3:09 p.m.
These two patches have changes on the dogtag side to allow debian to
start up a dogtag CA. Along with some debian specific patches which
will be kept with the debian repo, we can now pkispawn and run a Dogtag
10 CA on debian!
Please review,
Ade
Patch 179:
Debian: add init script functionality
The addtions in this patch will add start/stop/restart
functionality to operations, so that Debian systems can perform
these operations by calling these functions from an init script.
We also introduce a parameter in the configuration scripts that
can be used to determine if the system is a debian system. This
parameter is used to specify a system V init script instead of
a systemd script on a debian system, when the configuration
scriptlets start and stop a system.
Also source apparently does not work by default in debian. Used
dot (.) instead.
Patch 178:
Debian - replace arch specification
uname -i returns "unknown" on a debian system. "arch" on the
other
hand works for fedora, rhel and debian. Replacing these for all
packages except for the migration ones which will not be built on
debian in any case.
9:21 p.m.
On 01/03/14 13:09, Ade Lee wrote:
These two patches have changes on the dogtag side to allow debian to
start up a dogtag CA. Along with some debian specific patches which
will be kept with the debian repo, we can now pkispawn and run a Dogtag
10 CA on debian!
Please review,
Ade
Patch 179:
Debian: add init script functionality
The addtions in this patch will add start/stop/restart
functionality to operations, so that Debian systems can perform
these operations by calling these functions from an init script.
We also introduce a parameter in the configuration scripts that
can be used to determine if the system is a debian system. This
parameter is used to specify a system V init script instead of
a systemd script on a debian system, when the configuration
scriptlets start and stop a system.
Also source apparently does not work by default in debian. Used
dot (.) instead.
Patch 178:
Debian - replace arch specification
uname -i returns "unknown" on a debian system. "arch" on the
other
hand works for fedora, rhel and debian. Replacing these for all
packages except for the migration ones which will not be built on
debian in any case.
_______________________________________________
Pki-devel mailing list
Pki-devel(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-devel
(1) While I was unable to
configure a Debian machine appropriate to
check out these fixes, I did successfully install the patches and
successfully build from source on a Fedora 20 x86_64 machine.
However, when I attempted to install a CA instance using 'pkispawn -s CA
-f /tmp/pki/ca.cfg', I received the following error:
...
pkispawn : INFO ....... executing 'certutil -N -d
/root/.dogtag/pki-tomcat/ca/alias -f
/root/.dogtag/pki-tomcat/ca/password.conf'
pkispawn : INFO ....... executing 'systemctl start
pki-tomcatd(a)pki-tomcat.service'
Job for pki-tomcatd(a)pki-tomcat.service failed. See 'systemctl status
pki-tomcatd(a)pki-tomcat.service' and 'journalctl -xn' for details.
pkispawn : ERROR ....... subprocess.CalledProcessError:
Command '['systemctl', 'start',
'pki-tomcatd(a)pki-tomcat.service']'
returned non-zero exit status 1!
pkispawn : DEBUG ....... Error Type: CalledProcessError
pkispawn : DEBUG ....... Error Message: Command '['systemctl',
'start', 'pki-tomcatd(a)pki-tomcat.service']' returned non-zero
exit
status 1
pkispawn : DEBUG ....... File "/sbin/pkispawn", line 463, in
main
rv = instance.spawn(deployer)
File
"/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/configuration.py",
line 97, in spawn
deployer.systemd.start()
File
"/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py",
line 3088, in start
subprocess.check_call(command)
File "/usr/lib64/python2.7/subprocess.py", line 542, in check_call
raise CalledProcessError(retcode, cmd)
Installation failed.
# systemctl status -l pki-tomcatd(a)pki-tomcat.service
pki-tomcatd(a)pki-tomcat.service - PKI Tomcat Server pki-tomcat
Loaded: loaded (/usr/lib/systemd/system/pki-tomcatd@.service;
enabled)
Active: failed (Result: exit-code) since Fri 2014-01-03 18:59:42
PST; 6min ago
Process: 21904 ExecStartPre=/usr/bin/pkidaemon start tomcat %i
(code=exited, status=1/FAILURE)
Jan 03 18:59:40 dogtag20.example.com systemd[1]: Starting PKI Tomcat
Server pki-tomcat...
