[Pki-devel] [PATCH] 623 Added pki-audit man page.
Endi Sukma Dewata
edewata at redhat.com
Wed Jul 1 04:18:42 UTC 2015
A new man page has been added for the pki <subsystem>-audit CLI.
Due to database upgrade issue, the audit command itself has been
removed from all subsystems except TPS.
https://fedorahosted.org/pki/ticket/1437
--
Endi S. Dewata
-------------- next part --------------
From 315f78fb31030b43a408a0402b7f1795a1f259de Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Tue, 30 Jun 2015 11:33:02 -0400
Subject: [PATCH] Added pki-audit man page.
A new man page has been added for the pki <subsystem>-audit CLI.
Due to database upgrade issue, the audit command itself has been
removed from all subsystems except TPS.
https://fedorahosted.org/pki/ticket/1437
---
.../dogtagpki/server/ca/rest/CAApplication.java | 4 -
.../src/com/netscape/certsrv/ca/CAClient.java | 2 -
.../src/com/netscape/certsrv/kra/KRAClient.java | 2 -
.../src/com/netscape/certsrv/ocsp/OCSPClient.java | 2 -
.../src/com/netscape/certsrv/tks/TKSClient.java | 2 -
base/java-tools/man/man1/pki-audit.1 | 88 ++++++++++++++++++++++
.../src/com/netscape/cmstools/cli/CACLI.java | 2 -
.../src/com/netscape/cmstools/cli/KRACLI.java | 2 -
.../src/com/netscape/cmstools/cli/OCSPCLI.java | 2 -
.../src/com/netscape/cmstools/cli/TKSCLI.java | 2 -
.../dogtagpki/server/kra/rest/KRAApplication.java | 4 -
.../server/ocsp/rest/OCSPApplication.java | 4 -
.../dogtagpki/server/tks/rest/TKSApplication.java | 4 -
specs/pki-core.spec | 1 +
14 files changed, 89 insertions(+), 32 deletions(-)
create mode 100644 base/java-tools/man/man1/pki-audit.1
diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java b/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java
index 8c6c8cbe54df366a807463f23790eb84ccc30c68..16eae7877059c7dc42479276b3111db1ce7f582d 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -32,9 +31,6 @@ public class CAApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(CAInstallerService.class);
diff --git a/base/common/src/com/netscape/certsrv/ca/CAClient.java b/base/common/src/com/netscape/certsrv/ca/CAClient.java
index ff5a0e21491b40649f04cd9ce701041c2b795b14..e1a0a8c02f8a840acbdea924c164020b88557fc4 100644
--- a/base/common/src/com/netscape/certsrv/ca/CAClient.java
+++ b/base/common/src/com/netscape/certsrv/ca/CAClient.java
@@ -23,7 +23,6 @@ import com.netscape.certsrv.cert.CertClient;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.profile.ProfileClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.user.UserClient;
@@ -37,7 +36,6 @@ public class CAClient extends SubsystemClient {
public void init() throws URISyntaxException {
- addClient(new AuditClient(client, name));
addClient(new CertClient(client, name));
addClient(new GroupClient(client, name));
addClient(new ProfileClient(client, name));
diff --git a/base/common/src/com/netscape/certsrv/kra/KRAClient.java b/base/common/src/com/netscape/certsrv/kra/KRAClient.java
index a218501534f6ca72d88fc693798d784c026cee57..1eb102faedf12405c3e9f757b5a96caba8e1bde2 100644
--- a/base/common/src/com/netscape/certsrv/kra/KRAClient.java
+++ b/base/common/src/com/netscape/certsrv/kra/KRAClient.java
@@ -4,7 +4,6 @@ import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
import com.netscape.certsrv.key.KeyClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.system.SystemCertClient;
import com.netscape.certsrv.user.UserClient;
@@ -18,7 +17,6 @@ public class KRAClient extends SubsystemClient {
public void init() throws Exception {
- addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
addClient(new KeyClient(client, name));
addClient(new SelfTestClient(client, name));
diff --git a/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java b/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java
index 6163d48186356ce4d59764ba0560322fbc4f9117..ab85bd2000da6d7c588eee5d8576b0c4032a2061 100644
--- a/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java
+++ b/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java
