Pass flag to skip restart of units for certificate object
During bootup Certificate objects are created by
loading the existing certificates in the system.
At present system is restarting/reloading units
after a certificate object is created, but the
units to restart/reload might not be up yet
causing failure.
Reloading of services is required only when a new
certificate is installed/replaced onto the system.
Modified to not to reload the specified units for
the certificate objects created for existing
certificates in the system.
Change-Id: I211a8386de1a5aa0a42d11cb89945bafa6792ba4
Signed-off-by: Marri Devender Rao <devenrao@in.ibm.com>
diff --git a/certificate.cpp b/certificate.cpp
index 15f9367..3ae85a1 100644
--- a/certificate.cpp
+++ b/certificate.cpp
@@ -71,7 +71,8 @@
const CertificateType& type,
const UnitsToRestart& unit,
const CertInstallPath& installPath,
- const CertUploadPath& uploadPath) :
+ const CertUploadPath& uploadPath,
+ bool isSkipUnitReload) :
CertIfaces(bus, objPath.c_str(), true),
bus(bus), objectPath(objPath), certType(type), unitToRestart(unit),
certInstallPath(installPath)
@@ -86,7 +87,7 @@
typeFuncMap[SERVER] = installHelper;
typeFuncMap[CLIENT] = installHelper;
typeFuncMap[AUTHORITY] = [](auto filePath) {};
- install(uploadPath);
+ install(uploadPath, isSkipUnitReload);
this->emit_object_added();
}
@@ -105,10 +106,10 @@
void Certificate::replace(const std::string filePath)
{
- install(filePath);
+ install(filePath, false);
}
-void Certificate::install(const std::string& filePath)
+void Certificate::install(const std::string& filePath, bool isSkipUnitReload)
{
log<level::INFO>("Certificate install ",
entry("FILEPATH=%s", filePath.c_str()));
@@ -258,10 +259,14 @@
entry("DST=%s", certInstallPath.c_str()));
elog<InternalFailure>();
}
- // restart the units
- if (!unitToRestart.empty())
+
+ if (!isSkipUnitReload)
{
- reloadOrReset(unitToRestart);
+ // restart the units
+ if (!unitToRestart.empty())
+ {
+ reloadOrReset(unitToRestart);
+ }
}
// Parse the certificate file and populate properties
diff --git a/certificate.hpp b/certificate.hpp
index 6fbef52..46371bb 100644
--- a/certificate.hpp
+++ b/certificate.hpp
@@ -61,11 +61,12 @@
* @param[in] unit - Units to restart after a certificate is installed
* @param[in] installPath - Path of the certificate to install
* @param[in] uploadPath - Path of the certificate file to upload
+ * @param[in] isSkipUnitReload - If true do not restart units
*/
Certificate(sdbusplus::bus::bus& bus, const std::string& objPath,
const CertificateType& type, const UnitsToRestart& unit,
const CertInstallPath& installPath,
- const CertUploadPath& uploadPath);
+ const CertUploadPath& uploadPath, bool isSkipUnitReload);
/** @brief Validate certificate and replace the existing certificate
* @param[in] filePath - Certificate file path.
@@ -77,8 +78,9 @@
* Install/Replace the existing certificate file with another
* (possibly CA signed) Certificate file.
* @param[in] filePath - Certificate file path.
+ * @param[in] isSkipUnitReload - If true do not restart units
*/
- void install(const std::string& filePath);
+ void install(const std::string& filePath, bool isSkipUnitReload);
/** @brief Load Certificate file into the X509 structre.
* @param[in] fileName - Certificate and key full file path.
diff --git a/certs_manager.cpp b/certs_manager.cpp
index ea19fcd..2a90589 100644
--- a/certs_manager.cpp
+++ b/certs_manager.cpp
@@ -38,7 +38,7 @@
auto certObjectPath = objectPath + '/' + '1';
certificatePtr = std::make_unique<Certificate>(
bus, certObjectPath, certType, unitToRestart, certInstallPath,
- certInstallPath);
+ certInstallPath, true);
}
catch (const InternalFailure& e)
{
@@ -65,9 +65,9 @@
elog<NotAllowed>(Reason("Certificate already exist"));
}
auto certObjectPath = objectPath + '/' + '1';
- certificatePtr =
- std::make_unique<Certificate>(bus, certObjectPath, certType,
- unitToRestart, certInstallPath, filePath);
+ certificatePtr = std::make_unique<Certificate>(
+ bus, certObjectPath, certType, unitToRestart, certInstallPath, filePath,
+ false);
}
void Manager::delete_()
diff --git a/test/certs_manager_test.cpp b/test/certs_manager_test.cpp
index 7b318d7..9fd7110 100644
--- a/test/certs_manager_test.cpp
+++ b/test/certs_manager_test.cpp
@@ -114,7 +114,7 @@
UnitsToRestart verifyUnit(unit);
auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Certificate certificate(bus, objPath, type, unit, installPath,
- certificateFile);
+ certificateFile, false);
EXPECT_TRUE(fs::exists(verifyPath));
}
@@ -130,7 +130,7 @@
UnitsToRestart verifyUnit(unit);
auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Certificate certificate(bus, objPath, type, unit, installPath,
- certificateFile);
+ certificateFile, false);
EXPECT_TRUE(fs::exists(verifyPath));
}
@@ -146,7 +146,7 @@
UnitsToRestart verifyUnit(unit);
auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Certificate certificate(bus, objPath, type, unit, installPath,
- certificateFile);
+ certificateFile, false);
EXPECT_TRUE(fs::exists(verifyPath));
}
@@ -162,7 +162,7 @@
UnitsToRestart verifyUnit(unit);
auto objPath = std::string(OBJPATH) + '/' + type + '/' + endpoint;
Certificate certificate(bus, objPath, type, unit, installPath,
- certificateFile);
+ certificateFile, false);
EXPECT_TRUE(fs::exists(verifyPath));
EXPECT_TRUE(compareFiles(verifyPath, certificateFile));
}
@@ -184,7 +184,7 @@
try
{
Certificate certificate(bus, objPath, type, unit, installPath,
- uploadFile);
+ uploadFile, false);
}
catch (const InternalFailure& e)
{
@@ -215,7 +215,7 @@
try
{
Certificate certificate(bus, objPath, type, unit, installPath,
- emptyFile);
+ emptyFile, false);
}
catch (const InvalidCertificate& e)
{
@@ -251,7 +251,7 @@
try
{
Certificate certificate(bus, objPath, type, unit, installPath,
- certificateFile);
+ certificateFile, false);
}
catch (const InvalidCertificate& e)
{
@@ -361,7 +361,7 @@
try
{
Certificate certificate(bus, objPath, type, unit, installPath,
- certificateFile);
+ certificateFile, false);
}
catch (const InvalidCertificate& e)
{
@@ -389,7 +389,7 @@
try
{
Certificate certificate(bus, objPath, type, unit, installPath,
- keyFile);
+ keyFile, false);
}
catch (const InvalidCertificate& e)
{