Jan 03 18:59:42 dogtag20.example.com pkidaemon[21904]: WARNING:
Attempting to change symbolic link '/var/lib/pki/pki-tomcat/bin' to
point to target '/usr/share/tomcat7/bin' INSTEAD of current target
'/usr/share/tomcat/bin'!
Jan 03 18:59:42 dogtag20.example.com systemd[1]:
pki-tomcatd(a)pki-tomcat.service: control process exited, code=exited
status=1
Jan 03 18:59:42 dogtag20.example.com systemd[1]: Failed to start PKI
Tomcat Server pki-tomcat.
Jan 03 18:59:42 dogtag20.example.com systemd[1]: Unit
pki-tomcatd(a)pki-tomcat.service entered failed state.
# journalctl -xn
-- Logs begin at Wed 2013-07-10 14:02:40 PDT, end at Fri 2014-01-03
19:08:02 PST
Jan 03 19:06:01 dogtag20.example.com systemd[1]: Starting Session
21094 o
-- Subject: Unit session-21094.scope has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21094.scope has begun starting up.
Jan 03 19:06:01 dogtag20.example.com systemd[1]: Started Session
21094 of
-- Subject: Unit session-21094.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21094.scope has finished starting up.
--
-- The start-up result is done.
Jan 03 19:06:03 dogtag20.example.com CROND[21984]: (root) CMD
(/usr/bin/r
Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]: dbus[493]:
[system
Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system] Activating
via s
Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system] Activation
via s
Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]: dbus[493]:
[system
Jan 03 19:08:01 dogtag20.example.com systemd[1]: Starting Session
21095 o
-- Subject: Unit session-21095.scope has begun with start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21095.scope has begun starting up.
Jan 03 19:08:01 dogtag20.example.com systemd[1]: Started Session
21095 of
-- Subject: Unit session-21095.scope has finished start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21095.scope has finished starting up.
--
-- The start-up result is done.
Jan 03 19:08:02 dogtag20.example.com CROND[21995]: (root) CMD
(/usr/bin/r
(2) One concern that I can see from reviewing the code appears that the
'stop' and 'restart' commands will still not work on Debian, as the
entry point which comes from 'pkidaemon' will utilize the '*' option
which will yield the following messages:
unknown action (stop)
Usage: /usr/bin/pkidaemon {start|stop|restart|status} instance-type
[instance-name]
...
unknown action (restart)
Usage: /usr/bin/pkidaemon {start|stop|restart|status} instance-type
[instance-name]
...
NOTE: These commands SHOULD yield this on Fedora systems, but NOT
on Debian systems.
(3) Finally, the following white spaces were present in your patches
when they were applied:
# git am ../*.patch
Applying: Debian - replace arch specification
Applying: Debian: add init script functionality
/home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:18: trailing
whitespace.
/home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:61: trailing
whitespace.
command = ["/etc/init.d/pki-tomcatd", "stop",
/home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:76: trailing
whitespace.
command = ["/etc/init.d/pki-tomcatd", "restart",
warning: 3 lines add whitespace errors.
11:46 p.m.
New patch attached addressing the problems below. Also fixed "status"
on debian to print out the config details when the process is running.
See more details below:
On Fri, 2014-01-03 at 19:21 -0800, Matthew Harmsen wrote:
On 01/03/14 13:09, Ade Lee wrote:
> These two patches have changes on the dogtag side to allow debian to
> start up a dogtag CA. Along with some debian specific patches which
> will be kept with the debian repo, we can now pkispawn and run a Dogtag
> 10 CA on debian!
>
> Please review,
> Ade
>
> Patch 179:
>
> Debian: add init script functionality
>
> The addtions in this patch will add start/stop/restart
> functionality to operations, so that Debian systems can perform
> these operations by calling these functions from an init script.
