From 5abf1bc79f8b32c6638ff98fbe2e4a8dec9a5010 Mon Sep 17 00:00:00 2001

From: "Endi S. Dewata" <edewata@redhat.com>

Date: Thu, 12 Aug 2021 13:26:42 -0500

Subject: [PATCH] Specify PKI installation log paths

The DogtagInstance.spawn_instance() and uninstall() have

been modified to specify the paths of PKI installation

logs using --log-file option on PKI 11.0.0 or later.

This allows IPA to have a full control over the log files

instead of relying on PKI's default log files.

Fixes: https://pagure.io/freeipa/issue/8966

Signed-off-by: Endi Sukma Dewata <edewata@redhat.com>

---

 ipaserver/install/dogtaginstance.py | 35 ++++++++++++++++++++++++++---

 1 file changed, 32 insertions(+), 3 deletions(-)

diff --git a/ipaserver/install/dogtaginstance.py b/ipaserver/install/dogtaginstance.py

index 644acd4eacea22f41a7cd36b54553d6d7cd22690..0d9aebb542f242b81315edd016699697f2fc4091 100644

--- a/ipaserver/install/dogtaginstance.py

+++ b/ipaserver/install/dogtaginstance.py

@@ -36,8 +36,10 @@ from configparser import DEFAULTSECT, ConfigParser, RawConfigParser

 import six

+import pki

 from pki.client import PKIConnection

 import pki.system

+import pki.util

 from ipalib import api, errors, x509

 from ipalib.install import certmonger

@@ -202,6 +204,18 @@ class DogtagInstance(service.Service):

                 "-f", cfg_file,

                 "--debug"]

+        # specify --log-file <path> on PKI 11.0.0 or later

+

+        pki_version = pki.util.Version(pki.specification_version())

+        if pki_version >= pki.util.Version("11.0.0"):

+            timestamp = time.strftime(

+                "%Y%m%d%H%M%S",

+                time.localtime(time.time()))

+            log_file = os.path.join(

+                paths.VAR_LOG_PKI_DIR,

+                "pki-%s-spawn.%s.log" % (self.subsystem.lower(), timestamp))

+            args.extend(["--log-file", log_file])

+

         with open(cfg_file) as f:

             logger.debug(

                 'Contents of pkispawn configuration file (%s):\n%s',

@@ -290,10 +304,25 @@ class DogtagInstance(service.Service):

         if self.is_installed():

             self.print_msg("Unconfiguring %s" % self.subsystem)

+        args = [paths.PKIDESTROY,

+                "-i", "pki-tomcat",

+                "-s", self.subsystem]

+

+        # specify --log-file <path> on PKI 11.0.0 or later

+

+        pki_version = pki.util.Version(pki.specification_version())

+        if pki_version >= pki.util.Version("11.0.0"):

+            timestamp = time.strftime(

+                "%Y%m%d%H%M%S",

+                time.localtime(time.time()))

+            log_file = os.path.join(

+                paths.VAR_LOG_PKI_DIR,

+                "pki-%s-destroy.%s.log" % (self.subsystem.lower(), timestamp))

+            args.extend(["--log-file", log_file])

+

         try:

-            ipautil.run([paths.PKIDESTROY,

-                         "-i", 'pki-tomcat',

-                         "-s", self.subsystem])

+            ipautil.run(args)

+

         except ipautil.CalledProcessError as e:

             logger.critical("failed to uninstall %s instance %s",

                             self.subsystem, e)

-- 

2.31.1