[Engine-patches] Change in ovirt-engine[master]: packaging: Add support for custom java.security

Thu, 28 Nov 2013 04:10:08 -0800 

Juan Hernandez has uploaded a new change for review.

Change subject: packaging: Add support for custom java.security
......................................................................

packaging: Add support for custom java.security

Currently we don't have any mechanism to modify the java.security
properties other than modifying the java.security file inside the
${JAVA_HOME}/lib/security directory. This patch modifies the service
script so that it will check if a custom java.security file exists in
the /etc/ovirt-engine directory. If it exists the following property
will be added to the Java virtual machine:

  -Djava.security.properties=/etc/ovirt-engine/java.security

The properties inside this file override those in the default file used
by the Java virtual machine.

The patch also adds an empty /etc/ovirt-engine/java.security file.

Change-Id: I0b102dd1c0ccbd6e73f24598b13319e1d3640086
Bug-Url: https://bugzilla.redhat.com/1028966
Signed-off-by: Juan Hernandez <juan.hernan...@redhat.com>
---
M ovirt-engine.spec.in
A packaging/etc/java.security
M packaging/services/ovirt-engine/ovirt-engine.py
3 files changed, 15 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/26/21826/1

diff --git a/ovirt-engine.spec.in b/ovirt-engine.spec.in
index ef0907b..39a0362 100644
--- a/ovirt-engine.spec.in
+++ b/ovirt-engine.spec.in
@@ -703,6 +703,7 @@
 
 %files
 
+%config(noreplace) %{engine_etc}/java.security
 %dir %attr(-, %{engine_user}, %{engine_group}) %{engine_cache}
 %dir %attr(-, %{engine_user}, %{engine_group}) %{engine_log}
 %dir %attr(-, %{engine_user}, %{engine_group}) %{engine_log}/dump
diff --git a/packaging/etc/java.security b/packaging/etc/java.security
new file mode 100644
index 0000000..b1b0ba8
--- /dev/null
+++ b/packaging/etc/java.security
@@ -0,0 +1,4 @@
+#
+# Use this file if you need to change any of the properties that will usually
+# go in the ${JAVA_HOME}/lib/security/java.security file.
+# 
diff --git a/packaging/services/ovirt-engine/ovirt-engine.py 
b/packaging/services/ovirt-engine/ovirt-engine.py
index 8e53194..715b97d 100755
--- a/packaging/services/ovirt-engine/ovirt-engine.py
+++ b/packaging/services/ovirt-engine/ovirt-engine.py
@@ -356,6 +356,16 @@
             '-Djava.awt.headless=true',
         ])
 
+        # If a custom java.security file exits then use it:
+        javaSecurityFile = os.path.join(
+            self._config.get('ENGINE_ETC'),
+            'java.security',
+        )
+        if os.path.exists(javaSecurityFile):
+            self._engineArgs.extend([
+                '-Djava.security.properties=%s' % javaSecurityFile
+            ])
+
         # Add extra system properties provided in the configuration:
         for engineProperty in shlex.split(
             self._config.get('ENGINE_PROPERTIES')


-- 
To view, visit http://gerrit.ovirt.org/21826
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I0b102dd1c0ccbd6e73f24598b13319e1d3640086
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Juan Hernandez <juan.hernan...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to