Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24009/adminserver/admserv/newinst/src
Modified Files:
ux-update.cc
Added Files:
admin.inf.in
Removed Files:
admin.inf
Log Message:
Resolves: bug 239502
Description: adminserver: autotools, FHS, and many bug fixes
Fix Description: 1) Added the admin.inf file, which contains information about the brand,
product name, vendor, build number, and other information. This gets put in an inf/
subdir of the ds datadir. The update program reads this information and updates the info
in the ISIE and SIE entries. This allows us to remove some of the branded code.
2) We need to set the cgisock path for mod_cgid and mod_restartd.
3) The update program needs to modify some http style conf file parameters. The config
CGI program already does this. I modified the config CGI program so that it could be run
from the command line and modify the parameters that the update program needs.
4) Removed lots of dead code from ux-update.cc. The way it works now is that the config
files are generated at build time, not at install time, so a lot of that logic could be
removed. We still need to update a few parameters at install time - see 3 above.
5) User can specify configdir, securitydir, logdir, and piddir in the setup.inf file at
install time, or can specify environment variables for those, or it will just use the
hardcoded values set at build time. This makes it work like the ds instance creation
code.
--- NEW FILE admin.inf.in ---
# BEGIN COPYRIGHT BLOCK
# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
# Copyright (C) 2005 Red Hat, Inc.
# All rights reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# END COPYRIGHT BLOCK
[General]
Name= Administration Server
[admin]
Name= @capbrand@ Administration Server
Brand= @capbrand@
Vendor=@vendor@
Version= @PACKAGE_VERSION@
NickName= admin
BuildNumber= @NQBUILD_NUM@
# the rest of these are obsolete, but left here for
# compatability with the old setuputil
Compatible= 1.0
Security= Domestic
Checked=True
Mandatory=True
UseLdap=True
SourcePath=admin
Archive= nsadmin.zip
PreInstall= ns-config
PostInstall= bin/admin/ns-update
PreUninstall= bin/admin/ns-remove
DefaultAcceptLanguage=en
StartProgram=start-admin
Index: ux-update.cc
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/ux-update.cc,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- ux-update.cc 11 May 2007 17:26:12 -0000 1.24
+++ ux-update.cc 15 May 2007 00:30:49 -0000 1.25
@@ -55,6 +55,10 @@
#include "config.h"
+#ifndef PKG_BRAND
+#define PKG_BRAND "Brand"
+#endif
+
static int set_locate_admserv_aci(Ldap *ldap);
static int repair_group_expansion_aci(Ldap *ldap);
@@ -66,8 +70,6 @@
const char *CHOWN_CMD = "chown -R %s %s >/dev/null 2>&1";
const char *CHGRP_CMD = "chgrp -R %s %s >/dev/null 2>&1";
-const char *SHARED_CHGRP_CMD = "chgrp -R %s %s/shared >/dev/null
2>&1";
-const char *SECALIAS_CHGRP_CMD = "chgrp -R %s %s/alias >/dev/null
2>&1";
const char *DEFAULT_ADMIN_CONFIG_ACI = "(targetattr=*)(version 3.0; acl
\"Enable delegated admin to access configuration\"; allow (read,search)
groupdn=\"ldap:///%s\";)";
@@ -205,94 +207,6 @@
return result;
}
-static char *get_value(const char * file, char * attr) {
- char cmd[1024];
- char buf[1024];
- FILE *fp;
-
- sprintf(cmd, "%s -V", file);
- fp = popen(cmd, "r");
-
- if (fp != NULL) {
- char *x, *t;
