The following patch attempts to address these issues.
It should be understood that this has NOT been tested with any package
renames/location changes that may have been checked-in this morning, and
as such, the data may need to be changed and tested to comply with these
changes.
-- Matt
On 08/28/12 07:25, Ade Lee wrote:
> The CS.cfg logic looks fine.
>
> The check_symlinks() code is still a little confusing.
>
> You do the following check:
>
> target=${symlinks[${key}]}
> # Check to make certain that the expected target exists.
> if [ -e ${target} ]; then
> ....
> else
> # Attempt to remove this dangling symbolic link and
> # issue an ERROR that the target to which the
> # symbolic link is expected to point does NOT exist.
> rm ${symlink}
> ....
>
> This is not correct. Its not necessarily a danglng link. The link that
> is there may in fact point to another (wrong) target. All you know is
> that you cannot correct this link because the expected target does not
> exist.
>
> To simplify check_links(), I suggest that you move the check for whether
> or not the target exists and is fully resolvable into make_symlink().
> If either fails, then error out.
>
> then the logic in check_symlinks() becomes simpler.
>
> if [ -e symlink]; then
> if [-h symlink]; then
> target = symlinks[key]
> current_target = `readlink symlink`
> if [target == current_target]; then
> check if exists and resolvable and chown
> else
> rm symlink
> make_link()
> elif [-f symlink]
> warn about debugging
> else
> error "directory or some such"
> else
> make_link()
>
> On Mon, 2012-08-27 at 20:57 -0700, Matthew Harmsen wrote:
>> This patch attempts to address these issues.
>>
>> On 08/24/12 07:54, Ade Lee wrote:
>>> same comments as on the dogtag 10 patch.
>>>
>>> On Wed, 2012-08-22 at 20:26 -0700, Matthew Harmsen wrote:
>>>> This patch addresses the issue listed below for Dogtag 9:
>>>> * TRAC Ticket #301 - Need to modify init scripts to verify
>>>> needed symlinks in an instance
>>>> This patch has been tested and found to work successfully on 64-bit
>>>> Fedora 16 with SElinux in "Permissive" mode:
>>>> * Built and installed Dogtag 9 Packages on a 64-bit Fedora 16
>>>> host
>>>> * Installed and configured Dogtag 9 CA, KRA, OCSP, TKS, RA, and
>>>> TPS instances
>>>> * Tested attached symlinks patch on all subsystems (although I
>>>> was unable to get the configured TPS to restart --
>>>> successfully applied logic from standalone test program)
>>>> _______________________________________________
>>>> Pki-devel mailing list
>>>> Pki-devel(a)redhat.com
>>>>
https://www.redhat.com/mailman/listinfo/pki-devel
>