>
> We also introduce a parameter in the configuration scripts that
> can be used to determine if the system is a debian system. This
> parameter is used to specify a system V init script instead of
> a systemd script on a debian system, when the configuration
> scriptlets start and stop a system.
>
> Also source apparently does not work by default in debian. Used
> dot (.) instead.
>
> Patch 178:
>
> Debian - replace arch specification
>
> uname -i returns "unknown" on a debian system. "arch" on the
other
> hand works for fedora, rhel and debian. Replacing these for all
> packages except for the migration ones which will not be built on
> debian in any case.
>
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel(a)redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
(1) While I was unable to configure a Debian machine appropriate to
check out these fixes, I did successfully install the patches and
successfully build from source on a Fedora 20 x86_64 machine.
However, when I attempted to install a CA instance using 'pkispawn -s
CA -f /tmp/pki/ca.cfg', I received the following error:
...
pkispawn : INFO ....... executing 'certutil -N
-d /root/.dogtag/pki-tomcat/ca/alias
-f /root/.dogtag/pki-tomcat/ca/password.conf'
pkispawn : INFO ....... executing 'systemctl start
pki-tomcatd(a)pki-tomcat.service'
Job for pki-tomcatd(a)pki-tomcat.service failed. See 'systemctl
status pki-tomcatd(a)pki-tomcat.service' and 'journalctl -xn'
for details.
pkispawn : ERROR ....... subprocess.CalledProcessError:
Command '['systemctl', 'start',
'pki-tomcatd(a)pki-tomcat.service']' returned non-zero exit
status 1!
pkispawn : DEBUG ....... Error Type: CalledProcessError
pkispawn : DEBUG ....... Error Message: Command
'['systemctl', 'start',
'pki-tomcatd(a)pki-tomcat.service']'
returned non-zero exit status 1
pkispawn : DEBUG ....... File "/sbin/pkispawn", line
463, in main
rv = instance.spawn(deployer)
File
"/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/configuration.py",
line 97, in spawn
deployer.systemd.start()
File
"/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py",
line 3088, in start
subprocess.check_call(command)
File "/usr/lib64/python2.7/subprocess.py", line 542, in
check_call
raise CalledProcessError(retcode, cmd)
Installation failed.
# systemctl status -l pki-tomcatd(a)pki-tomcat.service
pki-tomcatd(a)pki-tomcat.service - PKI Tomcat Server pki-tomcat
Loaded: loaded
(/usr/lib/systemd/system/pki-tomcatd@.service; enabled)
Active: failed (Result: exit-code) since Fri 2014-01-03
18:59:42 PST; 6min ago
Process: 21904 ExecStartPre=/usr/bin/pkidaemon start tomcat
%i (code=exited, status=1/FAILURE)
Jan 03 18:59:40 dogtag20.example.com systemd[1]: Starting PKI
Tomcat Server pki-tomcat...
Jan 03 18:59:42 dogtag20.example.com pkidaemon[21904]:
WARNING: Attempting to change symbolic link
'/var/lib/pki/pki-tomcat/bin' to point to target
'/usr/share/tomcat7/bin' INSTEAD of current target
'/usr/share/tomcat/bin'!
Jan 03 18:59:42 dogtag20.example.com systemd[1]:
pki-tomcatd(a)pki-tomcat.service: control process exited,
code=exited status=1
Jan 03 18:59:42 dogtag20.example.com systemd[1]: Failed to
start PKI Tomcat Server pki-tomcat.
Jan 03 18:59:42 dogtag20.example.com systemd[1]: Unit
pki-tomcatd(a)pki-tomcat.service entered failed state.
# journalctl -xn
-- Logs begin at Wed 2013-07-10 14:02:40 PDT, end at Fri
2014-01-03 19:08:02 PST
Jan 03 19:06:01 dogtag20.example.com systemd[1]: Starting
Session 21094 o
-- Subject: Unit session-21094.scope has begun with start-up
-- Defined-By: systemd
-- Support:
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21094.scope has begun starting up.
