Added checks for rocky 9 install

HIRS_AttestationCAPortal/build.gradle

@@ -87,12 +87,12 @@ test {
     useJUnitPlatform()
 }
 
-build {
-  doFirst{
+task buildVersion() {
+    doLast {
         def verFile = new File(projectDir, "build/VERSION")
         verFile.write("${jarVersion}")
-        }
- }
+    }
+}
 
 ospackage {
     packageName = 'HIRS_AttestationCA'
@@ -127,23 +127,24 @@ ospackage {
          user 'root'
          fileMode = 0755 
     }
-    
+
     // Uninstall
     preUninstall 'bash /opt/hirs/aca/scripts/aca/aca_remove_setup.sh'
-    postUninstall 'rm -rf /etc/hirs'
-    postUninstall 'rm -rf /opt/hirs'
+    //postUninstall 'rm -rf /etc/hirs'
+    //postUninstall 'rm -rf /opt/hirs'
 
     buildRpm {
-        dependsOn  ':build'
+        dependsOn  ':HIRS_AttestationCAPortal:buildVersion'
         dependsOn  ':HIRS_AttestationCAPortal:bootWar'
         arch = X86_64
         // Required apps will be aut installed by dnf if not present
         requires('java-17-openjdk', '17.0', GREATER | EQUAL)
         requires('mariadb-server' , '10.3' , GREATER | EQUAL)
         requires('procps-ng', '3.3.15', GREATER | EQUAL)
-         
+        requires('alternatives', '1.19', GREATER | EQUAL)
         // Post Trans stage (Occurs after required app and postInstall stage)
         // Note postInstall wont wait forrequired apps
+        postTrans 'update-alternatives --set java java-17-openjdk.x86_64'
         postTrans 'bash /opt/hirs/aca/scripts/aca/aca_setup.sh -u'
         postTrans '/opt/hirs/aca/scripts/aca/aca_bootRun.sh -w &'
         // add chrontab to run ACA at boot
@@ -155,7 +156,7 @@ ospackage {
     }
 
     buildDeb {
-        dependsOn  ':build'
+        dependsOn  ':HIRS_AttestationCAPortal:buildVersion'
         dependsOn  ':HIRS_AttestationCAPortal:bootWar'
         packageName = 'hirs-attestationca'
         arch = 'amd64'

package/scripts/aca/aca_bootRun.sh

@@ -127,7 +127,7 @@ WEB_TLS_PARAMS="--server.ssl.key-store-password=$hirs_pki_password \
 
 if [ -z "$USE_WAR" ]; then
   echo "Booting the ACA from local build..."
- # ./gradlew bootRun --args="$CONNECTOR_PARAMS$WEB_TLS_PARAMS"
+ # ./gradlew bootRun --args="$CONNECTOR_PARAMS$WEB_TLS_PARAMS"  
 ./gradlew bootRun --args="--spring.config.location=$SPRING_PROP_FILE"
 else
   echo "Booting the ACA from a war file..."

package/scripts/aca/aca_check_setup.sh

@@ -83,8 +83,11 @@ echo "Checking HIRS ACA Setup on this device..."
     elif [ $ID = 'ubuntu' ]; then
      echo "Ubuntu distro detected"
      dpkg -l "hirs-attestationca" > /dev/null
+    elif [ $ID = 'rocky' ]; then
+     echo "Rocky distro detected"
+     rpm -q --quiet HIRS_AttestationCA
    else
-    echo "Unsupported OS Distro encountered"
+    echo "$ID OS distro encountered"
   fi
   if [ $? -eq 0 ]; then
       echo "HIRS ACA was installed via an OS package on this device"
@@ -102,7 +105,7 @@ echo "Checking HIRS ACA Setup on this device..."
       check_db_cleared
       echo "  $CERT_PATH directory does not exist."
       echo " Exiting..."
-      echo "Please run aca_setup.sh and try again"
+      echo "Please run aca_setup.sh or dnf/apt-get install HIRS_AttestationCA* and try again."
       exit 1;
   fi
 
@@ -150,6 +153,12 @@ check_mysql_setup () {
   fi
   
   if [ ! -z $mysql_admin_password ]; then
+    mysql -u root --password=$mysql_admin_password -e "STATUS;"  &> /dev/null
+    if [ $? -eq 0 ]; then
+        echo "Mysql Root password verified"
+       else 
+        echo "Mysql Root password verification failed!"
+    fi
     if [ ! -z "${ARG_VERBOSE}" ]; then
       echo "Mysql status:"
       mysql -u root --password=$mysql_admin_password -e "STATUS;"

package/scripts/aca/aca_remove_setup.sh

@@ -32,9 +32,9 @@ echo "Removing certificates and config files..."
 
