hadoop/hadoop-common-project/hadoop-kms/src/main/sbin/kms.sh

#!/bin/bash
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#  http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.
#

# resolve links - $0 may be a softlink
PRG="${0}"

while [ -h "${PRG}" ]; do
  ls=`ls -ld "${PRG}"`
  link=`expr "$ls" : '.*-> \(.*\)$'`
  if expr "$link" : '/.*' > /dev/null; then
    PRG="$link"
  else
    PRG=`dirname "${PRG}"`/"$link"
  fi
done

BASEDIR=`dirname ${PRG}`
BASEDIR=`cd ${BASEDIR}/..;pwd`

KMS_SILENT=${KMS_SILENT:-true}

HADOOP_LIBEXEC_DIR="${HADOOP_LIBEXEC_DIR:-${BASEDIR}/libexec}"
source ${HADOOP_LIBEXEC_DIR}/kms-config.sh


if [ "x$JAVA_LIBRARY_PATH" = "x" ]; then
  JAVA_LIBRARY_PATH="${HADOOP_LIBEXEC_DIR}/../lib/native/"
else
  JAVA_LIBRARY_PATH="${HADOOP_LIBEXEC_DIR}/../lib/native/:${JAVA_LIBRARY_PATH}"
fi

# The Java System property 'kms.http.port' it is not used by Kms,
# it is used in Tomcat's server.xml configuration file
#

print "Using   CATALINA_OPTS:       ${CATALINA_OPTS_DISP}"

catalina_opts="-Dproc_kms"
catalina_opts="${catalina_opts} -Dkms.log.dir=${KMS_LOG}"
catalina_opts="${catalina_opts} -Djava.library.path=${JAVA_LIBRARY_PATH}"

print "Adding to CATALINA_OPTS:     ${catalina_opts}"
print "Found KMS_SSL_KEYSTORE_PASS:     `echo ${KMS_SSL_KEYSTORE_PASS} | sed 's/./*/g'`"

export CATALINA_OPTS="${CATALINA_OPTS} ${catalina_opts}"

catalina_init_properties() {
  cp "${CATALINA_BASE}/conf/catalina-default.properties" \
    "${CATALINA_BASE}/conf/catalina.properties"
}

catalina_set_property() {
  local key=$1
  local value=$2
  [[ -z "${value}" ]] && return
  local disp_value="${3:-${value}}"
  print "Setting catalina property ${key} to ${disp_value}"
  echo "${key}=${value}" >> "${CATALINA_BASE}/conf/catalina.properties"
}

if [[ "${1}" = "start" || "${1}" = "run" ]]; then
  catalina_init_properties
  catalina_set_property "kms.home.dir" "${KMS_HOME}"
  catalina_set_property "kms.config.dir" "${KMS_CONFIG}"
  catalina_set_property "kms.temp.dir" "${KMS_TEMP}"
  catalina_set_property "kms.admin.port" "${KMS_ADMIN_PORT}"
  catalina_set_property "kms.http.port" "${KMS_HTTP_PORT}"
  catalina_set_property "kms.protocol" "${KMS_PROTOCOL}"
  catalina_set_property "kms.max.threads" "${KMS_MAX_THREADS}"
  catalina_set_property "kms.accept.count" "${KMS_ACCEPT_COUNT}"
  catalina_set_property "kms.acceptor.thread.count" \
    "${KMS_ACCEPTOR_THREAD_COUNT}"
  catalina_set_property "kms.max.http.header.size" \
    "${KMS_MAX_HTTP_HEADER_SIZE}"
  catalina_set_property "kms.ssl.client.auth" "${KMS_SSL_CLIENT_AUTH}"
  catalina_set_property "kms.ssl.enabled.protocols" \
    "${KMS_SSL_ENABLED_PROTOCOLS}"
  catalina_set_property "kms.ssl.ciphers" "${KMS_SSL_CIPHERS}"
  catalina_set_property "kms.ssl.keystore.file" "${KMS_SSL_KEYSTORE_FILE}"

  # Set a KEYSTORE_PASS if not already set
  KMS_SSL_KEYSTORE_PASS=${KMS_SSL_KEYSTORE_PASS:-password}
  catalina_set_property "kms.ssl.keystore.pass" \
    "${KMS_SSL_KEYSTORE_PASS}" "<redacted>"
fi

# A bug in catalina.sh script does not use CATALINA_OPTS for stopping the server
#
if [ "${1}" = "stop" ]; then
  export JAVA_OPTS=${CATALINA_OPTS}
fi

if [ "${KMS_SILENT}" != "true" ]; then
  exec "${KMS_CATALINA_HOME}/bin/catalina.sh" "$@"
else
  exec "${KMS_CATALINA_HOME}/bin/catalina.sh" "$@" > /dev/null
fi