- while ((fgets(buf, sizeof(buf), fp)) > 0) {
- x = (char *)strstr(buf, attr);
- if (x) {
- t = (char *)strtok(buf, "\"");
- if (t) {
- t = (char *)strtok(NULL, "\"");
- if (t) {
- pclose(fp);
- return (char *)(strdup(t));
- }
- }
- }
- }
- }
- pclose(fp);
- return NULL;
-}
-
-static NSString
-findApacheRoot(const char *path)
-{
- char mypath[1024];
- struct stat st;
- char *v;
-
- v = get_value(path, "HTTPD_ROOT");
- if (v) {
- sprintf(mypath, "%s/modules", v);
- if (stat(mypath, &st) != 0) {
- return NULL;
- }
- }
-
- return v;
-}
-
-static char *get_version(const char * file) {
- char cmd[1024];
- char buf[1024];
- FILE *fp;
- const char *versstr = "Server version: Apache/";
-
- sprintf(cmd, "%s -v", file);
- fp = popen(cmd, "r");
-
- if (fp != NULL) {
- char *x, *t;
- while ((fgets(buf, sizeof(buf), fp)) > 0) {
- x = (char *)strstr(buf, versstr);
- if (x) {
- t = x + strlen(versstr);
- if (x = strchr(buf, '\n')) {
- *x = '\0';
- }
- pclose(fp);
- return (char *)(strdup(t));
- }
- }
- }
- pclose(fp);
- return NULL;
-}
-
-static NSString
-findApacheVersion(const char *dir)
-{
- struct stat st;
- char *v;
-
- if (stat(dir, &st) != 0) {
- return NULL;
- }
-
- v = get_version(dir);
-
- return v;
-}
-
void
configTasks(const Ldap *ldap, const char *datadir, const char *sieDN)
{
@@ -335,7 +249,7 @@
void
-start_admserv()
+start_admserv(char *piddir)
{
char pid[BIG_BUF];
char startProgram[BIG_BUF];
@@ -343,7 +257,7 @@
struct stat fi;
int ret;
- sprintf(pid, "%s/%s", PIDDIR, PIDFILE);
+ sprintf(pid, "%s/%s", piddir, PIDFILE);
tmpnam(startLog);
@@ -445,7 +359,7 @@
}
void
-create_admserv(char *hn)
+create_admserv(char *hn, char *piddir)
{
char httpuser[SML_BUF], httppw[SML_BUF];
char hosts[MED_BUF], addrs[MED_BUF];
@@ -455,9 +369,6 @@
char SSuser[SML_BUF];
char SSgroup[SML_BUF];
char ldapURL[MED_BUF];
- char apacheRoot[BIG_BUF];
- char apache[BIG_BUF];
- char apacheVersion[BIG_BUF];
struct stat st;
NSString hostip = InstUtil::getHostIpAddress(hn);
char serverAddress[SML_BUF];
@@ -467,48 +378,53 @@
const char *s;
char *ss;
NSString tmp;
- const char *adminBrand = "Fedora";
+ char configdir[BIG_BUF];
+ char securitydir[BIG_BUF];
+ char logdir[BIG_BUF];
if (NULL == adminInstallInfo) {
fatal_error("Admin Info is not set or invalid.", "",
"");
}
- // Get admin port from installInfo
- s = adminInstallInfo->get("Port");
+ s = adminInstallInfo->get("config_dir");
if (NULL == s) {
- fatal_error("InstallInfo: Admin Port \"Port\" is missing.",
"", "");
+ s = getenv("ADMSERV_CONF_DIR");
}
- port = atoi(s);
-
- s = adminInstallInfo->get("SysUser");
if (NULL == s) {
- fatal_error("InstallInfo: Admin System User \"SysUser\" is
missing.", "", "");
+ s = CONFIGDIR;
}
- strcpy(adminUser, s);
+ strcpy(configdir, s);
- s = adminInstallInfo->get("Apache");
+ s = adminInstallInfo->get("security_dir");
if (NULL == s) {
- fatal_error("InstallInfo: Apache path \"Apache\" is missing.",
"", "");
+ s = getenv("ADMSERV_CONF_DIR");;
}
- strcpy(apache, s);
+ if (NULL == s) {
+ s = SECURITYDIR;
+ }
+ strcpy(securitydir, s);
- s = adminInstallInfo->get("ApacheRoot");
- if (!s) {
- NSString ar = findApacheRoot(apache);
- strcpy(apacheRoot, (const char *)ar);
- } else {
- strcpy(apacheRoot, s);
+ s = adminInstallInfo->get("log_dir");
+ if (NULL == s) {
+ s = getenv("ADMSERV_LOG_DIR");;
}
+ if (NULL == s) {
+ s = LOGDIR;