Jan 03 19:06:01 dogtag20.example.com systemd[1]: Started
Session 21094 of
-- Subject: Unit session-21094.scope has finished start-up
-- Defined-By: systemd
-- Support:
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21094.scope has finished starting up.
--
-- The start-up result is done.
Jan 03 19:06:03 dogtag20.example.com CROND[21984]: (root) CMD
(/usr/bin/r
Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]:
dbus[493]: [system
Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system]
Activating via s
Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system]
Activation via s
Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]:
dbus[493]: [system
Jan 03 19:08:01 dogtag20.example.com systemd[1]: Starting
Session 21095 o
-- Subject: Unit session-21095.scope has begun with start-up
-- Defined-By: systemd
-- Support:
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21095.scope has begun starting up.
Jan 03 19:08:01 dogtag20.example.com systemd[1]: Started
Session 21095 of
-- Subject: Unit session-21095.scope has finished start-up
-- Defined-By: systemd
-- Support:
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-21095.scope has finished starting up.
--
-- The start-up result is done.
Jan 03 19:08:02 dogtag20.example.com CROND[21995]: (root) CMD
(/usr/bin/r
Fixed this. The problem was partly that $debian was not defined as
false by default, and partly because of using set -e, causing the script
to exit unexpectedly. The set -e invocations have been removed.
(2) One concern that I can see from reviewing the code appears that
the 'stop' and 'restart' commands will still not work on Debian, as
the entry point which comes from 'pkidaemon' will utilize the '*'
option which will yield the following messages:
unknown action (stop)
Usage: /usr/bin/pkidaemon {start|stop|restart|status}
instance-type [instance-name]
...
unknown action (restart)
Usage: /usr/bin/pkidaemon {start|stop|restart|status}
instance-type [instance-name]
...
NOTE: These commands SHOULD yield this on Fedora systems, but
NOT on Debian systems.
Actually, this did work on debian because in the init script, I did not
invoke pkidaemon. Rather, I sourced operations directly. The check
that you are referring to is in pkidaemon - and having not been sourced
is never encountered.
To be more consistent though, I have simply added the relevant logic to
pkidaemon.
(3) Finally, the following white spaces were present in your patches
when they were applied:
# git am ../*.patch
Applying: Debian - replace arch specification
Applying: Debian: add init script functionality
/home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:18:
trailing whitespace.
/home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:61:
trailing whitespace.
command = ["/etc/init.d/pki-tomcatd", "stop",
/home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:76:
trailing whitespace.
command = ["/etc/init.d/pki-tomcatd",
"restart",
warning: 3 lines add whitespace errors.
Fixed.
4:26 p.m.
ACK
On 01/07/14 21:46, Ade Lee wrote:
New patch attached addressing the problems below. Also fixed
"status"
on debian to print out the config details when the process is running.
See more details below:
On Fri, 2014-01-03 at 19:21 -0800, Matthew Harmsen wrote:
> On 01/03/14 13:09, Ade Lee wrote:
>
>> These two patches have changes on the dogtag side to allow debian to
>> start up a dogtag CA. Along with some debian specific patches which
>> will be kept with the debian repo, we can now pkispawn and run a Dogtag
>> 10 CA on debian!
>>
>> Please review,
>> Ade
>>
>> Patch 179:
>>
>> Debian: add init script functionality
>>
>> The addtions in this patch will add start/stop/restart
>> functionality to operations, so that Debian systems can perform
>> these operations by calling these functions from an init script.
>>
>> We also introduce a parameter in the configuration scripts that
>> can be used to determine if the system is a debian system. This
>> parameter is used to specify a system V init script instead of
>> a systemd script on a debian system, when the configuration
>> scriptlets start and stop a system.
>>
>> Also source apparently does not work by default in debian. Used
>> dot (.) instead.
>>
>> Patch 178:
>>
>> Debian - replace arch specification
>>
>> uname -i returns "unknown" on a debian system. "arch" on
the other
>> hand works for fedora, rhel and debian. Replacing these for all
>> packages except for the migration ones which will not be built on
>> debian in any case.
