From 98a2a66e2aab11239743259b4ea513a3f6b9cd07 Mon Sep 17 00:00:00 2001 From: Juan Carlos Luciani Date: Thu, 17 Jul 2008 17:35:59 +0000 Subject: [PATCH] Start of changes to allow service to run with tomcat6 and Sun Java6. --- .../Svc/linux/CasaAuthPolicyEditor.sh | 13 +- .../Svc/linux/CasaAuthTokenSettingsEditor.sh | 13 +- .../server-java/Svc/linux/CasaAuthtokenSvcD | 7 +- .../Svc/linux/CasaAuthtokenSvcD.zen | 228 ++++++++++++++++++ .../Svc/linux/CasaIaRealmsEditor.sh | 13 +- .../Svc/linux/CasaIdenTokenSettingsEditor.sh | 13 +- .../Svc/linux/CasaSvcSettingsEditor.sh | 14 +- .../Svc/linux/CasaTomcatConnectorEditor.sh | 11 +- CASA-auth-token/server-java/Svc/linux/envvars | 8 +- 9 files changed, 304 insertions(+), 16 deletions(-) create mode 100644 CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD.zen diff --git a/CASA-auth-token/server-java/Svc/linux/CasaAuthPolicyEditor.sh b/CASA-auth-token/server-java/Svc/linux/CasaAuthPolicyEditor.sh index bd859201..3927c042 100755 --- a/CASA-auth-token/server-java/Svc/linux/CasaAuthPolicyEditor.sh +++ b/CASA-auth-token/server-java/Svc/linux/CasaAuthPolicyEditor.sh @@ -32,6 +32,15 @@ # Source our environment variables file . /etc/CASA/authtoken/svc/envvars -# Perform the operation requested -$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar $* +TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + +# Proceed based on the JVM that we are utilizing +if [ -z "${TEST_IBM_JVM}" ]; then + # Perform the operation requested, assuming the Sun JVM in which case we need to load + # the xerces-j2 jar at boot time to avoid load class errors. + $JAVA_HOME/bin/java -Xbootclasspath/a:/usr/share/java/xerces-j2.jar -jar /usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar $* +else + # Perform the operation requested + $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaAuthPolicyEditor.jar $* +fi diff --git a/CASA-auth-token/server-java/Svc/linux/CasaAuthTokenSettingsEditor.sh b/CASA-auth-token/server-java/Svc/linux/CasaAuthTokenSettingsEditor.sh index 8a8261c4..c4fb7c36 100755 --- a/CASA-auth-token/server-java/Svc/linux/CasaAuthTokenSettingsEditor.sh +++ b/CASA-auth-token/server-java/Svc/linux/CasaAuthTokenSettingsEditor.sh @@ -32,6 +32,15 @@ # Source our environment variables file . /etc/CASA/authtoken/svc/envvars -# Perform the operation requested -$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar $* +TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + +# Proceed based on the JVM that we are utilizing +if [ -z "${TEST_IBM_JVM}" ]; then + # Perform the operation requested, assuming the Sun JVM in which case we need to load + # the xerces-j2 jar at boot time to avoid load class errors. + $JAVA_HOME/bin/java -Xbootclasspath/a:/usr/share/java/xerces-j2.jar -jar /usr/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar $* +else + # Perform the operation requested + $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaAuthTokenSettingsEditor.jar $* +fi diff --git a/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD b/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD index f071a555..f015e76a 100644 --- a/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD +++ b/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD @@ -56,7 +56,8 @@ atsIsRunning() ats_ps_log=`mktemp /var/tmp/ats-ps.log.XXXXXX` ps aux --cols 1024 >"$ats_ps_log" ats_is_running="false" - if grep " -Dcatalina.base=$CATALINA_BASE.*-Dcatalina.home=$CATALINA_HOME.