 # Remove /opt/hirs only if not configured by a package basedd install:
 if [ ! -f /etc/hirs/aca/VERSION ]; then
-#  if [ -d "/etc/hirs" ]; then
-#     rm -rf /etc/hirs >/dev/null 2>&1
-#  fi
+  if [ -d "/etc/hirs" ]; then
+     rm -rf /etc/hirs >/dev/null 2>&1
+  fi
   if [ -d "/opt/hirs" ]; then
      rm -rf /opt/hirs >/dev/null 2>&1
   fi

package/scripts/aca/aca_setup.sh

@@ -32,7 +32,7 @@ help () {
 
 # Process parameters Argument handling 
 POSITIONAL_ARGS=()
-ORIGINAL_ARGS=("$@")
+ORIGINAL_ARGS=("$@")grep -i "hirs_db_password" /etc/hirs/aca/aca.properties
 while [[ $# -gt 0 ]]; do
   case $1 in
     -sd|--skip-db)

package/scripts/db/db_create.sh

@@ -158,13 +158,20 @@ set_hirs_db_pwd () {
      if [ -z $HIRS_DB_PWD ]; then
        HIRS_DB_PWD=$(head -c 64 /dev/urandom | md5sum | tr -dc 'a-zA-Z0-9')
      fi
-
-     echo "hirs_db_username=hirs_db" >> $ACA_PROP_FILE
-     echo "hirs_db_password=$HIRS_DB_PWD" >> $ACA_PROP_FILE
-     echo "hibernate.connection.username=hirs_db" >> $SPRING_PROP_FILE
-     echo "hibernate.connection.password=$HIRS_DB_PWD" >> $SPRING_PROP_FILE
+     # Add key/values only if they dont exist
+     if [[ $(sudo grep -c "hirs_db_username" $ACA_PROP_FILE) -eq 0 ]]; then  
+         echo "hirs_db_username=hirs_db" >> $ACA_PROP_FILE
+     fi
+     if [[ $(sudo grep -c "hirs_db_password" $ACA_PROP_FILE) -eq 0 ]]; then
+         echo "hirs_db_password=$HIRS_DB_PWD" >> $ACA_PROP_FILE
+     fi
+     if [[ $(sudo grep -c "hibernate.connection.username" $SPRING_PROP_FILE) -eq 0 ]]; then
+         echo "hibernate.connection.username=hirs_db" >> $SPRING_PROP_FILE
+     fi
+     if [[ $(sudo grep -c "hibernate.connection.password" $SPRING_PROP_FILE) -eq 0 ]]; then
+         echo "hibernate.connection.password=$HIRS_DB_PWD" >> $SPRING_PROP_FILE
+     fi
   fi
-
 }
 
 # Create a hirs_db with client side TLS enabled
@@ -207,7 +214,9 @@ keyStoreType=PKCS12&\
 keyStorePassword=$PKI_PASS&\
 keyStore="$CLIENT_DB_P12" "
 
-echo $CONNECTOR_URL >> $SPRING_PROP_FILE
+if [[ $(sudo grep -c "hibernate.connection.url" $SPRING_PROP_FILE) -eq 0 ]]; then
+     echo $CONNECTOR_URL >> $SPRING_PROP_FILE
+fi
 
 }
 # HIRS ACA Mysqld processing ...

package/scripts/db/db_drop.sh

@@ -30,14 +30,14 @@ fi
 
 echo "dropping hirs_db database"
 
-if pgrep  mysqld >/dev/null 2>&1; then
-     mysql -u root --password=$DB_ADMIN_PWD -e "FLUSH HOSTS; FLUSH LOGS; FLUSH STATUS; FLUSH PRIVILEGES; FLUSH USER_RESOURCES"
-     mysql -u root --password=$DB_ADMIN_PWD -e "DROP USER 'hirs_db'@'localhost';"
-     mysql -u root --password=$DB_ADMIN_PWD -e "DROP DATABASE IF EXISTS hirs_db;"
-     echo "hirs_db database and hirs_db user removed"
-   else
-     echo "mysql is not running. DB was not removed."
-fi
+#if pgrep  mysqld >/dev/null 2>&1; then
+  mysql -u root --password=$DB_ADMIN_PWD -e "FLUSH HOSTS; FLUSH LOGS; FLUSH STATUS; FLUSH PRIVILEGES; FLUSH USER_RESOURCES"
+  mysql -u root --password=$DB_ADMIN_PWD -e "DROP USER 'hirs_db'@'localhost';"
+  mysql -u root --password=$DB_ADMIN_PWD -e "DROP DATABASE IF EXISTS hirs_db;"
+  echo "hirs_db database and hirs_db user removed"
+#   else
+#     echo "mysql is not running. DB was not removed."
+#fi
 
 # reset the mysql root if the password was left in the properties fiel
 if [ ! -z $DB_ADMIN_PWD ]; then

package/scripts/db/mysql_util.sh

@@ -44,6 +44,8 @@ start_mysqlsd () {
   if [ $ID = "ubuntu" ]; then 
      PROCESS="mariadb"
   fi
+   # Make sure log file has correct permissions
+   chown -R mysql:mysql /var/lib/mysql/ >> "$LOG_FILE"
    # Check if mysql is already running, if not initialize
    if [[ $(pgrep -c -u mysql $PROCESS) -eq 0 ]]; then
    # Check if running in a container
@@ -53,7 +55,6 @@ start_mysqlsd () {
          if [ ! -d "/var/lib/mysql/mysql/" ]; then
            echo "Installing mariadb"
            /usr/bin/mysql_install_db >> "$LOG_FILE"
-           chown -R mysql:mysql /var/lib/mysql/ >> "$LOG_FILE"
          fi
          if [[ $PRINT_STATUS == "-p" ]]; then echo "Starting mysql..."; fi
          /usr/bin/mysqld_safe  --skip-syslog  >> "$LOG_FILE" &