[Pki-devel] [PATCH] 623 Added pki-audit man page.
Endi Sukma Dewata
edewata at redhat.com
Wed Jul 15 22:13:02 UTC 2015
Thanks for the comments. Please take a look at the updated patch.
On 7/14/2015 12:17 PM, Matthew Harmsen wrote:
> This was a little confusing as the ticket is for a kra-audit man page.
> I think I understand a bit better after reading comment #4,
Yes, the command is removed from all subsystems except TPS because of
the database upgrade requirement.
> however, I
> still have the following questions/comments:
>
> * What is '<TPS admin authentication>', and how does one obtain this?
I added a reference to the Authentication section in pki(1) and an
explanation that the user must be in the Administrators group.
> * The 'pki tps-audit-mod --help' command shows the following:
>
> usage: tps-audit-mod [OPTIONS...]
> --action <action> Action: update (default), enable, disable.
> --help Show help options
> --input <file> Input file containing audit configuration.
> --output <file> Output file to store audit configuration.
>
> where the man page does not talk about the 'update (default)' switch
> for the '--action <action>' option.
>
> One or more EXAMPLES would be nice, although this will probably suffice
> for the first pass at a man page.
To clarify this I created a separate description for each usage:
* pki tps-audit-mod --action <action>
* pki tps-audit-mod --input <file path>
I removed the "update (default)" from the CLI since it can be confusing.
--
Endi S. Dewata
-------------- next part --------------
>From b75b95989b8981b339d13ca89a4e29b0a5191038 Mon Sep 17 00:00:00 2001
From: "Endi S. Dewata" <edewata at redhat.com>
Date: Tue, 30 Jun 2015 11:33:02 -0400
Subject: [PATCH] Added pki-audit man page.
A new man page has been added for the pki <subsystem>-audit CLI.
Due to database upgrade issue, the audit command itself has been
removed from all subsystems except TPS.
https://fedorahosted.org/pki/ticket/1437
---
.../dogtagpki/server/ca/rest/CAApplication.java | 4 -
.../src/com/netscape/certsrv/ca/CAClient.java | 2 -
.../src/com/netscape/certsrv/kra/KRAClient.java | 2 -
.../src/com/netscape/certsrv/ocsp/OCSPClient.java | 2 -
.../src/com/netscape/certsrv/tks/TKSClient.java | 2 -
base/java-tools/man/man1/pki-audit.1 | 104 +++++++++++++++++++++
base/java-tools/man/man1/pki.1 | 10 +-
.../src/com/netscape/cmstools/cli/CACLI.java | 2 -
.../src/com/netscape/cmstools/cli/KRACLI.java | 2 -
.../src/com/netscape/cmstools/cli/OCSPCLI.java | 2 -
.../src/com/netscape/cmstools/cli/TKSCLI.java | 2 -
.../netscape/cmstools/logging/AuditModifyCLI.java | 20 ++--
.../dogtagpki/server/kra/rest/KRAApplication.java | 4 -
.../server/ocsp/rest/OCSPApplication.java | 4 -
.../dogtagpki/server/tks/rest/TKSApplication.java | 4 -
specs/pki-core.spec | 1 +
16 files changed, 126 insertions(+), 41 deletions(-)
create mode 100644 base/java-tools/man/man1/pki-audit.1
diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java b/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java
index 8c6c8cbe54df366a807463f23790eb84ccc30c68..16eae7877059c7dc42479276b3111db1ce7f582d 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/CAApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -32,9 +31,6 @@ public class CAApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(CAInstallerService.class);
diff --git a/base/common/src/com/netscape/certsrv/ca/CAClient.java b/base/common/src/com/netscape/certsrv/ca/CAClient.java
index ff5a0e21491b40649f04cd9ce701041c2b795b14..e1a0a8c02f8a840acbdea924c164020b88557fc4 100644
--- a/base/common/src/com/netscape/certsrv/ca/CAClient.java
+++ b/base/common/src/com/netscape/certsrv/ca/CAClient.java
@@ -23,7 +23,6 @@ import com.netscape.certsrv.cert.CertClient;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.profile.ProfileClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.user.UserClient;