+ }
+ strcpy(logdir, s);
- if (stat(apache, &st) != 0) {
- fatal_error("Can't find Apache in %s", apache, NULL);
+ // Get admin port from installInfo
+ s = adminInstallInfo->get("Port");
+ if (NULL == s) {
+ fatal_error("InstallInfo: Admin Port \"Port\" is missing.",
"", "");
}
+ port = atoi(s);
- apacheVersion[0] = '\0';
- tmp = findApacheVersion(apache);
- if ((const char*)tmp) {
- strcpy(apacheVersion, (const char *)tmp);
+ s = adminInstallInfo->get("SysUser");
+ if (NULL == s) {
+ fatal_error("InstallInfo: Admin System User \"SysUser\" is
missing.", "", "");
}
+ strcpy(adminUser, s);
s = installInfo->get(SS_USER_ID);
if (NULL == s) {
@@ -604,25 +520,20 @@
}
else
{
- installLog->logMessage(INFO, "Admin", "Writing configuration data
to %s", CONFIGDIR);
+ installLog->logMessage(INFO, "Admin", "Writing configuration data
to %s", configdir);
}
- /* create key/cert db dir */
- if ((mkdir(dir, 0750) == -1) && (errno != EEXIST))
+ if ((mkdir(dir, 0700) == -1) && (errno != EEXIST))
{
fatal_error("Can't create directory %s (error: %s)", dir,
system_errmsg());
}
- /* make sure the config directory is owned by the ssuser */
- sprintf(tstr, "%s", CONFIGDIR);
- chown_file(SSuser, SSgroup, tstr);
-
/*
* Write new admpw.
*/
/* MLM - this should actually do more httpconf type of stuff
* (maybe an admconf.c?) */
- sprintf(tstr, "%s/admpw", CONFIGDIR);
+ sprintf(tstr, "%s/admpw", configdir);
if (!(f = fopen(tstr, "w")))
{
fatal_error("Can't write to %s (error: %s)", tstr, system_errmsg());
@@ -632,7 +543,6 @@
fprintf(f, "%s:{SHA}%s", httpuser, pw);
fclose(f);
chmod(tstr, S_IRUSR | S_IWUSR);
- chown_file(SSuser, SSgroup, tstr);
hexp = make_shexp(hosts);
aexp = make_shexp(addrs);
@@ -661,10 +571,10 @@
if (installMode == Interactive)
printf("Changing ownership to admin user %s...\n", adminUser);
- admin_chown(CONFIGDIR, tuid, adminUser, tgid, tgp->gr_name);
- admin_chown(SECURITYDIR, tuid, adminUser, tgid, tgp->gr_name);
- admin_chown(LOGDIR, tuid, adminUser, tgid, tgp->gr_name);
- sprintf(tstr, "%s/%s", PIDDIR, PIDFILE);
+ admin_chown(configdir, tuid, adminUser, tgid, tgp->gr_name);
+ admin_chown(securitydir, tuid, adminUser, tgid, tgp->gr_name);
+ admin_chown(logdir, tuid, adminUser, tgid, tgp->gr_name);
+ sprintf(tstr, "%s/%s", piddir, PIDFILE);
admin_chown(tstr, tuid, adminUser, tgid, tgp->gr_name);
#ifdef HPUX
@@ -681,17 +591,6 @@
}
- {
- /*
- * This is ok because running user is either root or part of the
- * SSgroup
- */
- sprintf(tstr, SHARED_CHGRP_CMD, SSgroup, CONFIGDIR);
- system(tstr);
- sprintf(tstr, SECALIAS_CHGRP_CMD, SSgroup, CONFIGDIR);
- system(tstr);
- }
-
////////////////////////////////////////////////////////////////
// Now everything seems to be OKAY, install SIE for admin-server
////////////////////////////////////////////////////////////////
@@ -721,7 +620,7 @@
LdapEntry *configEntry = new LdapEntry(&ldap);
// Check if there's already an SIE for this Admin
- sprintf(tstr, "%s/adm.conf", CONFIGDIR);
+ sprintf(tstr, "%s/adm.conf", configdir);
NVPair admConf;
admConf.setFormat(2);
admConf.read(tstr);
@@ -738,14 +637,16 @@
}
}
- sprintf(tstr, "%s/%s/admin/admin.inf", CONFIGDIR, SETUP_DIR);
+ sprintf(tstr, "%s/admin.inf", INFDIR);
NVPair adminInf(tstr);
NVPair *adminInfo = adminInf.getSection("admin");
+ const char *adminBrand = adminInfo->get(PKG_BRAND);
