="noarch"

# Set packaging variables
RPM_EXE="/bin/rpm"
YUM_EXE="/usr/bin/yum"
YUM_EXE_OPTIONS="-y --nogpgcheck install"
RPM_DIR="RPMS"
RPM_EXT="-[0-9]*.rpm"
COMBINED="combined"

# Set sudo variables
PKI_SUDO="/usr/bin/sudo"
PKI_SUDOERS="/etc/sudoers"

# Set user identity variables
PKI_EUID=`/usr/bin/id -u`
PKI_UID=`/usr/bin/id -ur`
PKI_USERNAME=`/usr/bin/id -un`

# Make sure that this script is NOT being run as root!
if [ ${PKI_UID} -eq ${ROOT_UID} ] ||
   [ ${PKI_EUID} -eq ${ROOT_UID} ]; then
    printf "The '$0' script may NOT be run as root!\n"
    exit 255
fi

# Check for the presence of the 'sudo' executable
if [ ! -x "${PKI_SUDO}" ]; then
    printf "The '$0' script requires the '${PKI_SUDO}' executable\n"
    printf "to be available on '${PKI_HOSTNAME}'!\n"
    exit 255
fi

# Check for the presence of the 'sudoers' file
if [ ! -e "${PKI_SUDOERS}" ]; then
    printf "The '$0' script requires the '${PKI_SUDOERS}' file\n"
    printf "to be available on '${PKI_HOSTNAME}'!\n"
    exit 255
fi

# Check for the presence of the required sudoers command(s)
PKI_SUDOERS_COMMAND="(root) NOPASSWD: ALL"
PKI_SUDOERS_LINE="${PKI_USERNAME}  NOPASSWD: ALL"
PKI_SUDOERS_RPM_COMMAND="(root) NOPASSWD: ${RPM_EXE}"
PKI_SUDOERS_RPM_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${RPM_EXE}"
PKI_SUDOERS_YUM_COMMAND="(root) NOPASSWD: ${YUM_EXE}"
PKI_SUDOERS_YUM_LINE="${PKI_USERNAME}  ALL = NOPASSWD: ${YUM_EXE}"
printf "Checking if '${PKI_USERNAME}' has the appropriate '${PKI_SUDO}' permissions . . .\n"
printf "[NOTE:  A password prompt may appear requiring ${PKI_USERNAME}'s password.]\n"
# NOTE:  If 'ALL' commands are NOT sudo enabled, then at least BOTH
#        of the 'RPM' and 'YUM' commands MUST be sudo enabled!
`${PKI_SUDO} -l | grep "${PKI_SUDOERS_COMMAND}" > /dev/null 2>&1`
if [ $? -ne 0 ]; then
    sudo_commands=2
    `${PKI_SUDO} -l | grep "${PKI_SUDOERS_RPM_COMMAND}" > /dev/null 2>&1`
    if [ $? -ne 0 ]; then
        sudo_commands=`expr ${sudo_commands} - 1`
    fi
    `${PKI_SUDO} -l | grep "${PKI_SUDOERS_YUM_COMMAND}" > /dev/null 2>&1`
    if [ $? -ne 0 ]; then
        sudo_commands=`expr ${sudo_commands} - 1`
    fi
    if [ ${sudo_commands} -ne 2 ]; then
        printf "The '$0' script requires that the\n"
        printf "'${PKI_SUDOERS}' file MUST contain BOTH of these lines:\n\n"
        printf "    '${PKI_SUDOERS_RPM_LINE}'\n"
        printf "    '${PKI_SUDOERS_YUM_LINE}'\n\n"
        exit 255
    fi
fi

# Set 'composition scripts' variables
PKI_COMPOSE_SCRIPTS_DIR="${PKI_PWD}/${PKI_DIR}/${PKI_SCRIPTS_DIR}"
COMPOSE_DOGTAG_PKI_THEME_PACKAGES="compose_dogtag_pki_theme_packages"
COMPOSE_PKI_CORE_PACKAGES="compose_pki_core_packages"
COMPOSE_PKI_RA_PACKAGES="compose_pki_ra_packages"
COMPOSE_PKI_TPS_PACKAGES="compose_pki_tps_packages"
COMPOSE_PKI_CONSOLE_PACKAGES="compose_pki_console_packages"

# Establish 'packages' directories variables
PKI_PACKAGES_DIR="${PKI_PWD}/packages"
PKI_DOGTAG_THEME_PACKAGES_DIR="${PKI_PWD}/packages.dogtag_theme"
PKI_CORE_PACKAGES_DIR="${PKI_PWD}/packages.core"
PKI_RA_PACKAGES_DIR="${PKI_PWD}/packages.ra"
PKI_TPS_PACKAGES_DIR="${PKI_PWD}/packages.tps"
PKI_CONSOLE_PACKAGES_DIR="${PKI_PWD}/packages.console"