@@ -22,7 +22,6 @@ import java.net.URISyntaxException;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.user.UserClient;
@@ -34,7 +33,6 @@ public class OCSPClient extends SubsystemClient {
}
public void init() throws URISyntaxException {
- addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
addClient(new SelfTestClient(client, name));
addClient(new UserClient(client, name));
diff --git a/base/common/src/com/netscape/certsrv/tks/TKSClient.java b/base/common/src/com/netscape/certsrv/tks/TKSClient.java
index 5adde7461fb678dd2d25a890cad5778cd5a810fe..a972241ce6521e9cd92138f2f99088704d7f3d0a 100644
--- a/base/common/src/com/netscape/certsrv/tks/TKSClient.java
+++ b/base/common/src/com/netscape/certsrv/tks/TKSClient.java
@@ -22,7 +22,6 @@ import java.net.URISyntaxException;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.system.TPSConnectorClient;
import com.netscape.certsrv.user.UserClient;
@@ -35,7 +34,6 @@ public class TKSClient extends SubsystemClient {
}
public void init() throws URISyntaxException {
- addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
addClient(new SelfTestClient(client, name));
addClient(new TPSConnectorClient(client, name));
diff --git a/base/java-tools/man/man1/pki-audit.1 b/base/java-tools/man/man1/pki-audit.1
new file mode 100644
index 0000000000000000000000000000000000000000..7ea9258e2339473e848c37140ee6de25f55f5fcb
--- /dev/null
+++ b/base/java-tools/man/man1/pki-audit.1
@@ -0,0 +1,88 @@
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH pki-audit 1 "Jun 30, 2015" "version 10.2" "PKI Audit Management Commands" Dogtag Team
+.\" Please adjust this date whenever revising the man page.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for man page specific macros, see man(7)
+.SH NAME
+pki-audit \- Command-Line Interface for managing Certificate System audit configuration.
+
+.SH SYNOPSIS
+.nf
+\fBpki\fR [CLI options] \fB<subsystem>-audit\fR
+\fBpki\fR [CLI options] \fB<subsystem>-audit-show\fR [command options]
+\fBpki\fR [CLI options] \fB<subsystem>-audit-mod\fR [command options]
+.fi
+
+.SH DESCRIPTION
+.PP
+The \fBpki-audit\fR commands provide command-line interfaces to manage audit
+configuration in the specified subsystem. Currently the only valid subsystem
+is \fBtps\fR.
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit\fR
+.RS 4
+This command is to list the available audit commands the subsystem.
+.RE
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit-show\fR [command options]
+.RS 4
+This command is to show the audit configuration in the subsystem.
+.RE
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit-mod\fR [command options]
+.RS 4
+This command is to modify the audit configuration in the subsystem.
+.RE
+
+.SH OPTIONS
+The CLI options are described in \fBpki\fR(1).
+
+.SH OPERATIONS
+To view available audit commands, type \fBpki <subsystem>-audit\fP. To view
+each command's usage, type \fB pki <subsystem>-audit-<command> \-\-help\fP.
+
+All audit commands must be executed as the subsystem administrator.
+
+For example, to show the audit configuration in TPS execute the following
+command:
+
+.B pki <TPS admin authentication> tps-audit-show
+
+To download the audit configuration from TPS into a file execute the following
+command:
+
+.B pki <TPS admin authentication> tps-audit-show --output <output file>
+
+To enable/disable audit in TPS execute the following command:
+
+.B pki <TPS admin authentication> tps-audit-mod --action <action>
+
+where action is enable or disable.
+
+To modify the audit configuration in TPS, download the current configuration
+using the above tps-audit-show command, edit the file, then execute the
+following command:
+
+.B pki <TPS admin authentication> tps-audit-mod --input <input file>
+
+Optionally, a --output <output file> option may be specified to download the
+effective configuration after the modification.
+
+.SH AUTHORS
+Endi S. Dewata <edewata at redhat.com>.