@@ -37,7 +36,6 @@ public class CAClient extends SubsystemClient {
public void init() throws URISyntaxException {
- addClient(new AuditClient(client, name));
addClient(new CertClient(client, name));
addClient(new GroupClient(client, name));
addClient(new ProfileClient(client, name));
diff --git a/base/common/src/com/netscape/certsrv/kra/KRAClient.java b/base/common/src/com/netscape/certsrv/kra/KRAClient.java
index a218501534f6ca72d88fc693798d784c026cee57..1eb102faedf12405c3e9f757b5a96caba8e1bde2 100644
--- a/base/common/src/com/netscape/certsrv/kra/KRAClient.java
+++ b/base/common/src/com/netscape/certsrv/kra/KRAClient.java
@@ -4,7 +4,6 @@ import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
import com.netscape.certsrv.key.KeyClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.system.SystemCertClient;
import com.netscape.certsrv.user.UserClient;
@@ -18,7 +17,6 @@ public class KRAClient extends SubsystemClient {
public void init() throws Exception {
- addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
addClient(new KeyClient(client, name));
addClient(new SelfTestClient(client, name));
diff --git a/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java b/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java
index 6163d48186356ce4d59764ba0560322fbc4f9117..ab85bd2000da6d7c588eee5d8576b0c4032a2061 100644
--- a/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java
+++ b/base/common/src/com/netscape/certsrv/ocsp/OCSPClient.java
@@ -22,7 +22,6 @@ import java.net.URISyntaxException;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.user.UserClient;
@@ -34,7 +33,6 @@ public class OCSPClient extends SubsystemClient {
}
public void init() throws URISyntaxException {
- addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
addClient(new SelfTestClient(client, name));
addClient(new UserClient(client, name));
diff --git a/base/common/src/com/netscape/certsrv/tks/TKSClient.java b/base/common/src/com/netscape/certsrv/tks/TKSClient.java
index 5adde7461fb678dd2d25a890cad5778cd5a810fe..a972241ce6521e9cd92138f2f99088704d7f3d0a 100644
--- a/base/common/src/com/netscape/certsrv/tks/TKSClient.java
+++ b/base/common/src/com/netscape/certsrv/tks/TKSClient.java
@@ -22,7 +22,6 @@ import java.net.URISyntaxException;
import com.netscape.certsrv.client.PKIClient;
import com.netscape.certsrv.client.SubsystemClient;
import com.netscape.certsrv.group.GroupClient;
-import com.netscape.certsrv.logging.AuditClient;
import com.netscape.certsrv.selftests.SelfTestClient;
import com.netscape.certsrv.system.TPSConnectorClient;
import com.netscape.certsrv.user.UserClient;
@@ -35,7 +34,6 @@ public class TKSClient extends SubsystemClient {
}
public void init() throws URISyntaxException {
- addClient(new AuditClient(client, name));
addClient(new GroupClient(client, name));
addClient(new SelfTestClient(client, name));
addClient(new TPSConnectorClient(client, name));
diff --git a/base/java-tools/man/man1/pki-audit.1 b/base/java-tools/man/man1/pki-audit.1
new file mode 100644
index 0000000000000000000000000000000000000000..e1c84885035df9bf831090a916c931b403b53a9c
--- /dev/null
+++ b/base/java-tools/man/man1/pki-audit.1
@@ -0,0 +1,104 @@
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH pki-audit 1 "Jun 30, 2015" "version 10.2" "PKI Audit Management Commands" Dogtag Team
+.\" Please adjust this date whenever revising the man page.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh disable hyphenation
+.\" .hy enable hyphenation
+.\" .ad l left justify
+.\" .ad b justify to both left and right margins
+.\" .nf disable filling
+.\" .fi enable filling
+.\" .br insert line break
+.\" .sp <n> insert n+1 empty lines
+.\" for man page specific macros, see man(7)
+.SH NAME
+pki-audit \- Command-Line Interface for managing Certificate System audit configuration.
