pgreco / rpms / ipa

Forked from forks/areguera/rpms/ipa 4 years ago
Clone
Source Code
GIT

Blame SOURCES/0173-DNSSEC-ipa-dnskeysyncd-call-ods-signer-ldap-cleanup-.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-DL1 c8-beta-stream-client c8-stream-DL1 c8-stream-client
  1.   80f8748478bb05c01261d17bfc6c54d870e00966
  2.   SOURCES
  3.   0173-DNSSEC-ipa-dnskeysyncd-call-ods-signer-ldap-cleanup-.patch
Blob History Raw
e0ab38 
From dbb7b91bf052bc4d5a4f545044e8949b67b511db Mon Sep 17 00:00:00 2001
e0ab38 
From: Petr Spacek <pspacek@redhat.com>
e0ab38 
Date: Sun, 20 Dec 2015 19:35:55 +0100
e0ab38 
Subject: [PATCH] DNSSEC: ipa-dnskeysyncd: call ods-signer ldap-cleanup on zone
e0ab38 
 removal
e0ab38
e0ab38 
Command "ldap-cleanup <zone name>" is called to remove all key metadata from
e0ab38 
LDAP. This command is now called when disabling DNSSEC on a DNS zone. The stale
e0ab38 
metadata were causing problems when re-enabling DNSSEC on the same zone.
e0ab38
e0ab38 
https://fedorahosted.org/freeipa/ticket/5348
e0ab38
e0ab38 
Reviewed-By: Martin Basti <mbasti@redhat.com>
e0ab38 
Reviewed-By: Martin Basti <mbasti@redhat.com>
e0ab38 
---
e0ab38 
 ipapython/dnssec/odsmgr.py | 6 ++++++
e0ab38 
 1 file changed, 6 insertions(+)
e0ab38
e0ab38 
diff --git a/ipapython/dnssec/odsmgr.py b/ipapython/dnssec/odsmgr.py
e0ab38 
index efbe16cc6ebf050d9cf347ed97b2b2e4b37c8a6e..44d94ac3ab9e68feba067e8f14530894bda22855 100644
e0ab38 
--- a/ipapython/dnssec/odsmgr.py
e0ab38 
+++ b/ipapython/dnssec/odsmgr.py
e0ab38 
@@ -152,12 +152,18 @@ class ODSMgr(object):
e0ab38 
         output = self.ksmutil(cmd)
e0ab38 
         self.log.info(output)
e0ab38 
         self.notify_enforcer()
e0ab38 
+        self.cleanup_signer(name)
e0ab38
e0ab38 
     def notify_enforcer(self):
e0ab38 
         cmd = ['notify']
e0ab38 
         output = self.ksmutil(cmd)
e0ab38 
         self.log.info(output)
e0ab38
e0ab38 
+    def cleanup_signer(self, zone_name):
e0ab38 
+        cmd = ['ods-signer', 'ldap-cleanup', str(zone_name)]
e0ab38 
+        output = ipautil.run(cmd, capture_output=True)
e0ab38 
+        self.log.info(output)
e0ab38 
+
e0ab38 
     def ldap_event(self, op, uuid, attrs):
e0ab38 
         """Record single LDAP event - zone addition or deletion.
e0ab38
e0ab38 
--
e0ab38 
2.4.3
e0ab38

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation