Blob Blame History Raw
From 9f9ef6301b67c9e0b917db80c686831462d9236a Mon Sep 17 00:00:00 2001
From: Alexander Scheel <ascheel@redhat.com>
Date: Mon, 24 Aug 2020 14:54:23 -0400
Subject: [PATCH] Migrate JAVA_HOME in instance configuration

When we upgrade from F32 to F33, we need to be able to upgrade JAVA_HOME
to set it to the new value. This value will also change on F32 (from a
JDK8-specific path to a generic path). This requires migration to happen
on subsystem start.

This means that the recommended way to configure JAVA_HOME to a value
OTHER then what's shipped in /usr/.../pki.conf becomes to set it in
/etc/.../pki.conf, and means that /etc/sysconfig/tomcat.conf gets
rewritten each time.

Signed-off-by: Alexander Scheel <ascheel@redhat.com>
---
 base/server/python/pki/server/cli/migrate.py  | 45 +++++++++++++++++++
 base/server/share/conf/tomcat.conf            |  3 --
 .../system/pki-tomcatd-nuxwdog@.service       |  2 +
 .../lib/systemd/system/pki-tomcatd@.service   |  2 +
 4 files changed, 49 insertions(+), 3 deletions(-)

diff --git a/base/server/python/pki/server/cli/migrate.py b/base/server/python/pki/server/cli/migrate.py
index d24236079..bc5cd379a 100644
--- a/base/server/python/pki/server/cli/migrate.py
+++ b/base/server/python/pki/server/cli/migrate.py
@@ -119,6 +119,7 @@ class MigrateCLI(pki.cli.CLI):
         self.migrate_nssdb(instance)
         self.migrate_tomcat(instance, tomcat_version)
         self.migrate_subsystems(instance, tomcat_version)
+        self.migrate_service(instance)
 
     def migrate_nssdb(self, instance):
 
@@ -601,3 +602,47 @@ class MigrateCLI(pki.cli.CLI):
 
         os.symlink(source, dest)
         os.lchown(dest, instance.uid, instance.gid)
+
+    def migrate_service(self, instance):
+        self.migrate_service_java_home(instance)
+
+    def migrate_service_java_home(self, instance):
+        # When JAVA_HOME in the Tomcat service config differs from the
+        # value in /usr/share/pki/etc/pki.conf, update the value in
+        # the service config.
+
+        if "JAVA_HOME" not in os.environ or not os.environ["JAVA_HOME"]:
+            logger.debug("Refusing to migrate JAVA_HOME with missing environment variable")
+            return
+
+        comment = "JAVA_HOME should be set in /etc/pki/pki.conf instead."
+
+        # Update in /etc/sysconfig/<instance>
+        result = self.update_java_home_in_config(instance.service_conf, comment)
+        self.write_config(instance.service_conf, result)
+
+        # Update in /etc/pki/<instance>/tomcat.conf
+        result = self.update_java_home_in_config(instance.tomcat_conf, comment)
+        self.write_config(instance.tomcat_conf, result)
+
+    def update_java_home_in_config(self, path, comment):
+        result = []
+
+        target = "JAVA_HOME="
+
+        with open(path, 'r') as conf_fp:
+            for line in conf_fp:
+                if not line.startswith(target):
+                    result.append(line)
+                else:
+                    comment_line = '# ' + comment + '\n'
+                    result.append(comment_line)
+                    new_line = '# ' + line
+                    result.append(new_line)
+
+        return result
+
+    def write_config(self, path, output):
+        with open(path, 'w') as conf_fp:
+            for line in output:
+                print(line, end='', file=conf_fp)
diff --git a/base/server/share/conf/tomcat.conf b/base/server/share/conf/tomcat.conf
index fe39243ad..3c6388072 100644
--- a/base/server/share/conf/tomcat.conf
+++ b/base/server/share/conf/tomcat.conf
@@ -8,9 +8,6 @@
 
 # Default NSS DB type is loaded from /usr/share/pki/etc/tomcat.conf
 
-# Where your java installation lives
-JAVA_HOME="[JAVA_HOME]"
-
 # Where your tomcat installation lives
 CATALINA_BASE="[PKI_INSTANCE_PATH]"
 
diff --git a/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service b/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service
index 6dcd4ee72..0ccc84946 100644
--- a/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service
+++ b/base/server/share/lib/systemd/system/pki-tomcatd-nuxwdog@.service
@@ -10,6 +10,8 @@ Environment="NAME=%i"
 Environment="STARTED_BY_SYSTEMD=1"
 Environment="WD_PIPE_NAME=%i"
 EnvironmentFile=-/etc/sysconfig/%i
+EnvironmentFile=/usr/share/pki/etc/pki.conf
+EnvironmentFile=/etc/pki/pki.conf
 
 ExecStartPre=+/usr/bin/setfacl -m u:pkiuser:wx /run/systemd/ask-password
 ExecStartPre=/usr/bin/pki-server-nuxwdog
diff --git a/base/server/share/lib/systemd/system/pki-tomcatd@.service b/base/server/share/lib/systemd/system/pki-tomcatd@.service
index 7df1bc4cb..f1d4cb692 100644
--- a/base/server/share/lib/systemd/system/pki-tomcatd@.service
+++ b/base/server/share/lib/systemd/system/pki-tomcatd@.service
@@ -8,6 +8,8 @@ EnvironmentFile=/usr/share/pki/etc/tomcat.conf
 EnvironmentFile=/etc/tomcat/tomcat.conf
 Environment="NAME=%i"
 EnvironmentFile=-/etc/sysconfig/%i
+EnvironmentFile=/usr/share/pki/etc/pki.conf
+EnvironmentFile=/etc/pki/pki.conf
 
 ExecStartPre=/usr/sbin/pki-server upgrade %i
 ExecStartPre=/usr/sbin/pki-server migrate %i
-- 
2.26.2