+ const char *adminName = adminInfo->get(PKG_NAME);
appEntry->addAttribute("objectclass","top");
appEntry->addAttribute("objectclass","nsApplication");
- appEntry->setAttribute("cn", "Fedora Administration Server");
+ appEntry->setAttribute("cn", adminName);
appEntry->addAttribute("nsVendor", adminInfo->get(PKG_VENDOR));
appEntry->addAttribute("description",
adminInfo->get(PKG_DESCRIPTION));
@@ -754,7 +655,7 @@
appEntry->addAttribute("nsProductVersion",
adminInfo->get(PKG_VERSION));
appEntry->addAttribute("nsBuildNumber",
adminInfo->get(PKG_BUILDNUMBER));
appEntry->addAttribute("nsRevisionNumber",
adminInfo->get(PKG_REVISION));
- appEntry->addAttribute("nsInstalledLocation", CONFIGDIR);
+ appEntry->addAttribute("nsInstalledLocation", configdir);
adminInfo->stampTime();
appEntry->addAttribute("installationTimeStamp",
adminInfo->timeStamp());
@@ -763,7 +664,6 @@
appEntry->addAttribute("nsServerMigrationClassName",
"com.netscape.management.admserv.AdminServerProduct(a)fedora-admserv-1.0.jar");
sieEntry->clear();
-
/*
* set password expiration to some later date so
@@ -803,10 +703,10 @@
sieEntry->addAttribute("nsServerId", "admin-serv");
sieEntry->addAttribute("userPassword", httppw);
sieEntry->addAttribute("serverHostName", hn);
- sieEntry->addAttribute("serverRoot", CONFIGDIR);
- sieEntry->addAttribute("serverProductName", "Administration
Server");
+ sieEntry->addAttribute("serverRoot", configdir);
+ sieEntry->addAttribute("serverProductName", adminName);
- ldapError = createSIE(sieEntry, appEntry, hn, CONFIGDIR, adminDomain, adminBrand);
+ ldapError = createSIE(sieEntry, appEntry, hn, configdir, adminDomain, adminBrand);
sieDN = sieEntry->entryDN();
isieDN = appEntry->entryDN();
@@ -820,7 +720,7 @@
NSString configTaskDN, opTaskDN;
- // Write configuration parameters (see ns-admin-schema.conf)
+ // Write configuration parameters
configDN = NSString("cn=configuration") + LDAP_PATHSEP + sieDN;
sprintf(dir, "%d", port);
@@ -833,14 +733,14 @@
configEntry->addAttribute("objectclass", "nsConfig");
configEntry->addAttribute("objectclass", "nsAdminConfig");
configEntry->addAttribute("objectclass", "nsAdminObject");
- configEntry->addAttribute ("cn", "Configuration");
+ configEntry->addAttribute("cn", "Configuration");
- configEntry->addAttribute ("nsServerPort", dir);
- configEntry->addAttribute ("nsSuiteSpotUser", adminUser);
- configEntry->addAttribute ("nsServerAddress", serverAddress);
+ configEntry->addAttribute("nsServerPort", dir);
+ configEntry->addAttribute("nsSuiteSpotUser", adminUser);
+ configEntry->addAttribute("nsServerAddress", serverAddress);
- configEntry->addAttribute ("nsAdminEnableEnduser", "on");
- configEntry->addAttribute ("nsAdminEnableDSGW", "on");
+ configEntry->addAttribute("nsAdminEnableEnduser", "on");
+ configEntry->addAttribute("nsAdminEnableDSGW", "on");
/*
* Mandatory fields here
@@ -848,10 +748,10 @@
configEntry->addAttribute("objectclass",
"nsDirectoryInfo");
configEntry->setAttribute("nsDirectoryInfoRef", userDirRef);
- configEntry->addAttribute ("nsAdminUsers",
"admin-serv/config/admpw");
- configEntry->addAttribute ("nsErrorLog",
"admin-serv/logs/error");
- configEntry->addAttribute ("nsPidLog",
"admin-serv/logs/pid");
- configEntry->addAttribute
("nsAccessLog","admin-serv/logs/access");
+ configEntry->addAttribute ("nsAdminUsers", "admpw"); /*
relative to CONFIGDIR */