>>
>>
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel(a)redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
> (1) While I was unable to configure a Debian machine appropriate to
> check out these fixes, I did successfully install the patches and
> successfully build from source on a Fedora 20 x86_64 machine.
>
> However, when I attempted to install a CA instance using 'pkispawn -s
> CA -f /tmp/pki/ca.cfg', I received the following error:
> ...
> pkispawn : INFO ....... executing 'certutil -N
> -d /root/.dogtag/pki-tomcat/ca/alias
> -f /root/.dogtag/pki-tomcat/ca/password.conf'
> pkispawn : INFO ....... executing 'systemctl start
> pki-tomcatd(a)pki-tomcat.service'
> Job for pki-tomcatd(a)pki-tomcat.service failed. See 'systemctl
> status pki-tomcatd(a)pki-tomcat.service' and 'journalctl -xn'
> for details.
> pkispawn : ERROR ....... subprocess.CalledProcessError:
> Command '['systemctl', 'start',
> 'pki-tomcatd(a)pki-tomcat.service']' returned non-zero exit
> status 1!
> pkispawn : DEBUG ....... Error Type: CalledProcessError
> pkispawn : DEBUG ....... Error Message: Command
> '['systemctl', 'start',
'pki-tomcatd(a)pki-tomcat.service']'
> returned non-zero exit status 1
> pkispawn : DEBUG ....... File "/sbin/pkispawn", line
> 463, in main
> rv = instance.spawn(deployer)
> File
>
"/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/configuration.py",
line 97, in spawn
> deployer.systemd.start()
> File
>
"/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py", line
3088, in start
> subprocess.check_call(command)
> File "/usr/lib64/python2.7/subprocess.py", line 542, in
> check_call
> raise CalledProcessError(retcode, cmd)
>
>
> Installation failed.
>
>
> # systemctl status -l pki-tomcatd(a)pki-tomcat.service
> pki-tomcatd(a)pki-tomcat.service - PKI Tomcat Server pki-tomcat
> Loaded: loaded
> (/usr/lib/systemd/system/pki-tomcatd@.service; enabled)
> Active: failed (Result: exit-code) since Fri 2014-01-03
> 18:59:42 PST; 6min ago
> Process: 21904 ExecStartPre=/usr/bin/pkidaemon start tomcat
> %i (code=exited, status=1/FAILURE)
>
> Jan 03 18:59:40 dogtag20.example.com systemd[1]: Starting PKI
> Tomcat Server pki-tomcat...
> Jan 03 18:59:42 dogtag20.example.com pkidaemon[21904]:
> WARNING: Attempting to change symbolic link
> '/var/lib/pki/pki-tomcat/bin' to point to target
> '/usr/share/tomcat7/bin' INSTEAD of current target
> '/usr/share/tomcat/bin'!
> Jan 03 18:59:42 dogtag20.example.com systemd[1]:
> pki-tomcatd(a)pki-tomcat.service: control process exited,
> code=exited status=1
> Jan 03 18:59:42 dogtag20.example.com systemd[1]: Failed to
> start PKI Tomcat Server pki-tomcat.
> Jan 03 18:59:42 dogtag20.example.com systemd[1]: Unit
> pki-tomcatd(a)pki-tomcat.service entered failed state.
>
>
> # journalctl -xn
> -- Logs begin at Wed 2013-07-10 14:02:40 PDT, end at Fri
> 2014-01-03 19:08:02 PST
> Jan 03 19:06:01 dogtag20.example.com systemd[1]: Starting
> Session 21094 o
> -- Subject: Unit session-21094.scope has begun with start-up
> -- Defined-By: systemd
> -- Support:
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit session-21094.scope has begun starting up.
> Jan 03 19:06:01 dogtag20.example.com systemd[1]: Started
> Session 21094 of
> -- Subject: Unit session-21094.scope has finished start-up
> -- Defined-By: systemd
> -- Support:
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit session-21094.scope has finished starting up.
