From 98e289720cbe58e2d921ee95d316644c1bb5cce8 Mon Sep 17 00:00:00 2001
From: Martin Basti <mbasti@redhat.com>
Date: Thu, 10 Sep 2015 16:35:54 +0200
Subject: [PATCH] IPA Restore: allows to specify files that should be removed

Some files/directories should be removed before backup files are copied
to filesystem.

In case of DNSSEC, the /var/lib/ipa/dnssec/tokens directory has to be
removed, otherwise tokens that are backed up and existing tokens will be
mixed and SOFTHSM log in will not work

https://fedorahosted.org/freeipa/ticket/5293

Reviewed-By: David Kupka <dkupka@redhat.com>
---
 ipaserver/install/ipa_restore.py | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
index 8960626d0f0e438ef198e2d92803983e520051a8..dc57a4937365ad1db960955cf21e1bf2d2eb3dda 100644
--- a/ipaserver/install/ipa_restore.py
+++ b/ipaserver/install/ipa_restore.py
@@ -128,6 +128,14 @@ class Restore(admintool.AdminTool):
 
     description = "Restore IPA files and databases."
 
+    # directories and files listed here will be removed from filesystem before
+    # files from backup are copied
+    DIRS_TO_BE_REMOVED = [
+        paths.DNSSEC_TOKENS_DIR,
+    ]
+
+    FILES_TO_BE_REMOVED = []
+
     def __init__(self, options, args):
         super(Restore, self).__init__(options, args)
         self._conn = None
@@ -365,6 +373,7 @@ class Restore(admintool.AdminTool):
 
             # We do either a full file restore or we restore data.
             if restore_type == 'FULL':
+                self.remove_old_files()
                 if 'CA' in self.backup_services:
                     create_ca_user()
                 self.cert_restore_prepare()
@@ -640,6 +649,25 @@ class Restore(admintool.AdminTool):
                               (paths.IPA_DEFAULT_CONF, stderr))
         os.chdir(cwd)
 
+    def remove_old_files(self):
+        """
+        Removes all directories, files or temporal files that should be
+        removed before backup files are copied, to prevent errors.
+        """
+        for d in self.DIRS_TO_BE_REMOVED:
+            try:
+                shutil.rmtree(d)
+            except OSError as e:
+                if e.errno != 2:  # 2: dir does not exist
+                    self.log.warning("Could not remove directory: %s (%s)",
+                                     d, e)
+
+        for f in self.FILES_TO_BE_REMOVED:
+            try:
+                os.remove(f)
+            except OSError as e:
+                if e.errno != 2:  # 2: file does not exist
+                    self.log.warning("Could not remove file: %s (%s)", f, e)
 
     def file_restore(self, nologs=False):
         '''
-- 
2.4.3