+
+.SH SYNOPSIS
+.nf
+\fBpki\fR [CLI options] \fB<subsystem>-audit\fR
+\fBpki\fR [CLI options] \fB<subsystem>-audit-show\fR [command options]
+\fBpki\fR [CLI options] \fB<subsystem>-audit-mod --action <action>\fR [command options]
+\fBpki\fR [CLI options] \fB<subsystem>-audit-mod --input <input file>\fR [command options]
+.fi
+
+.SH DESCRIPTION
+.PP
+The \fBpki-audit\fR commands provide command-line interfaces to manage audit
+configuration in the specified subsystem. Currently the only valid subsystem
+is \fBtps\fR.
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit\fR
+.RS 4
+This command is to list the available audit commands the subsystem.
+.RE
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit-show\fR [command options]
+.RS 4
+This command is to show the audit configuration in the subsystem.
+.RE
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit-mod --action <action>\fR [command options]
+.RS 4
+This command is to the audit status in the subsystem.
+.RE
+.PP
+\fBpki\fR [CLI options] \fB<subsystem>-audit-mod --input <input file>\fR [command options]
+.RS 4
+This command is to modify the audit configuration in the subsystem.
+.RE
+
+.SH OPTIONS
+The CLI options are described in \fBpki\fR(1).
+
+.SH OPERATIONS
+To view available audit commands, type \fBpki <subsystem>-audit\fP. To view
+each command's usage, type \fB pki <subsystem>-audit-<command> \-\-help\fP.
+
+All audit commands must be executed with the subsystem's admin authentication
+(the user must be in the Administrators group). See also the Authentication
+section in \fBpki\fP(1).
+
+.SS Viewing audit configuration
+
+To view the audit configuration in TPS execute the following command:
+
+.B pki <TPS admin authentication> tps-audit-show
+
+To download the audit configuration from TPS into a file execute the following
+command:
+
+.B pki <TPS admin authentication> tps-audit-show --output <output file>
+
+.SS Changing audit status
+
+To enable/disable audit in TPS execute the following command:
+
+.B pki <TPS admin authentication> tps-audit-mod --action <action>
+
+where action is enable or disable.
+
+.SS Modifying audit configuration
+
+To modify the audit configuration in TPS, download the current configuration
+using the above \fBtps-audit-show\fP command, edit the file, then execute the
+following command:
+
+.B pki <TPS admin authentication> tps-audit-mod --input <input file>
+
+Optionally, a --output <output file> option may be specified to download the
+effective configuration after the modification.
+
+.SH AUTHORS
+Endi S. Dewata <edewata at redhat.com>.
+
+.SH COPYRIGHT
+Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General Public
+License, version 2 (GPLv2). A copy of this license is available at
+http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+
+.SH SEE ALSO
+.BR pki(1)
diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1
index 41ee3d3da10adfa77fa94856d9829f5e6c2ecb78..3de8f6e922755f9550d57dcba4695bd5aff1d1ae 100644
--- a/base/java-tools/man/man1/pki.1
+++ b/base/java-tools/man/man1/pki.1
@@ -102,7 +102,9 @@ Alternatively, the connection parameters can be specified as a URI:
where the URI is of the format \fI<protocol>://<hostname>:<port>\fP.
.SS Authentication
-Some commands require authentication. These are commands that are restricted to particular sets of users (such as agents or admins) or those operations involving certificate profiles that require authentication.
+Some commands require authentication. These are commands that are restricted
+to particular sets of users (such as agents or admins) or those operations
+involving certificate profiles that require authentication.
To execute a command without authentication:
@@ -133,7 +135,11 @@ To authenticate with a username by interactively prompting for a password:
Prompting for a user password is not suitable for automated batch processing.
.SS Client Authentication Setup
-A client certificate associated with the desired PKI server must be used for client authentication. This can be done by importing the client certificate into an NSS security database and passing the values to the relevant options provided by the \fBpki\fP CLI framework.