> --
> -- The start-up result is done.
> Jan 03 19:06:03 dogtag20.example.com CROND[21984]: (root) CMD
> (/usr/bin/r
> Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]:
> dbus[493]: [system
> Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system]
> Activating via s
> Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system]
> Activation via s
> Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]:
> dbus[493]: [system
> Jan 03 19:08:01 dogtag20.example.com systemd[1]: Starting
> Session 21095 o
> -- Subject: Unit session-21095.scope has begun with start-up
> -- Defined-By: systemd
> -- Support:
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit session-21095.scope has begun starting up.
> Jan 03 19:08:01 dogtag20.example.com systemd[1]: Started
> Session 21095 of
> -- Subject: Unit session-21095.scope has finished start-up
> -- Defined-By: systemd
> -- Support:
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit session-21095.scope has finished starting up.
> --
> -- The start-up result is done.
> Jan 03 19:08:02 dogtag20.example.com CROND[21995]: (root) CMD
> (/usr/bin/r
>
Fixed this. The problem was partly that $debian was not defined as
false by default, and partly because of using set -e, causing the script
to exit unexpectedly. The set -e invocations have been removed.
> (2) One concern that I can see from reviewing the code appears that
> the 'stop' and 'restart' commands will still not work on Debian, as
> the entry point which comes from 'pkidaemon' will utilize the '*'
> option which will yield the following messages:
> unknown action (stop)
> Usage: /usr/bin/pkidaemon {start|stop|restart|status}
> instance-type [instance-name]
> ...
>
> unknown action (restart)
> Usage: /usr/bin/pkidaemon {start|stop|restart|status}
> instance-type [instance-name]
> ...
>
> NOTE: These commands SHOULD yield this on Fedora systems, but
> NOT on Debian systems.
Actually, this did work on debian because in the init script, I did not
invoke pkidaemon. Rather, I sourced operations directly. The check
that you are referring to is in pkidaemon - and having not been sourced
is never encountered.
To be more consistent though, I have simply added the relevant logic to
pkidaemon.
> (3) Finally, the following white spaces were present in your patches
> when they were applied:
> # git am ../*.patch
> Applying: Debian - replace arch specification
> Applying: Debian: add init script functionality
> /home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:18:
> trailing whitespace.
>
> /home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:61:
> trailing whitespace.
> command = ["/etc/init.d/pki-tomcatd",
"stop",
> /home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:76:
> trailing whitespace.
> command = ["/etc/init.d/pki-tomcatd",
> "restart",
> warning: 3 lines add whitespace errors.
>
Fixed.
4:35 p.m.
Thanks. Pushed to master.
Ade
On Wed, 2014-01-08 at 14:26 -0800, Matthew Harmsen wrote:
ACK
On 01/07/14 21:46, Ade Lee wrote:
> New patch attached addressing the problems below. Also fixed "status"
> on debian to print out the config details when the process is running.
>
> See more details below:
>
> On Fri, 2014-01-03 at 19:21 -0800, Matthew Harmsen wrote:
>> On 01/03/14 13:09, Ade Lee wrote:
>>
>>> These two patches have changes on the dogtag side to allow debian to
>>> start up a dogtag CA. Along with some debian specific patches which
>>> will be kept with the debian repo, we can now pkispawn and run a Dogtag
>>> 10 CA on debian!
>>>
>>> Please review,
>>> Ade
>>>
>>> Patch 179:
>>>
>>> Debian: add init script functionality
>>>
>>> The addtions in this patch will add start/stop/restart
>>> functionality to operations, so that Debian systems can perform
>>> these operations by calling these functions from an init script.
>>>
>>> We also introduce a parameter in the configuration scripts that
>>> can be used to determine if the system is a debian system. This
>>> parameter is used to specify a system V init script instead of
>>> a systemd script on a debian system, when the configuration
>>> scriptlets start and stop a system.
>>>
>>> Also source apparently does not work by default in debian. Used
>>> dot (.) instead.
