diff --git a/grouper-midpoint/mp-gr/midpoint-server/Dockerfile b/grouper-midpoint/mp-gr/midpoint-server/Dockerfile index 21f0451..3f1c43e 100644 --- a/grouper-midpoint/mp-gr/midpoint-server/Dockerfile +++ b/grouper-midpoint/mp-gr/midpoint-server/Dockerfile @@ -14,7 +14,7 @@ RUN yum -y install zulu-8 RUN yum -y install supervisor COPY container_files/supervisor/supervisord.conf /etc/supervisord.conf -RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem +RUN rm /etc/shibboleth/sp-key.pem /etc/shibboleth/sp-cert.pem /etc/httpd/conf.d/ssl.conf COPY container_files/httpd/conf/* /etc/httpd/conf.d/ COPY container_files/httpd/possible-conf/* /etc/httpd/possible-conf/ @@ -24,8 +24,8 @@ COPY container_files/usr-local-bin/ /usr/local/bin/ RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \ && sed -i 's/LogFormat "/LogFormat "httpd;access_log;%{ENV}e;%{USERTOKEN}e;/g' /etc/httpd/conf/httpd.conf \ && echo -e "\nErrorLogFormat \"httpd;error_log;%{ENV}e;%{USERTOKEN}e;[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i\"" >> /etc/httpd/conf/httpd.conf \ - && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \ - && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/tmp\/logpipe"/g' /etc/httpd/conf/httpd.conf \ + && sed -i 's/CustomLog "logs\/access_log"/CustomLog "\/dev\/fd\/1"/g' /etc/httpd/conf/httpd.conf \ + && sed -i 's/ErrorLog "logs\/error_log"/ErrorLog "\/dev\/fd\/1"/g' /etc/httpd/conf/httpd.conf \ && echo -e "\nPassEnv ENV" >> /etc/httpd/conf/httpd.conf \ && echo -e "\nPassEnv USERTOKEN" >> /etc/httpd/conf/httpd.conf diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/httpd/conf/ssl.conf b/grouper-midpoint/mp-gr/midpoint-server/container_files/httpd/conf/ssl.conf new file mode 100644 index 0000000..ccc067c --- /dev/null +++ b/grouper-midpoint/mp-gr/midpoint-server/container_files/httpd/conf/ssl.conf @@ -0,0 +1,6 @@ +SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog +SSLSessionCache shmcb:/run/httpd/sslcache(512000) +SSLSessionCacheTimeout 300 +SSLRandomSeed startup file:/dev/urandom 256 +SSLRandomSeed connect builtin +SSLCryptoDevice builtin diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/native.logger b/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/native.logger index 0b01f32..814812f 100644 --- a/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/native.logger +++ b/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/native.logger @@ -28,12 +28,12 @@ log4j.category.XMLTooling.libcurl=INFO # define the appender log4j.appender.native_log=org.apache.log4j.FileAppender -log4j.appender.native_log.fileName=/tmp/logpipe +log4j.appender.native_log.fileName=/dev/fd/6 log4j.appender.native_log.layout=org.apache.log4j.PatternLayout log4j.appender.native_log.layout.ConversionPattern=shibd;native.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n log4j.appender.warn_log=org.apache.log4j.FileAppender -log4j.appender.warn_log.fileName=/tmp/logpipe +log4j.appender.warn_log.fileName=/dev/fd/7 log4j.appender.warn_log.layout=org.apache.log4j.PatternLayout log4j.appender.warn_log.layout.ConversionPattern=shibd;native_warn.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n log4j.appender.warn_log.threshold=WARN diff --git a/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/shibd.logger b/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/shibd.logger index c5685b2..d91e25e 100644 --- a/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/shibd.logger +++ b/grouper-midpoint/mp-gr/midpoint-server/container_files/shibboleth/shibd.logger @@ -42,18 +42,18 @@ log4j.additivity.Shibboleth-TRANSACTION=false # define the appenders log4j.appender.shibd_log=org.apache.log4j.FileAppender -log4j.appender.shibd_log.fileName=/tmp/logpipe +log4j.appender.shibd_log.fileName=/dev/fd/3 log4j.appender.shibd_log.maxFileSize=0 log4j.appender.shibd_log.layout=org.apache.log4j.PatternLayout log4j.appender.shibd_log.layout.ConversionPattern=shibd;shibd.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n log4j.appender.tran_log=org.apache.log4j.FileAppender -log4j.appender.tran_log.fileName=/tmp/logpipe +log4j.appender.tran_log.fileName=/dev/fd/4 log4j.appender.tran_log.maxFileSize=0 log4j.appender.tran_log.layout=org.apache.log4j.PatternLayout log4j.appender.tran_log.layout.ConversionPattern=shibd;transaction.log;${ENV};${USERTOKEN};%d{%Y-%m-%d %H:%M:%S} %p %c %x: %m%n log4j.appender.sig_log=org.apache.log4j.FileAppender -log4j.appender.sig_log.fileName=/tmp/logpipe +log4j.appender.sig_log.fileName=/dev/fd/5 log4j.appender.sig_log.layout=org.apache.log4j.PatternLayout log4j.appender.sig_log.layout.ConversionPattern=shibd;signature.log;${ENV};${USERTOKEN};%m