+
+A client certificate associated with the desired PKI server must be used for
+client authentication. This can be done by importing the client certificate
+into an NSS security database and passing the values to the relevant options
+provided by the \fBpki\fP CLI framework.
To achieve this, execute the following commands to set up an NSS security database for use by the \fBpki\fP client, import the client certificate into the NSS database, and list information (including the nickname of the client certificate) stored in the NSS database:
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java b/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java
index 3cb456e5feddd6ca1bee312f21c9fc55269c5143..17fb4866f38f05f7ead02b6145ef7d09140a90c5 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/CACLI.java
@@ -22,7 +22,6 @@ import com.netscape.certsrv.ca.CAClient;
import com.netscape.certsrv.client.Client;
import com.netscape.cmstools.cert.CertCLI;
import com.netscape.cmstools.group.GroupCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.profile.ProfileCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.system.KRAConnectorCLI;
@@ -38,7 +37,6 @@ public class CACLI extends SubsystemCLI {
public CACLI(CLI parent) {
super("ca", "CA management commands", parent);
- addModule(new AuditCLI(this));
addModule(new CertCLI(this));
addModule(new GroupCLI(this));
addModule(new KRAConnectorCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java b/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java
index 3c61cafe3ba7cd7692495886ec696b6075285d61..8a9f789cd1099a9613615f943adad4fd78d2a666 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/KRACLI.java
@@ -22,7 +22,6 @@ import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.kra.KRAClient;
import com.netscape.cmstools.group.GroupCLI;
import com.netscape.cmstools.key.KeyCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.user.UserCLI;
@@ -36,7 +35,6 @@ public class KRACLI extends SubsystemCLI {
public KRACLI(CLI parent) {
super("kra", "KRA management commands", parent);
- addModule(new AuditCLI(this));
addModule(new GroupCLI(this));
addModule(new KeyCLI(this));
addModule(new SelfTestCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java
index 1eea5aad5ce12cb36647f3ef63d93a1e76db503f..3768a48e745e4632d22a755751e137ec40ec6299 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/OCSPCLI.java
@@ -21,7 +21,6 @@ package com.netscape.cmstools.cli;
import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.ocsp.OCSPClient;
import com.netscape.cmstools.group.GroupCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.user.UserCLI;
@@ -35,7 +34,6 @@ public class OCSPCLI extends SubsystemCLI {
public OCSPCLI(CLI parent) {
super("ocsp", "OCSP management commands", parent);
- addModule(new AuditCLI(this));
addModule(new GroupCLI(this));
addModule(new SelfTestCLI(this));
addModule(new UserCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java b/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java
index cfc5d6ab512997b1e5a078c2a35a3c04737d872b..dd4f179c262036b286d3f44526f9a4a8fac2211e 100644
--- a/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/cli/TKSCLI.java
@@ -21,7 +21,6 @@ package com.netscape.cmstools.cli;
import com.netscape.certsrv.client.Client;
import com.netscape.certsrv.tks.TKSClient;
import com.netscape.cmstools.group.GroupCLI;
-import com.netscape.cmstools.logging.AuditCLI;
import com.netscape.cmstools.selftests.SelfTestCLI;
import com.netscape.cmstools.system.TPSConnectorCLI;
import com.netscape.cmstools.user.UserCLI;
@@ -36,7 +35,6 @@ public class TKSCLI extends SubsystemCLI {
public TKSCLI(CLI parent) {
super("tks", "TKS management commands", parent);
- addModule(new AuditCLI(this));
addModule(new GroupCLI(this));
addModule(new SelfTestCLI(this));
addModule(new TPSConnectorCLI(this));
diff --git a/base/java-tools/src/com/netscape/cmstools/logging/AuditModifyCLI.java b/base/java-tools/src/com/netscape/cmstools/logging/AuditModifyCLI.java
index a69eeb52a734a15b2d933c73385d33b3d5f69434..ab9f821b3873787f7e46afa33f2ac94077b694dc 100644
