Bug 440344 - Installation page should tell admins to use "service", not "/etc/init.d" on Linux
Installation page should tell admins to use "service", not "/etc/init.d" on L...
Product: Dogtag Certificate System
Classification: Community
Component: Installation Wizard (Show other bugs)
All Linux
high Severity low
: ---
: ---
Assigned To: Matthew Harmsen
Chandrasekar Kannan
Depends On:
Blocks: 443788
  Show dependency treegraph
Reported: 2008-04-02 19:12 EDT by Bob Lord
Modified: 2015-01-04 18:31 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-07-22 19:28:07 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
pki/base changes (4.22 KB, patch)
2009-03-03 14:59 EST, Matthew Harmsen
no flags Details | Diff
pki/dogtag changes (4.84 KB, patch)
2009-03-03 15:00 EST, Matthew Harmsen
no flags Details | Diff
pkiremove diffs (892 bytes, patch)
2009-03-04 13:35 EST, Matthew Harmsen
no flags Details | Diff
dogtag spec files (6.96 KB, patch)
2009-03-04 13:35 EST, Matthew Harmsen
no flags Details | Diff

  None (edit)
Description Bob Lord 2008-04-02 19:12:10 EDT
Description of problem:
When you install a new server instance, and configure it using the web-based UI,
the system finishes by printing this message in the browser window:
   Restart the server on the command line by 
   typing "/etc/init.d/pki-ca restart". After 
   performing this restart, the server should 
   become operational. 

It should probably ask the user to type:
   /sbin/service pki-ca restart

Version-Release number of selected component (if applicable):

How reproducible:
Comment 1 Matthew Harmsen 2008-04-03 13:44:31 EDT
Before this gets changed, we must be sure that "service" exists on Solaris as well.
Comment 2 Matthew Harmsen 2008-04-11 17:29:05 EDT
Actually, the change will be to fix the velocity template to encode the proper
Comment 4 Matthew Harmsen 2009-02-26 21:16:21 EST
Raising priority of this for the following reason:

Since the introduction of "SELinux", it is no longer possible to perform a command-line start of Apache modules (e. g. - TPS & RA) if the user attempts to execute these from a non-root directory.

For example:

cd /home/larry (running as root)
/etc/init.d/pki-tps restart
Stopping pki-tps:                                          [  OK  ]
Starting pki-tps:                                          [FAILED]

The log states that the process was unable to change to the "/home/larry" directory at the end, and therefore, the process did not start.

However, performing the following succeeds:

cd /home/larry (running as root)
/sbin/service pki-tps restart
Stopping pki-tps:                                          [  OK  ]
Starting pki-tps:                                          [  OK  ]

PKI service(s) are available at https://glyph.dsdev.sjc.redhat.com:7889

NOTE:  "cd /etc/init.d" first prior to running this command will succeed
       because "/etc/init.d" is owned by root.

Since "service" does not exist on Solaris 9, the velocity templates will need
to be "changeable" programmatically.
Comment 5 Matthew Harmsen 2009-03-03 14:59:37 EST
Created attachment 333917 [details]
pki/base changes
Comment 6 Matthew Harmsen 2009-03-03 15:00:14 EST
Created attachment 333919 [details]
pki/dogtag changes
Comment 8 Andrew Wnuk 2009-03-03 17:00:52 EST
attachment (id=333917)
attachment (id=333919)
+ awnuk
Comment 10 Matthew Harmsen 2009-03-03 17:09:18 EST
% svn status | grep -v ^$ | grep -v ^P | grep -v ^X | grep -v ^?
M      dogtag/tps-ui/shared/docroot/tps/admin/console/config/donepanel.vm
M      dogtag/common-ui/shared/admin/console/config/donepanel.vm
M      dogtag/ra-ui/shared/docroot/ra/admin/console/config/donepanel.vm
M      base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
M      base/setup/pkicreate
M      base/ra/lib/perl/PKI/RA/DonePanel.pm
M      base/tps/lib/perl/PKI/TPS/DonePanel.pm

%svn commit
Sending        base/common/src/com/netscape/cms/servlet/csadmin/DonePanel.java
Sending        base/ra/lib/perl/PKI/RA/DonePanel.pm
Sending        base/setup/pkicreate
Sending        base/tps/lib/perl/PKI/TPS/DonePanel.pm
Sending        dogtag/common-ui/shared/admin/console/config/donepanel.vm
Sending        dogtag/ra-ui/shared/docroot/ra/admin/console/config/donepanel.vm
Sending        dogtag/tps-ui/shared/docroot/tps/admin/console/config/donepanel.vm
Transmitting file data .......
Committed revision 270.
Comment 12 Matthew Harmsen 2009-03-03 17:20:11 EST

When not run as 'root', the following messages appear:

    /sbin/service pki-ca restart
    pki-ca: unrecognized service

    /etc/init.d/pki-ca restart
    bash: /etc/init.d/pki-ca: Permission denied

The old-style "/etc/init.d/<instance>" name was clear about the problem,
while the new "/sbin/service" is unclear.  Therefore, the "DonePanel" of
each subsystem was further enhanced with the following text:

    "As 'root', restart the server on the command line . . ."
Comment 13 Matthew Harmsen 2009-03-04 13:35:20 EST
Created attachment 334025 [details]
pkiremove diffs
Comment 14 Matthew Harmsen 2009-03-04 13:35:55 EST
Created attachment 334026 [details]
dogtag spec files
Comment 17 Andrew Wnuk 2009-03-04 14:01:09 EST
attachment (id=334025)
attachment (id=334026)
Comment 19 Matthew Harmsen 2009-03-04 14:13:00 EST
% svn status | grep -v ^$ | grep -v ^P | grep -v ^X | grep -v ^?
M      dogtag/tps-ui/dogtag-pki-tps-ui.spec
M      dogtag/common/pki-common.spec
M      dogtag/setup/pki-setup.spec
M      dogtag/ra/pki-ra.spec
M      dogtag/common-ui/dogtag-pki-common-ui.spec
M      dogtag/tps/pki-tps.spec
M      dogtag/ra-ui/dogtag-pki-ra-ui.spec
M      base/setup/pkiremove

% svn commit
Sending        base/setup/pkiremove
Sending        dogtag/common/pki-common.spec
Sending        dogtag/common-ui/dogtag-pki-common-ui.spec
Sending        dogtag/ra/pki-ra.spec
Sending        dogtag/ra-ui/dogtag-pki-ra-ui.spec
Sending        dogtag/setup/pki-setup.spec
Sending        dogtag/tps/pki-tps.spec
Sending        dogtag/tps-ui/dogtag-pki-tps-ui.spec
Transmitting file data ........
Committed revision 274.
Comment 21 Jenny Galipeau 2009-06-11 16:32:53 EDT
Verified.  After configuration of all subsystems:

/sbin/service pki-ca restart
/sbin/service pki-ra restart
/sbin/service pki-tks restart
/sbin/service pki-tps restart
/sbin/service pki-ocsp restart
/sbin/service pki-kra restart

Note You need to log in before you can comment on or make changes to this bug.