*org.apache.catalina.startup.Bootstrap" "$ats_ps_log" >/dev/null 2>/dev/null ; then + #if grep " -Dcatalina.base=$CATALINA_BASE.*-Dcatalina.home=$CATALINA_HOME.*org.apache.catalina.startup.Bootstrap" "$ats_ps_log" >/dev/null 2>/dev/null ; then + if grep "$DAEMON_USER" "$ats_ps_log" >/dev/null 2>/dev/null ; then ats_is_running="true" fi rm -f "$ats_ps_log" @@ -121,7 +122,7 @@ StartDAEMON() fi # Start it up - su $DAEMON_USER -s /bin/bash -c "$CATALINA_HOME/bin/startup.sh" >"$CATALINA_BASE/logs/start.log" 2>&1 + su $DAEMON_USER -s /bin/bash -c "$CATALINA_START_CMD" >"$CATALINA_BASE/logs/start.log" 2>&1 sleep 1 if atsIsRunning ; then rc_failed 0 @@ -158,7 +159,7 @@ StopDAEMON() ## Stop daemon with killproc(8) and if this fails ## set echo the echo return value. if atsIsRunning ; then - su $DAEMON_USER -s /bin/bash -c "$CATALINA_HOME/bin/shutdown.sh" >"$CATALINA_BASE/logs/stop.log" 2>&1 + su $DAEMON_USER -s /bin/bash -c "$CATALINA_STOP_CMD" >"$CATALINA_BASE/logs/stop.log" 2>&1 # wait 60 sec for stop at maximum wait_sec=60 while [ "$wait_sec" != "0" ] ; do diff --git a/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD.zen b/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD.zen new file mode 100644 index 00000000..f071a555 --- /dev/null +++ b/CASA-auth-token/server-java/Svc/linux/CasaAuthtokenSvcD.zen @@ -0,0 +1,228 @@ +#!/bin/sh +# +# Startup script for the Casa Authtoken Service Daemon (casa_atsd) +# +# /etc/init.d/casa_atsd +# +# description: casa_atsd is the CASA Authentication Token Service +# (ATS). CASA Client utilize this service to obtain CASA authentication +# tokens to authenticate to other services. The ATS executes as a +# tomcat webapp. casa_atsd is the tomcat process which contains +# the ATS. +# +# Note that some of the content from this file was copied from +# /etc/init.d/tomcat5 whose author was Petr Mladek. +# /etc/init.d/tomcat5 has the following copyrights: +# +# Copyright (c) 1995-2001 SuSE GmbH Nuernberg, Germany. +# Copyright (c) 2002 SuSE Linux AG Nuernberg, Germany. +# +# processname: casa_atsd +# pidfile: None +# config utility: None + + +### BEGIN INIT INFO +# Provides: casa_atsd +# Required-Start: $local_fs $remote_fs +# X-UnitedLinux-Should-Start: $named $syslog $time +# Required-Stop: $local_fs $remote_fs $network +# X-UnitedLinux-Should-Stop: $named $syslog $time +# Default-Start: 2 3 5 +# Default-Stop: +# Short-Description: Casa Authtoken Service Daemon +# Description: Start Casa Authtoken Service Daemon +### END INIT INFO + +. /etc/rc.status + +# Shell functions sourced from /etc/rc.status: +# rc_check check and set local and overall rc status +# rc_status check and set local and overall rc status +# rc_status -v ditto but be verbose in local rc status +# rc_status -v -r ditto and clear the local rc status +# rc_failed set local and overall rc status to failed +# rc_reset clear local rc status (overall remains) +# rc_exit exit appropriate to overall rc status + +# First reset status of this service +rc_reset + +DAEMON_USER=casaatsd +DAEMON_GROUP=casaauth + +atsIsRunning() +{ + ats_ps_log=`mktemp /var/tmp/ats-ps.log.XXXXXX` + ps aux --cols 1024 >"$ats_ps_log" + ats_is_running="false" + if grep " -Dcatalina.base=$CATALINA_BASE.*-Dcatalina.home=$CATALINA_HOME.*org.apache.catalina.startup.Bootstrap" "$ats_ps_log" >/dev/null 2>/dev/null ; then + ats_is_running="true" + fi + rm -f "$ats_ps_log" + test "$ats_is_running" = "true" +} + +StartDAEMON() +{ + # Start the daemon + echo -n "Starting casa_atsd..." + ## Start daemon with startproc(8). If this fails + ## the echo return value is set appropriate. + + # NOTE: startproc return 0, even if service is + # already running to match LSB spec. + if atsIsRunning ; then + rc_failed 0 + else + # Try to fix permissions + chown --dereference $DAEMON_USER:$DAEMON_GROUP "$CATALINA_BASE" + for dir in "$CATALINA_BASE/conf" \ + "$CATALINA_BASE/logs" \ + "$CATALINA_BASE/temp" \ + "$CATALINA_BASE/webapps" \ + "$CATALINA_BASE/work" ; do + # the command true is used because of for example conf directory may be mounted read-only + test -d "$dir" && chown -R --dereference $DAEMON_USER:$DAEMON_GROUP "$dir" 2>/dev/null || true + done + + TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + + # Append the java.security.auth.login.conf property on the JAVA_OPTS environment + # variable if not utilizing the IBM JVM. + if [ -z "${TEST_IBM_JVM}" ]; then + export JAVA_OPTS="$JAVA_OPTS -Djava.security.auth.login.config=/etc/CASA/authtoken/svc/jaas.conf" + fi + + # Make sure that the server.xml link has been made + if [ ! -f /srv/www/casaats/conf/server.xml ]; then + # The server.xml file link needs to be made. Use the appropriate + # file for the JVM version that we are using. + if [ -z "${TEST_IBM_JVM}" ]; then + # Assume Sun JVM + # Use PKCS12 version if PKCS12 store exists + if [ -f /etc/ssl/servercerts/keystore.p12 ]; then + ln -s /srv/www/casaats/conf/server-pkcs12-sun.xml /srv/www/casaats/conf/server.xml + else + ln -s /srv/www/casaats/conf/server-sun.xml /srv/www/casaats/conf/server.xml + fi + else + # IBM JVM + # Use PKCS12 version if PKCS12 store exists + if [ -f /etc/ssl/servercerts/keystore.p12 ]; then + ln -s /srv/www/casaats/conf/server-pkcs12-ibm.xml /srv/www/casaats/conf/server.xml + else + ln -s /srv/www/casaats/conf/server-ibm.xml /srv/www/casaats/conf/server.xml + fi + fi + + # Make sure that our service has rights to the file + chown -h casaatsd:casaauth /srv/www/casaats/conf/server.xml + fi + + # Start it up + su $DAEMON_USER -s /bin/bash -c "$CATALINA_HOME/bin/startup.sh" >"$CATALINA_BASE/logs/start.log" 2>&1 + sleep 1 + if atsIsRunning ; then + rc_failed 0 + + # Check if we need to copy the Signing Certificate to the webapp folder + if [ ! -f /srv/www/casaats/webapps/CasaAuthTokenSvc/SigningCert ]; then + # Wait a max of 60 seconds for the webapp folder to be created + wait_sec=60 + while [ "$wait_sec" != "0" ] ; do + sleep 1 + if [ -d /srv/www/casaats/webapps/CasaAuthTokenSvc ]; then + # The folder was created, end the loop + wait_sec=0 + break + fi + wait_sec=$((wait_sec -1)) + done + + # Copy the signing certificate to the webapps folder so that it can be downloaded from the ATS + cp /etc/CASA/authtoken/keys/localSigningCert /srv/www/casaats/webapps/CasaAuthTokenSvc/SigningCert + fi + else + rc_failed 7 + fi + fi + rc_status -v +} + + +StopDAEMON() +{ + # Stop the daemon + echo -n "Stopping casa_atsd..." + ## Stop daemon with killproc(8) and if this fails + ## set echo the echo return value. + if atsIsRunning ; then + su $DAEMON_USER -s /bin/bash -c "$CATALINA_HOME/bin/shutdown.sh" >"$CATALINA_BASE/logs/stop.log" 2>&1 + # wait 60 sec for stop at maximum + wait_sec=60 + while [ "$wait_sec" != "0" ] ; do + sleep 1 + if ! atsIsRunning ; then + # the server is stopped, end the loop + wait_sec=0 + break + fi + wait_sec=$((wait_sec -1)) + done + # check the final status + if