def create_master_dictionary(parser): # Read in the PKI slots configuration file. parser.compose_pki_slots_dictionary() # Combine the various sectional dictionaries into a PKI master dictionary parser.compose_pki_master_dictionary() parser.mdict['pki_spawn_log'] = \ config.pki_log_dir + "/" + config.pki_log_name config.pki_log.debug(log.PKI_DICTIONARY_MASTER, extra=config.PKI_INDENTATION_LEVEL_0) config.pki_log.debug(pkilogging.log_format(parser.mdict), extra=config.PKI_INDENTATION_LEVEL_0)
def main(argv): """main entry point""" config.pki_deployment_executable = os.path.basename(argv[0]) # Set the umask os.umask(config.PKI_DEPLOYMENT_DEFAULT_UMASK) # Read and process command-line arguments. parser = PKIConfigParser( 'PKI Instance Removal', log.PKIDESTROY_EPILOG, deployer=deployer) parser.optional.add_argument( '-i', dest='pki_deployed_instance_name', action='store', nargs=1, metavar='<instance>', help='FORMAT: ${pki_instance_name}') parser.optional.add_argument( '-u', dest='pki_secdomain_user', action='store', nargs=1, metavar='<security domain user>', help='security domain user') parser.optional.add_argument( '-W', dest='pki_secdomain_pass_file', action='store', nargs=1, metavar='<security domain password file>', help='security domain password file path') parser.optional.add_argument( '--force', dest='pki_force_destroy', action='store_true', help='force removal of subsystem' ) parser.optional.add_argument( '--remove-logs', dest='pki_remove_logs', action='store_true', help='remove subsystem logs' ) args = parser.process_command_line_arguments() interactive = False # Only run this program as "root". if not os.geteuid() == 0: sys.exit("'%s' must be run as root!" % argv[0]) while True: # -s <subsystem> if args.pki_subsystem is None: interactive = True deployer.subsystem_name = parser.read_text( 'Subsystem (CA/KRA/OCSP/TKS/TPS)', options=['CA', 'KRA', 'OCSP', 'TKS', 'TPS'], default='CA', case_sensitive=False).upper() else: deployer.subsystem_name = str(args.pki_subsystem).strip('[\']') # -i <instance name> if args.pki_deployed_instance_name is None: interactive = True config.pki_deployed_instance_name = \ parser.read_text('Instance', default='pki-tomcat') else: config.pki_deployed_instance_name = \ str(args.pki_deployed_instance_name).strip('[\']') if interactive: print() parser.indent = 0 begin = parser.read_text( 'Begin uninstallation (Yes/No/Quit)', options=['Yes', 'Y', 'No', 'N', 'Quit', 'Q'], sign='?', allow_empty=False, case_sensitive=False).lower() print() if begin == 'q' or begin == 'quit': print("Uninstallation canceled.") sys.exit(0) elif begin == 'y' or begin == 'yes': break else: break # '-u' if args.pki_secdomain_user: config.pki_secdomain_user = str(args.pki_secdomain_user).strip('[\']') # '-W' password file if args.pki_secdomain_pass_file: with open(str(args.pki_secdomain_pass_file).strip('[\']'), 'r') as \ pwd_file: config.pki_secdomain_pass = pwd_file.readline().strip('\n') # '--force' force_destroy = args.pki_force_destroy # '--remove-logs' remove_logs = args.pki_remove_logs # verify that previously deployed instance exists deployed_pki_instance_path = os.path.join( config.PKI_DEPLOYMENT_BASE_ROOT, config.pki_deployed_instance_name ) if not os.path.exists(deployed_pki_instance_path) and not force_destroy: print("ERROR: " + log.PKI_INSTANCE_DOES_NOT_EXIST_1 % deployed_pki_instance_path) print() parser.arg_parser.exit(-1) # verify that previously deployed subsystem for this instance exists deployed_pki_subsystem_path = os.path.join( deployed_pki_instance_path, deployer.subsystem_name.lower() ) if not os.path.exists(deployed_pki_subsystem_path) and not force_destroy: print("ERROR: " + log.PKI_SUBSYSTEM_DOES_NOT_EXIST_2 % (deployer.subsystem_name, deployed_pki_instance_path)) print() parser.arg_parser.exit(-1) config.default_deployment_cfg = \ config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE # establish complete path to previously deployed configuration file config.user_deployment_cfg = os.path.join( deployed_pki_subsystem_path, "registry", deployer.subsystem_name.lower(), config.USER_DEPLOYMENT_CONFIGURATION ) if force_destroy and not os.path.exists(config.user_deployment_cfg): # During force destroy, try to load the file. If file doesn't exist, we ignore it config.user_deployment_cfg = None parser.validate() parser.init_config(pki_instance_name=config.pki_deployed_instance_name) # Enable 'pkidestroy' logging. config.pki_log_dir = config.PKI_DEPLOYMENT_LOG_ROOT config.pki_log_name = "pki" + "-" +\ deployer.subsystem_name.lower() +\ "-" + "destroy" + "." +\ deployer.log_timestamp + "." + "log" print('Uninstallation log: %s/%s' % (config.pki_log_dir, config.pki_log_name)) pkilogging.enable_pki_logger(config.pki_log_dir, config.pki_log_name, config.pki_log_level, "pkidestroy") # Read the specified PKI configuration file. rv = parser.read_pki_configuration_file() if rv != 0: logger.error(log.PKI_UNABLE_TO_PARSE_1, rv) sys.exit(1) # Combine the various sectional dictionaries into a PKI master dictionary parser.compose_pki_master_dictionary() deployer.init() parser.mdict['pki_destroy_log'] = \ config.pki_log_dir + "/" + config.pki_log_name # Add force_destroy to master dictionary parser.mdict['pki_force_destroy'] = force_destroy # Add remove logs to master dictionary parser.mdict['pki_remove_logs'] = remove_logs logger.debug(log.PKI_DICTIONARY_MASTER) logger.debug(pkilogging.log_format(parser.mdict)) print("Uninstalling " + deployer.subsystem_name + " from " + deployed_pki_instance_path + ".") # Process the various "scriptlets" to remove the specified PKI subsystem. pki_subsystem_scriptlets = parser.mdict['destroy_scriplets'].split() try: for scriptlet_name in pki_subsystem_scriptlets: scriptlet_module = __import__( "pki.server.deployment.scriptlets." + scriptlet_name, fromlist=[scriptlet_name]) scriptlet = scriptlet_module.PkiScriptlet() scriptlet.destroy(deployer) except subprocess.CalledProcessError as e: log_error_details() print() print("Uninstallation failed: Command failed: %s" % ' '.join(e.cmd)) if e.output: print(e.output) print() sys.exit(1) except Exception as e: # pylint: disable=broad-except log_error_details() print() print("Uninstallation failed: %s" % e) print() sys.exit(1) print() print("Uninstallation complete.")
def main(argv): """main entry point""" config.pki_deployment_executable = os.path.basename(argv[0]) # Set the umask os.umask(config.PKI_DEPLOYMENT_DEFAULT_UMASK) # Read and process command-line arguments. parser = PKIConfigParser( 'PKI Instance Removal', log.PKIDESTROY_EPILOG, deployer=deployer) parser.optional.add_argument( '-i', dest='pki_deployed_instance_name', action='store', nargs=1, metavar='<instance>', help='FORMAT: ${pki_instance_name}') parser.optional.add_argument( '-u', dest='pki_secdomain_user', action='store', nargs=1, metavar='<security domain user>', help='security domain user') parser.optional.add_argument( '-W', dest='pki_secdomain_pass_file', action='store', nargs=1, metavar='<security domain password file>', help='security domain password file path') args = parser.process_command_line_arguments() interactive = False # Only run this program as "root". if not os.geteuid() == 0: sys.exit("'%s' must be run as root!" % argv[0]) while True: # -s <subsystem> if args.pki_subsystem is None: interactive = True deployer.subsystem_name = parser.read_text( 'Subsystem (CA/KRA/OCSP/TKS/TPS)', options=['CA', 'KRA', 'OCSP', 'TKS', 'TPS'], default='CA', case_sensitive=False).upper() else: deployer.subsystem_name = str(args.pki_subsystem).strip('[\']') # -i <instance name> if args.pki_deployed_instance_name