>>>
>>> Patch 178:
>>>
>>> Debian - replace arch specification
>>>
>>> uname -i returns "unknown" on a debian system.
"arch" on the other
>>> hand works for fedora, rhel and debian. Replacing these for all
>>> packages except for the migration ones which will not be built on
>>> debian in any case.
>>>
>>>
>>>
>>> _______________________________________________
>>> Pki-devel mailing list
>>> Pki-devel(a)redhat.com
>>> https://www.redhat.com/mailman/listinfo/pki-devel
>> (1) While I was unable to configure a Debian machine appropriate to
>> check out these fixes, I did successfully install the patches and
>> successfully build from source on a Fedora 20 x86_64 machine.
>>
>> However, when I attempted to install a CA instance using 'pkispawn -s
>> CA -f /tmp/pki/ca.cfg', I received the following error:
>> ...
>> pkispawn : INFO ....... executing 'certutil -N
>> -d /root/.dogtag/pki-tomcat/ca/alias
>> -f /root/.dogtag/pki-tomcat/ca/password.conf'
>> pkispawn : INFO ....... executing 'systemctl start
>> pki-tomcatd(a)pki-tomcat.service'
>> Job for pki-tomcatd(a)pki-tomcat.service failed. See 'systemctl
>> status pki-tomcatd(a)pki-tomcat.service' and 'journalctl
-xn'
>> for details.
>> pkispawn : ERROR ....... subprocess.CalledProcessError:
>> Command '['systemctl', 'start',
>> 'pki-tomcatd(a)pki-tomcat.service']' returned non-zero exit
>> status 1!
>> pkispawn : DEBUG ....... Error Type: CalledProcessError
>> pkispawn : DEBUG ....... Error Message: Command
>> '['systemctl', 'start',
'pki-tomcatd(a)pki-tomcat.service']'
>> returned non-zero exit status 1
>> pkispawn : DEBUG ....... File "/sbin/pkispawn", line
>> 463, in main
>> rv = instance.spawn(deployer)
>> File
>>
"/usr/lib/python2.7/site-packages/pki/server/deployment/scriptlets/configuration.py",
line 97, in spawn
>> deployer.systemd.start()
>> File
>>
"/usr/lib/python2.7/site-packages/pki/server/deployment/pkihelper.py", line
3088, in start
>> subprocess.check_call(command)
>> File "/usr/lib64/python2.7/subprocess.py", line 542, in
>> check_call
>> raise CalledProcessError(retcode, cmd)
>>
>>
>> Installation failed.
>>
>>
>> # systemctl status -l pki-tomcatd(a)pki-tomcat.service
>> pki-tomcatd(a)pki-tomcat.service - PKI Tomcat Server pki-tomcat
>> Loaded: loaded
>> (/usr/lib/systemd/system/pki-tomcatd@.service; enabled)
>> Active: failed (Result: exit-code) since Fri 2014-01-03
>> 18:59:42 PST; 6min ago
>> Process: 21904 ExecStartPre=/usr/bin/pkidaemon start tomcat
>> %i (code=exited, status=1/FAILURE)
>>
>> Jan 03 18:59:40 dogtag20.example.com systemd[1]: Starting PKI
>> Tomcat Server pki-tomcat...
>> Jan 03 18:59:42 dogtag20.example.com pkidaemon[21904]:
>> WARNING: Attempting to change symbolic link
>> '/var/lib/pki/pki-tomcat/bin' to point to target
>> '/usr/share/tomcat7/bin' INSTEAD of current target
>> '/usr/share/tomcat/bin'!
>> Jan 03 18:59:42 dogtag20.example.com systemd[1]:
>> pki-tomcatd(a)pki-tomcat.service: control process exited,
>> code=exited status=1
>> Jan 03 18:59:42 dogtag20.example.com systemd[1]: Failed to
>> start PKI Tomcat Server pki-tomcat.
>> Jan 03 18:59:42 dogtag20.example.com systemd[1]: Unit
>> pki-tomcatd(a)pki-tomcat.service entered failed state.