atsIsRunning ; then + rc_failed 1 + else + rc_failed 0 + fi + else + rc_failed 0 + fi + # Remember status and be verbose + rc_status -v +} + + +# Source the environments file for our daemon +. /etc/CASA/authtoken/svc/envvars + + +case "$1" in +start) + StartDAEMON + ;; +stop) + StopDAEMON + ;; +restart|reload|force-reload) + StopDAEMON + sleep 1 + StartDAEMON + ;; +status) + echo -n "Checking for casa_atsd" + ## Check status with checkproc(8), if process is running + ## checkproc will return with exit status 0. + + # Status has a slightly different for the status command: + # 0 - service running + # 1 - service dead, but /var/run/ pid file exists + # 2 - service dead, but /var/lock/ lock file exists + # 3 - service not running + + # NOTE: checkproc returns LSB compliant status values. + if atsIsRunning ; then + rc_failed 0 + else + rc_failed 3 + fi + rc_status -v + ;; +*) + echo -n "Usage: $0 {start|stop|restart|reload|force-reload}" + exit 1 + ;; +esac +rc_exit + diff --git a/CASA-auth-token/server-java/Svc/linux/CasaIaRealmsEditor.sh b/CASA-auth-token/server-java/Svc/linux/CasaIaRealmsEditor.sh index f4195a99..9145a792 100755 --- a/CASA-auth-token/server-java/Svc/linux/CasaIaRealmsEditor.sh +++ b/CASA-auth-token/server-java/Svc/linux/CasaIaRealmsEditor.sh @@ -32,6 +32,15 @@ # Source our environment variables file . /etc/CASA/authtoken/svc/envvars -# Perform the operation requested -$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar $* +TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + +# Proceed based on the JVM that we are utilizing +if [ -z "${TEST_IBM_JVM}" ]; then + # Perform the operation requested, assuming the Sun JVM in which case we need to load + # the xerces-j2 jar at boot time to avoid load class errors. + $JAVA_HOME/bin/java -Xbootclasspath/a:/usr/share/java/xerces-j2.jar -jar /usr/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar $* +else + # Perform the operation requested + $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaIaRealmsEditor.jar $* +fi diff --git a/CASA-auth-token/server-java/Svc/linux/CasaIdenTokenSettingsEditor.sh b/CASA-auth-token/server-java/Svc/linux/CasaIdenTokenSettingsEditor.sh index 14c4e7c2..45825eff 100755 --- a/CASA-auth-token/server-java/Svc/linux/CasaIdenTokenSettingsEditor.sh +++ b/CASA-auth-token/server-java/Svc/linux/CasaIdenTokenSettingsEditor.sh @@ -32,6 +32,15 @@ # Source our environment variables file . /etc/CASA/authtoken/svc/envvars -# Perform the operation requested -$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar $* +TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + +# Proceed based on the JVM that we are utilizing +if [ -z "${TEST_IBM_JVM}" ]; then + # Perform the operation requested, assuming the Sun JVM in which case we need to load + # the xerces-j2 jar at boot time to avoid load class errors. + $JAVA_HOME/bin/java -Xbootclasspath/a:/usr/share/java/xerces-j2.jar -jar /usr/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar $* +else + # Perform the operation requested + $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaIdenTokenSettingsEditor.jar $* +fi diff --git a/CASA-auth-token/server-java/Svc/linux/CasaSvcSettingsEditor.sh b/CASA-auth-token/server-java/Svc/linux/CasaSvcSettingsEditor.sh index adce8082..4d7b8e64 100755 --- a/CASA-auth-token/server-java/Svc/linux/CasaSvcSettingsEditor.sh +++ b/CASA-auth-token/server-java/Svc/linux/CasaSvcSettingsEditor.sh @@ -32,6 +32,16 @@ # Source