--- a/base/java-tools/src/com/netscape/cmstools/logging/AuditModifyCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/logging/AuditModifyCLI.java
@@ -18,13 +18,12 @@
package com.netscape.cmstools.logging;
-import java.util.Arrays;
-
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.PrintWriter;
import java.io.StringWriter;
+import java.util.Arrays;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.Option;
@@ -52,7 +51,7 @@ public class AuditModifyCLI extends CLI {
}
public void createOptions() {
- Option option = new Option(null, "action", true, "Action: update (default), enable, disable.");
+ Option option = new Option(null, "action", true, "Action: enable, disable.");
option.setArgName("action");
options.addOption(option);
@@ -92,16 +91,16 @@ public class AuditModifyCLI extends CLI {
System.exit(-1);
}
- String action = cmd.getOptionValue("action", "update");
+ String action = cmd.getOptionValue("action");
String input = cmd.getOptionValue("input");
String output = cmd.getOptionValue("output");
AuditConfig auditConfig;
- if (action.equals("update")) {
+ if (action == null) { // modify audit configuration
if (input == null) {
- System.err.println("Error: Input file is required.");
+ System.err.println("Error: Missing action or input file.");
printHelp();
System.exit(-1);
}
@@ -120,7 +119,14 @@ public class AuditModifyCLI extends CLI {
auditConfig = auditCLI.auditClient.updateAuditConfig(auditConfig);
- } else { // other actions
+ } else { // change audit status
+
+ if (input != null) {
+ System.err.println("Error: Action and input file are mutually exclusive.");
+ printHelp();
+ System.exit(-1);
+ }
+
auditConfig = auditCLI.auditClient.changeAuditStatus(action);
}
diff --git a/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java b/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java
index 6244270c032d20112ceef49a5e4827ca366f84c2..773d8dd19e595d3153aa15e5cb53522d399595c6 100644
--- a/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java
+++ b/base/kra/src/org/dogtagpki/server/kra/rest/KRAApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -32,9 +31,6 @@ public class KRAApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(KRAInstallerService.class);
diff --git a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java
index 8d6e4a983e5642ecf882275bb4dee65a1f8b0950..99fefaeda0ef2c8694960a4a3fe89f613d3dc262 100644
--- a/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java
+++ b/base/ocsp/src/org/dogtagpki/server/ocsp/rest/OCSPApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -32,9 +31,6 @@ public class OCSPApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(OCSPInstallerService.class);
diff --git a/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java b/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java
index ca19e38d88fbb26511e53f5d10d841097e99a049..278076d13938a18d59e91964a4ed3c1a197c3548 100644
--- a/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java
+++ b/base/tks/src/org/dogtagpki/server/tks/rest/TKSApplication.java
@@ -7,7 +7,6 @@ import javax.ws.rs.core.Application;
import org.dogtagpki.server.rest.ACLInterceptor;
import org.dogtagpki.server.rest.AccountService;
-import org.dogtagpki.server.rest.AuditService;
import org.dogtagpki.server.rest.AuthMethodInterceptor;
import org.dogtagpki.server.rest.GroupService;
import org.dogtagpki.server.rest.MessageFormatInterceptor;
@@ -27,9 +26,6 @@ public class TKSApplication extends Application {
// account
classes.add(AccountService.class);
- // audit
- classes.add(AuditService.class);
-
// installer
classes.add(TKSInstallerService.class);
diff --git a/specs/pki-core.spec b/specs/pki-core.spec
index 148c90734a0103b21b3d3984586d42bc3da3cede..b61287f60898cd37af068b541f1a3abd180de258 100644
--- a/specs/pki-core.spec
+++ b/specs/pki-core.spec
@@ -840,6 +840,7 @@ systemctl daemon-reload
%{_javadir}/pki/pki-tools.jar
%{_datadir}/pki/java-tools/
%{_mandir}/man1/pki.1.gz
+%{_mandir}/man1/pki-audit.1.gz
%{_mandir}/man1/pki-cert.1.gz
%{_mandir}/man1/pki-client.1.gz
%{_mandir}/man1/pki-group.1.gz
--
1.9.3
More information about the Pki-devel
mailing list