+
+.SH COPYRIGHT
+Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General Public
+License, version 2 (GPLv2). A copy of this license is available at
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java b/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java
index 3cb456e5feddd6ca1bee312f21c9fc55269c5143..17fb4866f38f05f7ead02b6145ef7d09140a90c5 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java
@@ -22,7 +22,6 @@ import com.netscape.certsrv.ca.CAClient;
import com.netscape.certsrv.client.Client;
import com.netscape.cmstools.cert.CertCLI;
import com.netscape.cmstools.group.GroupCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.profile.ProfileCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.system.KRAConnectorCLI;
@@ -38,7 +37,6 @@ public class CACLI extends SubsystemCLI {
public CACLI(CLI parent) {
super("ca", "CA management commands", parent);
- addModule(new AuditCLI(this));
addModule(new CertCLI(this));
addModule(new GroupCLI(this));
addModule(new KRAConnectorCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java b/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java
index 3c61cafe3ba7cd7692495886ec696b6075285d61..8a9f789cd1099a9613615f943adad4fd78d2a666 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java
@@ -22,7 +22,6 @@ import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.kra.KRAClient;
import com.netscape.cmstools.group.GroupCLI;
import com.netscape.cmstools.key.KeyCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.user.UserCLI;
@@ -36,7 +35,6 @@ public class KRACLI extends SubsystemCLI {
public KRACLI(CLI parent) {
super("kra", "KRA management commands", parent);
- addModule(new AuditCLI(this));
addModule(new GroupCLI(this));
addModule(new KeyCLI(this));
addModule(new SelfTestCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java
index 1eea5aad5ce12cb36647f3ef63d93a1e76db503f..3768a48e745e4632d22a755751e137ec40ec6299 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java
@@ -21,7 +21,6 @@ package com.netscape.cmstools.cli;
import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.ocsp.OCSPClient;
import com.netscape.cmstools.group.GroupCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.user.UserCLI;
@@ -35,7 +34,6 @@ public class OCSPCLI extends SubsystemCLI {
public OCSPCLI(CLI parent) {
super("ocsp", "OCSP management commands", parent);
- addModule(new AuditCLI(this));
addModule(new GroupCLI(this));
addModule(new SelfTestCLI(this));
addModule(new UserCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java
index cfc5d6ab512997b1e5a078c2a35a3c04737d872b..dd4f179c262036b286d3f44526f9a4a8fac2211e 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java
@@ -21,7 +21,6 @@ package com.netscape.cmstools.cli;
import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.tks.TKSClient;
import com.netscape.cmstools.group.GroupCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.system.TPSConnectorCLI;
import com.netscape.cmstools.user.UserCLI;
@@ -36,7 +35,6 @@ public class TKSCLI extends SubsystemCLI {
public TKSCLI(CLI parent) {
super("tks", "TKS management commands", parent);
- addModule(new AuditCLI(this));
addModule(new GroupCLI(this));
addModule(new SelfTestCLI(this));
addModule(new TPSConnectorCLI(this));
diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java b/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java
index 6244270c032d20112ceef49a5e4827ca366f84c2..773d8dd19e595d3153aa15e5cb53522d399595c6 100644
--- a/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java
+++ b/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -32,9 +31,6 @@ public class KRAApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(KRAInstallerService.class);
diff --git a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java
index 8d6e4a983e5642ecf882275bb4dee65a1f8b0950..99fefaeda0ef2c8694960a4a3fe89f613d3dc262 100644
--- a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java
+++ b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -32,9 +31,6 @@ public class OCSPApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(OCSPInstallerService.class);
diff --git a/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java b/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java
index ca19e38d88fbb26511e53f5d10d841097e99a049..278076d13938a18d59e91964a4ed3c1a197c3548 100644
--- a/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java
+++ b/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -27,9 +26,6 @@ public class TKSApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(TKSInstallerService.class);
diff --git a/specs/pki-core.spec b/specs/pki-core.spec
index 7e94f281711c9cfb25e94a81e905993702e32d7e..cb125d163764971deb1beb28be0905ef8b263b6b 100644
--- a/specs/pki-core.spec
+++ b/specs/pki-core.spec
@@ -840,6 +840,7 @@ systemctl daemon-reload
%{_javadir}/pki/pki-tools.jar
%{_datadir}/pki/java-tools/
%{_mandir}/man1/pki.1.gz
+%{_mandir}/man1/pki-audit.1.gz
%{_mandir}/man1/pki-cert.1.gz
%{_mandir}/man1/pki-client.1.gz
%{_mandir}/man1/pki-group.1.gz
--
1.9.3
More information about the Pki-devel
mailing list