# Establish PKI theme package names
PKI_SERVER_THEME=${PKI_FLAVOR}-pki-server-theme${RPM_EXT}
PKI_CA_THEME=${PKI_FLAVOR}-pki-ca-theme${RPM_EXT}
PKI_KRA_THEME=${PKI_FLAVOR}-pki-kra-theme${RPM_EXT}
PKI_OCSP_THEME=${PKI_FLAVOR}-pki-ocsp-theme${RPM_EXT}
PKI_RA_THEME=${PKI_FLAVOR}-pki-ra-theme${RPM_EXT}
PKI_TKS_THEME=${PKI_FLAVOR}-pki-tks-theme${RPM_EXT}
PKI_TPS_THEME=${PKI_FLAVOR}-pki-tps-theme${RPM_EXT}
PKI_CONSOLE_THEME=${PKI_FLAVOR}-pki-console-theme${RPM_EXT}

# Establish PKI core package names
PKI_SYMKEY=pki-symkey${RPM_EXT}
PKI_BASE=pki-base${RPM_EXT}
PKI_JAVADOC=pki-javadoc${RPM_EXT}
PKI_TOOLS=pki-tools${RPM_EXT}
PKI_SERVER=pki-server${RPM_EXT}
PKI_SELINUX=pki-selinux${RPM_EXT}
PKI_CA=pki-ca${RPM_EXT}
PKI_KRA=pki-kra${RPM_EXT}
PKI_OCSP=pki-ocsp${RPM_EXT}
PKI_TKS=pki-tks${RPM_EXT}

# Establish PKI ra package names
PKI_RA=pki-ra${RPM_EXT}

# Establish PKI tps package names
PKI_TPS=pki-tps${RPM_EXT}

# Establish PKI console package names
PKI_CONSOLE=pki-console${RPM_EXT}

# Always start with new package directories
rm -rf ${PKI_PACKAGES_DIR}
rm -rf ${PKI_DOGTAG_THEME_PACKAGES_DIR}
rm -rf ${PKI_CORE_PACKAGES_DIR}
rm -rf ${PKI_RA_PACKAGES_DIR}
rm -rf ${PKI_TPS_PACKAGES_DIR}
rm -rf ${PKI_CONSOLE_PACKAGES_DIR}

# Compose and install 'dogtag-pki-theme' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_DOGTAG_PKI_THEME_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_DOGTAG_THEME_PACKAGES_DIR}
cd ${PKI_DOGTAG_THEME_PACKAGES_DIR}/${RPM_DIR}/${NOARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_SERVER_THEME} ${PKI_CA_THEME} ${PKI_KRA_THEME} ${PKI_OCSP_THEME} ${PKI_RA_THEME} ${PKI_TKS_THEME} ${PKI_TPS_THEME} ${PKI_CONSOLE_THEME}

# Compose and install 'pki-core' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_CORE_PACKAGES} hybrid_rpms
mv ${PKI_PACKAGES_DIR} ${PKI_CORE_PACKAGES_DIR}
cd ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}
mkdir -p ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}/${COMBINED}
cp -p ${NOARCH}/*.rpm ${PKI_ARCH}/*.rpm ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}/${COMBINED}
cd ${PKI_CORE_PACKAGES_DIR}/${RPM_DIR}/${COMBINED}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_SYMKEY} ${PKI_BASE} ${PKI_JAVADOC} ${PKI_TOOLS} ${PKI_SERVER} ${PKI_SELINUX} ${PKI_CA} ${PKI_KRA} ${PKI_OCSP} ${PKI_TKS}

# Compose and install 'pki-ra' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_RA_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_RA_PACKAGES_DIR}
cd ${PKI_RA_PACKAGES_DIR}/${RPM_DIR}/${NOARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_RA}

# Compose and install 'pki-tps' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_TPS_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_TPS_PACKAGES_DIR}
cd ${PKI_TPS_PACKAGES_DIR}/${RPM_DIR}/${PKI_ARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_TPS}

# Compose and install 'pki-console' packages
cd ${PKI_PWD}
${PKI_COMPOSE_SCRIPTS_DIR}/${COMPOSE_PKI_CONSOLE_PACKAGES} rpms
mv ${PKI_PACKAGES_DIR} ${PKI_CONSOLE_PACKAGES_DIR}
cd ${PKI_CONSOLE_PACKAGES_DIR}/${RPM_DIR}/${NOARCH}
${PKI_SUDO} ${YUM_EXE} ${YUM_EXE_OPTIONS} ${PKI_CONSOLE}