pki-upgrade(8)

1pki-upgrade(8)                 PKI Upgrade Tool                 pki-upgrade(8)
2
3
4

NAME

6       pki-upgrade - Tool for upgrading system-wide configuration for Certifi‐
7       cate System.
8
9

SYNOPSIS

11       pki-upgrade [OPTIONS]
12
13

DESCRIPTION

15       There are two parts to upgrading Certificate System: upgrading the sys‐
16       tem  configuration  files  used  by both the client and the server pro‐
17       cesses and upgrading the server configuration files.
18
19       When upgrading Certificate System, the  existing  system  configuration
20       files  (e.g.   /etc/pki/pki.conf)  may  need to be upgraded because the
21       content may have changed from one version to another. The configuration
22       upgrade  is executed automatically during RPM upgrade. However, in case
23       there is a problem, the process can also be  run  manually  using  pki-
24       upgrade.
25
26       The   system  upgrade  process  is  done  incrementally  using  upgrade
27       scriptlets. The upgrade process and scriptlet execution is monitored in
28       upgrade  trackers. A counter shows the latest index number for the most
29       recently executed scriptlet; when all scriptlets have run,  the  compo‐
30       nent tracker shows the updated version number.
31
32       The scriptlets are stored in the upgrade directory:
33              /usr/share/pki/upgrade/<version>/<index>-<name>
34       The  version  is  the  system  version to be upgraded. The index is the
35       script execution order. The name is the scriptlet name.
36
37       During upgrade, the scriptlets will back up all changes to the filesys‐
38       tem into the following folder:
39              /var/log/pki/upgrade/<version>/<index>
40       The  version  and index values indicate the scriptlet being executed. A
41       copy of the files and folders that are being modified or  removed  will
42       be  stored  in oldfiles. The names of the newly-added files and folders
43       will be stored in newfiles.
44
45       The system upgrade process is tracked using this file:
46              /etc/pki/pki.version
47       The file stores the current configuration version and the last success‐
48       ful scriptlet index.
49
50

OPTIONS

52   General options
53       --silent
54              Upgrade in silent mode.
55
56       --status
57              Show upgrade status only without performing the upgrade.
58
59       --revert
60              Revert the last version.
61
62       -X     Show advanced options.
63
64       -v, --verbose
65              Run in verbose mode.
66
67       -h, --help
68              Show this help message.
69
70
71   Advanced options
72       The  advanced  options circumvent the normal component tracking process
73       by changing the scriptlet order or changing the tracker information.
74
75       WARNING: These options may render the system unusable.
76
77
78       --scriptlet-version <version>
79              Run scriptlets for a specific version only.
80
81       --scriptlet-index <index>
82              Run a specific scriptlet only.
83
84       --remove-tracker
85              Remove the tracker.
86
87       --reset-tracker
88              Reset the tracker to match the package version.
89
90       --set-tracker <version>
91              Set the tracker to a specific version.
92
93

OPERATIONS

95   Interactive mode
96       By default, pki-upgrade will run interactively. It will ask for a  con‐
97       firmation before executing each scriptlet.
98
99       % pki-upgrade
100
101       If there is an error, it will stop and show the error.
102
103
104   Silent mode
105       The upgrade process can also be done silently without user interaction:
106
107       % pki-upgrade --silent
108
109       If there is an error, it will stop and show the error.
110
111
112   Checking upgrade status
113       It is possible to check the status of a running upgrade process.
114
115       % pki-upgrade --status
116
117
118   Troubleshooting
119       If there is an error, rerun the upgrade in verbose mode:
120
121       % pki-upgrade --verbose
122
123       Check  the  scriptlet  to see which operations are being executed. Once
124       the error is identified and corrected, the upgrade can  be  resumed  by
125       re-running pki-upgrade.
126
127       It  is  possible  to  rerun  a  failed script by itself, specifying the
128       instance and subsystem, version, and scriptlet index:
129
130       % pki-upgrade --scriptlet-version 10.0.1 --scriptlet-index 1
131
132
133   Reverting an upgrade
134       If necessary, the upgrade can be reverted:
135
136       % pki-upgrade --revert
137
138       Files and folders that were created by the scriptlet will  be  removed.
139       Files  and  folders that were modified or removed by the scriptlet will
140       be restored.
141
142

FILES

144       /usr/sbin/pki-upgrade
145
146

AUTHORS

148       Ade Lee <alee@redhat.com>, Ella Deon Lackey  <dlackey@redhat.com>,  and
149       Endi  Dewata <edewata@redhat.com>.  pki-upgrade was written by the Dog‐
150       tag project.
151
152

COPYRIGHT

154       Copyright (c) 2013 Red Hat, Inc. This is licensed under the GNU General
155       Public  License, version 2 (GPLv2). A copy of this license is available
156       at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
157
158
159
160version 1.0                      Jul 22, 2013                   pki-upgrade(8)