is None: interactive = True config.pki_deployed_instance_name = \ parser.read_text('Instance', default='pki-tomcat') else: config.pki_deployed_instance_name = \ str(args.pki_deployed_instance_name).strip('[\']') if interactive: print() parser.indent = 0 begin = parser.read_text( 'Begin uninstallation (Yes/No/Quit)', options=['Yes', 'Y', 'No', 'N', 'Quit', 'Q'], sign='?', allow_empty=False, case_sensitive=False).lower() print() if begin == 'q' or begin == 'quit': print("Uninstallation canceled.") sys.exit(0) elif begin == 'y' or begin == 'yes': break else: break # '-u' if args.pki_secdomain_user: config.pki_secdomain_user = str(args.pki_secdomain_user).strip('[\']') # '-W' password file if args.pki_secdomain_pass_file: with open(str(args.pki_secdomain_pass_file).strip('[\']'), 'r') as \ pwd_file: config.pki_secdomain_pass = pwd_file.readline().strip('\n') # verify that previously deployed instance exists deployed_pki_instance_path = os.path.join( config.PKI_DEPLOYMENT_BASE_ROOT, config.pki_deployed_instance_name ) if not os.path.exists(deployed_pki_instance_path): print("ERROR: " + log.PKI_INSTANCE_DOES_NOT_EXIST_1 % deployed_pki_instance_path) print() parser.arg_parser.exit(-1) # verify that previously deployed subsystem for this instance exists deployed_pki_subsystem_path = \ deployed_pki_instance_path + "/" + deployer.subsystem_name.lower() if not os.path.exists(deployed_pki_subsystem_path): print("ERROR: " + log.PKI_SUBSYSTEM_DOES_NOT_EXIST_2 % (deployer.subsystem_name, deployed_pki_instance_path)) print() parser.arg_parser.exit(-1) config.default_deployment_cfg = \ config.PKI_DEPLOYMENT_DEFAULT_CONFIGURATION_FILE # establish complete path to previously deployed configuration file config.user_deployment_cfg =\ deployed_pki_subsystem_path + "/" +\ "registry" + "/" +\ deployer.subsystem_name.lower() + "/" +\ config.USER_DEPLOYMENT_CONFIGURATION parser.validate() parser.init_config() # Enable 'pkidestroy' logging. config.pki_log_dir = config.PKI_DEPLOYMENT_LOG_ROOT config.pki_log_name = "pki" + "-" +\ deployer.subsystem_name.lower() +\ "-" + "destroy" + "." +\ deployer.log_timestamp + "." + "log" print('Log file: %s/%s' % (config.pki_log_dir, config.pki_log_name)) pkilogging.enable_pki_logger(config.pki_log_dir, config.pki_log_name, config.pki_log_level, config.pki_console_log_level, "pkidestroy") # Read the specified PKI configuration file. rv = parser.read_pki_configuration_file() if rv != 0: config.pki_log.error(log.PKI_UNABLE_TO_PARSE_1, rv, extra=config.PKI_INDENTATION_LEVEL_0) sys.exit(1) # Combine the various sectional dictionaries into a PKI master dictionary parser.compose_pki_master_dictionary() parser.mdict['pki_destroy_log'] = \ config.pki_log_dir + "/" + config.pki_log_name config.pki_log.debug(log.PKI_DICTIONARY_MASTER, extra=config.PKI_INDENTATION_LEVEL_0) config.pki_log.debug(pkilogging.log_format(parser.mdict), extra=config.PKI_INDENTATION_LEVEL_0) print("Uninstalling " + deployer.subsystem_name + " from " + deployed_pki_instance_path + ".") # Process the various "scriptlets" to remove the specified PKI subsystem. pki_subsystem_scriptlets = parser.mdict['destroy_scriplets'].split() deployer.init(parser) try: for scriptlet_name in pki_subsystem_scriptlets: scriptlet_module = __import__( "pki.server.deployment.scriptlets." + scriptlet_name, fromlist=[scriptlet_name]) scriptlet = scriptlet_module.PkiScriptlet() scriptlet.destroy(deployer) except subprocess.CalledProcessError as e: log_error_details() print() print("Uninstallation failed: Command failed: %s" % ' '.join(e.cmd)) if e.output: print(e.output) print() sys.exit(1) except Exception as e: # pylint: disable=broad-except log_error_details() print() print("Uninstallation failed: %s" % e) print() sys.exit(1) print() print("Uninstallation complete.")