Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CS.cfg cleared? #1283

Closed
pki-bot opened this issue Oct 2, 2020 · 3 comments
Closed

CS.cfg cleared? #1283

pki-bot opened this issue Oct 2, 2020 · 3 comments
Labels
Closed: Fixed
Milestone
10.0.5

Comments

@pki-bot
Copy link

pki-bot commented Oct 2, 2020

This issue was migrated from Pagure Issue #714. Originally filed by pbbunny on 2013-08-22 16:26:56:

After performing the following tasks, the process restart seemed to have wiped the content of the CS.cfg:

  1. cp /etc/pki/pki-district/server.xml /etc/pki/pki-district/server.xml.orig
  2. modify the content with the following data:
    ORIGINAL
    MODIFIED

<!-- This Realm uses the UserDatabase configured in the global JNDI

resources under the key "UserDatabase". Any edits

that are performed against this UserDatabase are immediately

available for use by the Realm. -->

<Realm className="org.apache.catalina.realm.UserDatabaseRealm"

resourceName="UserDatabase"/>

  <Realm className="org.apache.catalina.realm.JNDIRealm"
      connectionURL="ldap://OURSERVER:389"
      userPattern="uid={0},o=ca"
      roleBase="ou=groups,o=ca"
      roleName="cn"
    roleSearch="(uniqueMember={0})"
  />

  1. cp /var/lib/pki/pki-district/webapps/ca/WEB-INF/web.xml /var/lib/pki/pki-district/webapps/ca/WEB-INF/web.xml.orig

  2. modify the content with the following data:
    ORIGINAL

    Certificate Authority

    *

MODIFIED

Certificate Authority

*

BASIC PKI Certificate Authority * EE Services /ee/ca/* * CONFIDENTIAL
  1. Restarted the service: systemctl restart pki-tomcatd.target & systemctl restart pki-tomcatd@pki-district.services

After performing the restarted, I started getting an HTTP 500 within the subsystem's admin and EE pages.

Turns out, the CS.cfg was wiped, it is completely empty. I'm attaching the catalina.out FYI.
@pki-bot pki-bot added this to the 10.0.5 milestone Oct 2, 2020
@pki-bot
Copy link
Author

pki-bot commented Oct 2, 2020

Comment from pbbunny at 2013-08-22 16:29:14

The original catalina.out, prior to a clean restart of dir and ca services, and the new catalina.out created after performing a dir and ca services restart.
catalina.out.zip

@pki-bot pki-bot closed this as completed Oct 2, 2020
@pki-bot
Copy link
Author

pki-bot commented Oct 2, 2020

Comment from vakwetu (@vakwetu) at 2013-09-03 04:19:45

Applied patch to not write to CS.cfg on startup/shutdown:

To ssh://vakwetu@git.fedorahosted.org/git/pki.git
9d70b93..05ff18e master -> master

To ssh://vakwetu@git.fedorahosted.org/git/pki.git
0beaa10..265f790 DOGTAG_10_0_BRANCH -> DOGTAG_10_0_BRANCH

@pki-bot
Copy link
Author

pki-bot commented Oct 2, 2020

Comment from pbbunny at 2017-02-27 14:02:02

Metadata Update from @pbbunny:

  • Issue assigned to vakwetu
  • Issue set to the milestone: 10.0.5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Closed: Fixed
Projects
None yet
Milestone
10.0.5
Development

No branches or pull requests
1 participant
@pki-bot