>>
>>
>> # journalctl -xn
>> -- Logs begin at Wed 2013-07-10 14:02:40 PDT, end at Fri
>> 2014-01-03 19:08:02 PST
>> Jan 03 19:06:01 dogtag20.example.com systemd[1]: Starting
>> Session 21094 o
>> -- Subject: Unit session-21094.scope has begun with start-up
>> -- Defined-By: systemd
>> -- Support:
>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>> --
>> -- Unit session-21094.scope has begun starting up.
>> Jan 03 19:06:01 dogtag20.example.com systemd[1]: Started
>> Session 21094 of
>> -- Subject: Unit session-21094.scope has finished start-up
>> -- Defined-By: systemd
>> -- Support:
>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>> --
>> -- Unit session-21094.scope has finished starting up.
>> --
>> -- The start-up result is done.
>> Jan 03 19:06:03 dogtag20.example.com CROND[21984]: (root) CMD
>> (/usr/bin/r
>> Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]:
>> dbus[493]: [system
>> Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system]
>> Activating via s
>> Jan 03 19:06:25 dogtag20.example.com dbus[493]: [system]
>> Activation via s
>> Jan 03 19:06:25 dogtag20.example.com dbus-daemon[493]:
>> dbus[493]: [system
>> Jan 03 19:08:01 dogtag20.example.com systemd[1]: Starting
>> Session 21095 o
>> -- Subject: Unit session-21095.scope has begun with start-up
>> -- Defined-By: systemd
>> -- Support:
>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>> --
>> -- Unit session-21095.scope has begun starting up.
>> Jan 03 19:08:01 dogtag20.example.com systemd[1]: Started
>> Session 21095 of
>> -- Subject: Unit session-21095.scope has finished start-up
>> -- Defined-By: systemd
>> -- Support:
>> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>> --
>> -- Unit session-21095.scope has finished starting up.
>> --
>> -- The start-up result is done.
>> Jan 03 19:08:02 dogtag20.example.com CROND[21995]: (root) CMD
>> (/usr/bin/r
>>
> Fixed this. The problem was partly that $debian was not defined as
> false by default, and partly because of using set -e, causing the script
> to exit unexpectedly. The set -e invocations have been removed.
>
>> (2) One concern that I can see from reviewing the code appears that
>> the 'stop' and 'restart' commands will still not work on Debian,
as
>> the entry point which comes from 'pkidaemon' will utilize the
'*'
>> option which will yield the following messages:
>> unknown action (stop)
>> Usage: /usr/bin/pkidaemon {start|stop|restart|status}
>> instance-type [instance-name]
>> ...
>>
>> unknown action (restart)
>> Usage: /usr/bin/pkidaemon {start|stop|restart|status}
>> instance-type [instance-name]
>> ...
>>
>> NOTE: These commands SHOULD yield this on Fedora systems, but
>> NOT on Debian systems.
> Actually, this did work on debian because in the init script, I did not
> invoke pkidaemon. Rather, I sourced operations directly. The check
> that you are referring to is in pkidaemon - and having not been sourced
> is never encountered.
>
> To be more consistent though, I have simply added the relevant logic to
> pkidaemon.
>
>> (3) Finally, the following white spaces were present in your patches
>> when they were applied:
>> # git am ../*.patch
>> Applying: Debian - replace arch specification
>> Applying: Debian: add init script functionality
>> /home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:18:
>> trailing whitespace.
>>
>> /home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:61:
>> trailing whitespace.
>> command = ["/etc/init.d/pki-tomcatd",
"stop",
>> /home/mharmsen/DOGTAG/test/pki/.git/rebase-apply/patch:76:
>> trailing whitespace.
>> command = ["/etc/init.d/pki-tomcatd",
>> "restart",
>> warning: 3 lines add whitespace errors.
>>
> Fixed.
>
4001
days inactive
4006
days old
4 comments
2 participants
participants (2)
-
Ade Lee -
Matthew Harmsen