our environment variables file . /etc/CASA/authtoken/svc/envvars -# Perform the operation requested -$JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar $* +TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + +# Proceed based on the JVM that we are utilizing +if [ -z "${TEST_IBM_JVM}" ]; then + # Perform the operation requested, assuming the Sun JVM in which case we need to load + # the xerces-j2 jar at boot time to avoid load class errors. + $JAVA_HOME/bin/java -Xbootclasspath/a:/usr/share/java/xerces-j2.jar -jar /usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar $* +else + # Perform the operation requested + $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaSvcSettingsEditor.jar $* +fi + diff --git a/CASA-auth-token/server-java/Svc/linux/CasaTomcatConnectorEditor.sh b/CASA-auth-token/server-java/Svc/linux/CasaTomcatConnectorEditor.sh index 78edfa05..89d11204 100644 --- a/CASA-auth-token/server-java/Svc/linux/CasaTomcatConnectorEditor.sh +++ b/CASA-auth-token/server-java/Svc/linux/CasaTomcatConnectorEditor.sh @@ -32,13 +32,14 @@ # Source our environment variables file . /etc/CASA/authtoken/svc/envvars +TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) + # Check if we need to determine which server.xml file to use if [ -f /srv/www/casaats/conf/server.xml ]; then # No need to determine which file to use SERVER_XML_FILE_PATH=/srv/www/casaats/conf/server.xml else # Determine which server.xml file to use - TEST_IBM_JVM=$($JAVA_HOME/bin/java -version 2>&1 | grep -i ibm) if [ -z "${TEST_IBM_JVM}" ]; then # Assume Sun JVM # Use PKCS12 version if PKCS12 store exists @@ -136,7 +137,13 @@ if [ $# -eq 2 ]; then else if [ $1 = "-file" ]; then echo "Process properties file" - $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar $* + # Proceed based on the JVM that we are utilizing + if [ -z "${TEST_IBM_JVM}" ]; then + # Assuming the Sun JVM in which case we need to load the xerces-j2 jar at boot time to avoid load class errors. + $JAVA_HOME/bin/java -Xbootclasspath/a:/usr/share/java/xerces-j2.jar -jar /usr/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar $* + else + $JAVA_HOME/bin/java -jar /usr/share/java/CASA/authtoken/bin/CasaTomcatConnectorEditor.jar $* + fi else echo "Invalid operation requested" retVal=1 diff --git a/CASA-auth-token/server-java/Svc/linux/envvars b/CASA-auth-token/server-java/Svc/linux/envvars index 769a53fd..b198c509 100644 --- a/CASA-auth-token/server-java/Svc/linux/envvars +++ b/CASA-auth-token/server-java/Svc/linux/envvars @@ -20,15 +20,21 @@ CATALINA_BASE="/srv/www/casaats" if [ -d /usr/share/tomcat6 ]; then CATALINA_HOME="/usr/share/tomcat6" + CATALINA_START_CMD="/usr/bin/dtomcat6 start" + CATALINA_STOP_CMD="/usr/bin/dtomcat6 stop" + TOMCAT_CFG="/etc/CASA/authtoken/svc/tomcat6.conf" else if [ -d /usr/share/tomcat55 ]; then CATALINA_HOME="/usr/share/tomcat55" else CATALINA_HOME="/usr/share/tomcat5" fi + CATALINA_START_CMD="$CATALINA_HOME/bin/startup.sh" + CATALINA_STOP_CMD="$CATALINA_HOME/bin/shutdown.sh" + TOMCAT_CFG= fi CATALINA_PID="/var/lib/CASA/authtoken/svc/casaatsd.pid" JAVA_OPTS="-Dcom.novell.casa.authtoksvc.config=/etc/CASA/authtoken/svc -Dlog4j.configuration=file:/etc/CASA/authtoken/svc/log4j.properties -Djava.library.path=/usr/$LIB" -export CATALINA_BASE CATALINA_HOME CATALINA_PID JAVA_HOME JAVA_OPTS +export JAVA_HOME CATALINA_BASE CATALINA_HOME CATALINA_START_CMD CATALINA_STOP_CMD TOMCAT_CFG CATALINA_PID JAVA_OPTS