+ configEntry->addAttribute ("nsErrorLog", "error"); /*
relative to LOGDIR */
+ configEntry->addAttribute ("nsPidLog", PIDFILE); /* relative to
PIDDIR */
+ configEntry->addAttribute ("nsAccessLog", "access"); /*
relative to LOGDIR */
configEntry->addAttribute ("nsAdminCacheLifetime", "600");
if (hosts[0])
@@ -864,11 +764,6 @@
sprintf(tstr, DEFAULT_ADMIN_CONFIG_ACI, userDirRef);
configEntry->addAttribute("aci",tstr);
- /*
- * Don't set this value - absent is default
- * configEntry->addAttribute ("nsAdminEnableDsgw",
- */
-
configEntry->addAttribute ("nsDefaultAcceptLanguage",
adminInfo->get(PKG_DEFAULT_LANGUAGE));
sprintf(tstr,
"com.netscape.management.admserv.AdminServer@fedora-admserv-1.0.jar(a)%s",
sieDN.data());
@@ -916,15 +811,17 @@
/*
***************************************************************
- * Write new adm.conf (new for Admin40)
+ * Write new adm.conf
***************************************************************
*/
admConf.set("ldapurl", installInfo->get(CONFIG_LDAP_URL));
admConf.set("sie", sieDN.data());
admConf.set("userdn", ldap.rebindDN());
admConf.set("isie", isieDN.data());
- admConf.set("sysuser", SSuser);
+ admConf.set("sysuser", adminUser);
admConf.set("sysgroup", SSgroup);
+ admConf.set(SS_USER_ID, SSuser);
+ admConf.set(SS_GROUP, SSgroup);
admConf.set(DS_ADMIN_DOMAIN, adminDomain.data());
if (ldapStart == NULL)
@@ -950,21 +847,41 @@
admConf.set("ldapStart", ldapStart);
}
- sprintf(tstr, "%s/adm.conf", CONFIGDIR);
+ sprintf(tstr, "%s/adm.conf", configdir);
admConf.setFormat(2);
admConf.write(tstr);
chmod(tstr, S_IRUSR | S_IWUSR);
- chown_file(SSuser, SSgroup, tstr);
{
// Generating local.conf
int error_code = 0;
- snprintf(tstr, sizeof(tstr), "%s", CONFIGDIR);
- PsetHndl pset = psetCreate("admin-serv", (char *)tstr,
+ PsetHndl pset = psetCreate("admin-serv", configdir,
(char *)ldap.rebindDN(), httppw,
&error_code);
}
+
+ /* update other config files - these are the fields which users typically want to
+ change during an install or an upgrade, that also must be synced to the Apache
+ style config files - we use the config CGI in command line mode because it
+ already has all of the logic to update the files correctly */
+ NSString configcmdline = CGIBINDIR;
+ configcmdline = configcmdline + "/";
+ configcmdline = configcmdline + "config";
+ configcmdline = configcmdline + " configuration.nsServerAddress=\"";
+ configcmdline = configcmdline + serverAddress;
+ configcmdline = configcmdline + "\"
configuration.nsServerPort=\"";
+ sprintf(dir, "%d", port);
+ configcmdline = configcmdline + dir;
+ configcmdline = configcmdline + "\"
configuration.nsSuiteSpotUser=\"";
+ configcmdline = configcmdline + adminUser;
+ configcmdline = configcmdline + "\"";
+ int rc = system(configcmdline.data());
+ if (rc) {
+ sprintf(dir, "%d", errno);
+ fatal_error("ERROR: [%s] errno [%d]", configcmdline.data(), dir);
+ }
+
}
@@ -1158,9 +1075,19 @@
}
strcpy(hn, machine_name);
- create_admserv(hn);
+ const char *s = adminInstallInfo->get("run_dir");
+ if (NULL == s) {
+ s = getenv("ADMSERV_PID_DIR");
+ }
+ if (NULL == s) {
+ s = PIDDIR;
+ }
+ char piddir[BIG_BUF];
+ strcpy(piddir, s);
+
+ create_admserv(hn, piddir);
- start_admserv();
+ start_admserv(piddir);
installLog->logMessage(SUCCESS, "Admin", "Administration Server
post-configuration");
--- admin.inf DELETED ---